commit 04e994800c8899b0509e92f8359313e72fdf61d8 Author: booboy Date: Fri Oct 23 04:51:14 2020 -0500 init git diff --git a/containers/docker-compose-elasticsearch-kibana-cluster/docker-compose.yml b/containers/docker-compose-elasticsearch-kibana-cluster/docker-compose.yml new file mode 100644 index 0000000..0f8bb47 --- /dev/null +++ b/containers/docker-compose-elasticsearch-kibana-cluster/docker-compose.yml @@ -0,0 +1,89 @@ +# ./docker-compose.yml + +version: '2.2' +services: + es01: + image: docker.elastic.co/elasticsearch/elasticsearch:7.9.3 + container_name: es01 + environment: + - node.name=es01 + - cluster.name=es-docker-cluster + - discovery.seed_hosts=es02,es03 + - cluster.initial_master_nodes=es01,es02,es03 + - bootstrap.memory_lock=true + - "ES_JAVA_OPTS=-Xms512m -Xmx512m" + ulimits: + memlock: + soft: -1 + hard: -1 + volumes: + - data01:/usr/share/elasticsearch/data + ports: + - 9200:9200 + networks: + - elastic + + es02: + image: docker.elastic.co/elasticsearch/elasticsearch:7.9.3 + container_name: es02 + environment: + - node.name=es02 + - cluster.name=es-docker-cluster + - discovery.seed_hosts=es01,es03 + - cluster.initial_master_nodes=es01,es02,es03 + - bootstrap.memory_lock=true + - "ES_JAVA_OPTS=-Xms512m -Xmx512m" + ulimits: + memlock: + soft: -1 + hard: -1 + volumes: + - data02:/usr/share/elasticsearch/data + ports: + - 9201:9201 + networks: + - elastic + + es03: + image: docker.elastic.co/elasticsearch/elasticsearch:7.9.3 + container_name: es03 + environment: + - node.name=es03 + - cluster.name=es-docker-cluster + - discovery.seed_hosts=es01,es02 + - cluster.initial_master_nodes=es01,es02,es03 + - bootstrap.memory_lock=true + - "ES_JAVA_OPTS=-Xms512m -Xmx512m" + ulimits: + memlock: + soft: -1 + hard: -1 + volumes: + - data03:/usr/share/elasticsearch/data + ports: + - 9202:9202 + networks: + - elastic + + kib01: + image: docker.elastic.co/kibana/kibana:7.9.3 + container_name: kib01 + ports: + - 5601:5601 + environment: + ELASTICSEARCH_URL: http://es01:9200 + ELASTICSEARCH_HOSTS: http://es01:9200 + networks: + - elastic + +volumes: + data01: + driver: local + data02: + driver: local + data03: + driver: local + +networks: + elastic: + driver: bridge diff --git a/containers/domain_registration_tracker/README.md b/containers/domain_registration_tracker/README.md new file mode 100644 index 0000000..ce9dd2c --- /dev/null +++ b/containers/domain_registration_tracker/README.md @@ -0,0 +1,2 @@ +# Domain registration tracker +This will be a container that will be devoted to keeping a running status of newly registered domain names from major registrars on the internet diff --git a/tools/redhat_package_manifest_scraper/README.md b/tools/redhat_package_manifest_scraper/README.md new file mode 100644 index 0000000..85ebff6 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/README.md @@ -0,0 +1,48 @@ +## Step 1: +I used this python script https://github.com/x4nth055/pythoncode-tutorials/tree/master/web-scraping/html-table-extractor +to extract all of the tables from a redhat documentation URL. + +``` +# mk some datadirs +mkdir data +mkdir -p data/redhat8/security_api_results +mkdir -p data/redhat7/security_api_results +mkdir -p data/redhat6/security_api_results + +# run the program to scrape and convert the data to csv +python html_table_extractor.py "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html-single/package_manifest/index" +[+] Found a total of 9 tables. +[+] Saving table-1 +[+] Saving table-2 +[+] Saving table-3 +[+] Saving table-4 +[+] Saving table-5 +[+] Saving table-6 +[+] Saving table-7 +[+] Saving table-8 +[+] Saving table-9 +``` + +This will create a csv file per table found in the html-single page result of a given distro. + +## Step 2: +To process and de-duplicate all of the packages further, I created one master CSV file in each directory for each distro by doing the following filtering on the commandline against each table csv file. + +``` +cat table-* | cut -f 2 -d , | sort | uniq | sort > all_redhat7_rpm_package_manifest.csv +``` + +and this step was repeated for redhat 8, 7, and 6. + +## Step 3: +After creating a list of each base set pkg name in the distro, we can then feed these pkgs into a query against the redhat security api using the following example loop: + +``` +cd data/redhat8 + +for pkg in $(cat all_redhat8_rpm_package_manifest.csv); + do curl "https://access.redhat.com/hydra/rest/securitydata/cve.json?package=$pkg" > ./security_api_results/${pkg}_security_api_results.json; +done +``` + +this will send out api calls to the security api asking for cves in json format of the given pkgname. diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/all_redhat7_rpm_package_manifest.csv b/tools/redhat_package_manifest_scraper/data/redhat7/all_redhat7_rpm_package_manifest.csv new file mode 100644 index 0000000..e49653f --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/all_redhat7_rpm_package_manifest.csv @@ -0,0 +1,4238 @@ +389-ds-base +389-ds-base-libs +abattis-cantarell-fonts +abrt +abrt-addon-ccpp +abrt-addon-kerneloops +abrt-addon-pstoreoops +abrt-addon-python +abrt-addon-vmcore +abrt-addon-xorg +abrt-cli +abrt-console-notification +abrt-dbus +abrt-desktop +abrt-gui +abrt-gui-libs +abrt-java-connector +abrt-libs +abrt-python +abrt-tui +accountsservice +accountsservice-libs +acl +acpid +adcli +adobe-mappings-cmap +adobe-mappings-cmap-deprecated +adobe-mappings-pdf +adwaita-cursor-theme +adwaita-gtk2-theme +adwaita-icon-theme +adwaita-qt +adwaita-qt4 +adwaita-qt5 +agg +aic94xx-firmware +aide +akonadi +akonadi-mysql +alacarte +alsa-firmware +alsa-lib +alsa-lib-devel +alsa-plugins-pulseaudio +alsa-tools-firmware +alsa-utils +amanda +amanda-client +amanda-libs +amanda-server +anaconda +anaconda-core +anaconda-gui +anaconda-tui +anaconda-user-help +anaconda-widgets +ant +antlr-tool +apache-commons-cli +apache-commons-codec +apache-commons-collections +apache-commons-daemon +apache-commons-dbcp +apache-commons-io +apache-commons-lang +apache-commons-logging +apache-commons-pool +appstream-data +apr +apr-devel +apr-util +apr-util-devel +apr-util-openssl +args4j +ark +ark-libs +arptables +arpwatch +at +atk +atk-devel +atkmm +atlas +atlas-sse2 +atlas-sse3 +at-spi2-atk +at-spi2-atk-devel +at-spi2-core +at-spi2-core-devel +attica +attica-devel +attr +audispd-plugins +audit +audit-libs +audit-libs-devel +audit-libs-python +augeas +augeas-libs +authconfig +authconfig-gtk +authd +autoconf +autoconf-archive +autocorr-af +autocorr-bg +autocorr-ca +autocorr-cs +autocorr-da +autocorr-de +autocorr-en +autocorr-es +autocorr-fa +autocorr-fi +autocorr-fr +autocorr-ga +autocorr-hr +autocorr-hu +autocorr-is +autocorr-it +autocorr-ja +autocorr-ko +autocorr-lb +autocorr-lt +autocorr-mn +autocorr-nl +autocorr-pl +autocorr-pt +autocorr-ro +autocorr-ru +autocorr-sk +autocorr-sl +autocorr-sr +autocorr-sv +autocorr-tr +autocorr-vi +autocorr-zh +autofs +autogen-libopts +automake +automoc +avahi +avahi-autoipd +avahi-glib +avahi-gobject +avahi-libs +avahi-ui-gtk3 +avalon-framework +avalon-logkit +awscli +babel +babl +bacula-client +bacula-common +bacula-libs +baobab +basesystem +bash +bash-completion +bc +bcc +bcc-tools +bcel +bea-stax +bea-stax-api +bind +bind-chroot +bind-dyndb-ldap +bind-export-libs +bind-libs +bind-libs-lite +bind-license +bind-pkcs11 +bind-pkcs11-libs +bind-pkcs11-utils +bind-utils +binutils +binutils-devel +biosdevname +bison +bitmap-fixed-fonts +bitmap-lucida-typewriter-fonts +blas +blivet3-data +blktrace +bltk +bluedevil +bluez +bluez-libs +bolt +boost +boost-atomic +boost-chrono +boost-context +boost-date-time +boost-devel +boost-filesystem +boost-graph +boost-iostreams +boost-locale +boost-math +boost-program-options +boost-python +boost-random +boost-regex +boost-serialization +boost-signals +boost-system +boost-test +boost-thread +boost-timer +boost-wave +booth +booth-arbitrator +booth-core +booth-site +booth-test +bpftool +bpg-chveulebrivi-fonts +bpg-courier-fonts +bpg-fonts-common +bpg-glaho-fonts +brasero +brasero-libs +brasero-nautilus +bridge-utils +brlapi +brltty +btrfs-progs +byacc +bzip2 +bzip2-devel +bzip2-libs +bzr +ca-certificates +cachefilesd +cairo +cairo-devel +cairo-gobject +cairo-gobject-devel +cairomm +cal10n +c-ares +c-ares-devel +caribou +caribou-gtk2-module +caribou-gtk3-module +cdparanoia +cdparanoia-libs +cdrdao +celt051 +ceph-common +certmonger +cgdcbxd +check +check-devel +checkpolicy +cheese +cheese-libs +chkconfig +chrome-gnome-shell +chrony +chrpath +cifs-utils +cim-schema +cjkuni-ukai-fonts +cjkuni-uming-fonts +clevis +clevis-dracut +clevis-luks +clevis-systemd +clevis-udisks2 +cloud-init +cloud-utils-growpart +clucene-contribs-lib +clucene-core +clufter-bin +clufter-cli +clufter-common +clufter-lib-ccs +clufter-lib-general +clufter-lib-pcs +clutter +clutter-gst2 +clutter-gst3 +clutter-gtk +cmake +cmpi-bindings-pywbem +cockpit +cockpit-bridge +cockpit-system +cockpit-ws +codemodel +cogl +colord +colord-gtk +colord-kde +colord-libs +color-filesystem +compat-cheese314 +compat-dapl +compat-db47 +compat-db-headers +compat-exiv2-023 +compat-exiv2-026 +compat-gcc-44 +compat-gcc-44-c++ +compat-glade315 +compat-glibc +compat-glibc-headers +compat-gnome-desktop314 +compat-grilo02 +compat-libcap1 +compat-libcogl12 +compat-libcogl-pango12 +compat-libcolord1 +compat-libf2c-34 +compat-libgdata13 +compat-libgfortran-41 +compat-libgnome-bluetooth11 +compat-libgnome-desktop3-7 +compat-libgweather3 +compat-libical1 +compat-libmediaart0 +compat-libpackagekit-glib2-16 +compat-libtiff3 +compat-libupower-glib1 +compat-libxcb +compat-openldap +compat-openmpi16 +compat-opensm-libs +compat-poppler022 +compat-poppler022-glib +compat-poppler022-qt +comps-extras +conman +conntrack-tools +control-center +control-center-filesystem +convmv +coolkey +copy-jdk-configs +coreutils +corosync +corosynclib +corosynclib-devel +corosync-qdevice +corosync-qnetd +cpio +cpp +cpuid +cracklib +cracklib-dicts +crash +crash-gcore-command +crash-ptdump-command +crash-trace-command +crda +createrepo +criu +cronie +cronie-anacron +cronie-noanacron +crontabs +crypto-utils +cryptsetup +cryptsetup-libs +cryptsetup-python +cryptsetup-reencrypt +cscope +ctags +ctags-etags +culmus-aharoni-clm-fonts +culmus-caladings-clm-fonts +culmus-david-clm-fonts +culmus-drugulin-clm-fonts +culmus-ellinia-clm-fonts +culmus-fonts-common +culmus-frank-ruehl-clm-fonts +culmus-hadasim-clm-fonts +culmus-keteryg-fonts +culmus-miriam-clm-fonts +culmus-miriam-mono-clm-fonts +culmus-nachlieli-clm-fonts +culmus-simple-clm-fonts +culmus-stamashkenaz-clm-fonts +culmus-stamsefarad-clm-fonts +culmus-yehuda-clm-fonts +cups +cups-client +cups-devel +cups-filesystem +cups-filters +cups-filters-libs +cups-libs +cups-lpd +cups-pk-helper +curl +custodia +cvs +cyrus-imapd +cyrus-imapd-utils +cyrus-sasl +cyrus-sasl-devel +cyrus-sasl-gssapi +cyrus-sasl-lib +cyrus-sasl-md5 +cyrus-sasl-plain +cyrus-sasl-scram +dapl +daxctl-libs +daxio +dbus +dbus-devel +dbus-glib +dbus-glib-devel +dbus-libs +dbusmenu-qt +dbus-python +dbus-x11 +dbxtool +dconf +dconf-editor +dcraw +dejagnu +dejavu-fonts-common +dejavu-sans-fonts +dejavu-sans-mono-fonts +dejavu-serif-fonts +deltarpm +desktop-file-utils +device-mapper +device-mapper-event +device-mapper-event-libs +device-mapper-libs +device-mapper-multipath +device-mapper-multipath-libs +device-mapper-persistent-data +dhclient +dhcp +dhcp-common +dhcp-libs +dialog +diffstat +diffutils +dleyna-connector-dbus +dleyna-core +dleyna-server +dlm-devel +dlm-lib +dmidecode +dmraid +dmraid-events +dnsmasq +dnssec-trigger +docbook5-schemas +docbook5-style-xsl +docbook-dtds +docbook-simple +docbook-slides +docbook-style-dsssl +docbook-style-xsl +docbook-utils +docbook-utils-pdf +dom4j +dos2unix +dosfstools +dotconf +dovecot +dovecot-mysql +dovecot-pgsql +dovecot-pigeonhole +doxygen +dptfxtract +dracut +dracut-config-generic +dracut-config-rescue +dracut-fips +dracut-fips-aesni +dracut-network +dragon +dropwatch +dstat +dump +dumpet +dvd+rw-tools +dvgrab +dwz +dyninst +e2fsprogs +e2fsprogs-devel +e2fsprogs-libs +easymock2 +ebtables +ecj +ed +edac-utils +efax +efibootmgr +efivar +efivar-libs +ekiga +ElectricFence +elfutils +elfutils-default-yama-scope +elfutils-devel +elfutils-libelf +elfutils-libelf-devel +elfutils-libs +elinks +emacs +emacs-auctex +emacs-common +emacs-filesystem +emacs-gnuplot +emacs-nox +emacs-php-mode +empathy +enchant +enscript +environment-modules +eog +esc +espeak +ethtool +evince +evince-dvi +evince-libs +evince-nautilus +evolution +evolution-data-server +evolution-data-server-devel +evolution-data-server-langpacks +evolution-ews +evolution-ews-langpacks +evolution-help +evolution-langpacks +evolution-mapi +evolution-mapi-langpacks +exempi +exiv2 +exiv2-libs +expat +expat-devel +expect +fabtests +farstream +farstream02 +fcoe-utils +fence-agents-aliyun +fence-agents-all +fence-agents-amt-ws +fence-agents-apc +fence-agents-apc-snmp +fence-agents-aws +fence-agents-azure-arm +fence-agents-bladecenter +fence-agents-brocade +fence-agents-cisco-mds +fence-agents-cisco-ucs +fence-agents-common +fence-agents-compute +fence-agents-drac5 +fence-agents-eaton-snmp +fence-agents-emerson +fence-agents-eps +fence-agents-gce +fence-agents-heuristics-ping +fence-agents-hpblade +fence-agents-ibmblade +fence-agents-ifmib +fence-agents-ilo2 +fence-agents-ilo-moonshot +fence-agents-ilo-mp +fence-agents-ilo-ssh +fence-agents-intelmodular +fence-agents-ipdu +fence-agents-ipmilan +fence-agents-kdump +fence-agents-lpar +fence-agents-mpath +fence-agents-redfish +fence-agents-rhevm +fence-agents-rsa +fence-agents-rsb +fence-agents-sbd +fence-agents-scsi +fence-agents-vmware-rest +fence-agents-vmware-soap +fence-agents-wti +fence-agents-zvm +fence-virt +fence-virtd +fence-virtd-libvirt +fence-virtd-multicast +fence-virtd-serial +festival +festival-freebsoft-utils +festival-lib +festival-speechtools-libs +festvox-slt-arctic-hts +fetchmail +fftw +fftw-devel +fftw-libs +fftw-libs-double +fftw-libs-long +fftw-libs-single +fftw-static +file +filebench +file-libs +file-roller +file-roller-nautilus +filesystem +findutils +finger +finger-server +fio +fipscheck +fipscheck-lib +firefox +firewall-config +firewalld +firewalld-filesystem +firstboot +flac-libs +flatpak +flatpak-libs +flex +flite +fltk +flute +folks +fontawesome-fonts +fontconfig +fontconfig-devel +fontpackages-filesystem +fonts-tweak-tool +foomatic +foomatic-db +foomatic-db-filesystem +foomatic-db-ppds +foomatic-filters +fprintd +fprintd-pam +freeglut +freeglut-devel +freeipmi +freeipmi-bmc-watchdog +freeipmi-ipmidetectd +freeradius +freerdp +freerdp-libs +freetype +freetype-devel +frei0r-plugins +fribidi +fribidi-devel +fros +ftp +fuse +fuse-devel +fuseiso +fuse-libs +fwupd +fwupdate +fwupdate-efi +fwupdate-libs +fxload +gamin +gavl +gawk +gc +gcc +gcc-c++ +gcc-gfortran +gcc-gnat +gcc-objc +gcc-objc++ +GConf2 +gconf-editor +gcr +gcr-devel +gd +gdb +gdb-gdbserver +gdbm +gdbm-devel +gdisk +gdk-pixbuf2 +gdk-pixbuf2-devel +gdm +gedit +gedit-plugin-bookmarks +gedit-plugin-bracketcompletion +gedit-plugin-charmap +gedit-plugin-codecomment +gedit-plugin-colorpicker +gedit-plugin-colorschemer +gedit-plugin-commander +gedit-plugin-drawspaces +gedit-plugin-joinlines +gedit-plugin-multiedit +gedit-plugins +gedit-plugins-data +gedit-plugin-smartspaces +gedit-plugin-synctex +gedit-plugin-terminal +gedit-plugin-textsize +gedit-plugin-wordcompletion +gegl +genisoimage +genwqe-tools +genwqe-zlib +geoclue +geoclue2 +geoclue2-libs +geocode-glib +geocode-glib-devel +GeoIP +geoipupdate +geolite2-city +geolite2-country +geronimo-annotation +geronimo-jms +geronimo-jta +gettext +gettext-common-devel +gettext-devel +gettext-libs +gfs2-utils +ghostscript +ghostscript-chinese +ghostscript-cups +ghostscript-fonts +giflib +gimp +gimp-data-extras +gimp-help +gimp-libs +git +gjs +glade-libs +glassfish-dtd-parser +glassfish-fastinfoset +glassfish-jaxb +glassfish-jaxb-api +glib2 +glib2-devel +glibc +glibc-common +glibc-devel +glibc-headers +glibc-utils +glibmm24 +glib-networking +gl-manpages +glusterfs +glusterfs-api +glusterfs-cli +glusterfs-client-xlators +glusterfs-fuse +glusterfs-libs +glusterfs-rdma +glx-utils +gmp +gmp-devel +gnome-abrt +gnome-bluetooth +gnome-bluetooth-libs +gnome-boxes +gnome-calculator +gnome-classic-session +gnome-clocks +gnome-color-manager +gnome-common +gnome-contacts +gnome-desktop3 +gnome-desktop3-devel +gnome-dictionary +gnome-disk-utility +gnome-documents +gnome-documents-libs +gnome-font-viewer +gnome-getting-started-docs +gnome-icon-theme +gnome-icon-theme-extras +gnome-icon-theme-legacy +gnome-icon-theme-symbolic +gnome-initial-setup +gnome-keyring +gnome-keyring-pam +gnome-menus +gnome-online-accounts +gnome-online-accounts-devel +gnome-online-miners +gnome-packagekit +gnome-packagekit-common +gnome-packagekit-installer +gnome-packagekit-updater +gnome-python2 +gnome-python2-bonobo +gnome-python2-canvas +gnome-python2-gconf +gnome-python2-gnome +gnome-python2-gnomevfs +gnome-screenshot +gnome-session +gnome-session-xsession +gnome-settings-daemon +gnome-shell +gnome-shell-extension-alternate-tab +gnome-shell-extension-apps-menu +gnome-shell-extension-common +gnome-shell-extension-horizontal-workspaces +gnome-shell-extension-launch-new-instance +gnome-shell-extension-places-menu +gnome-shell-extension-top-icons +gnome-shell-extension-user-theme +gnome-shell-extension-window-list +gnome-software +gnome-system-log +gnome-system-monitor +gnome-terminal +gnome-terminal-nautilus +gnome-themes-standard +gnome-tweak-tool +gnome-user-docs +gnome-vfs2 +gnome-video-effects +gnome-weather +gnote +gnu-free-fonts-common +gnu-free-mono-fonts +gnu-free-sans-fonts +gnu-free-serif-fonts +gnupg2 +gnuplot +gnuplot-common +gnutls +gnutls-c++ +gnutls-dane +gnutls-devel +gnutls-utils +gobject-introspection +gobject-introspection-devel +gom +google-crosextra-caladea-fonts +google-crosextra-carlito-fonts +google-noto-emoji-color-fonts +google-noto-emoji-fonts +google-noto-fonts-common +google-noto-sans-armenian-fonts +google-noto-sans-devanagari-fonts +google-noto-sans-devanagari-ui-fonts +google-noto-sans-ethiopic-fonts +google-noto-sans-fonts +google-noto-sans-georgian-fonts +google-noto-sans-hebrew-fonts +google-noto-sans-khmer-fonts +google-noto-sans-khmer-ui-fonts +google-noto-sans-lao-fonts +google-noto-sans-lao-ui-fonts +google-noto-sans-tamil-fonts +google-noto-sans-tamil-ui-fonts +google-noto-sans-thai-fonts +google-noto-sans-thai-ui-fonts +google-noto-sans-ui-fonts +google-noto-serif-armenian-fonts +google-noto-serif-fonts +google-noto-serif-georgian-fonts +google-noto-serif-lao-fonts +google-noto-serif-thai-fonts +gperftools-libs +gpgme +gpm +gpm-libs +grantlee +graphite2 +graphite2-devel +graphviz +graphviz-tcl +grep +grilo +grilo-plugins +groff-base +grub2 +grub2-common +grub2-efi-ia32 +grub2-efi-ia32-modules +grub2-efi-x64 +grub2-efi-x64-modules +grub2-pc +grub2-pc-modules +grub2-ppc64 +grub2-ppc64le +grub2-ppc64le-modules +grub2-ppc64-modules +grub2-tools +grub2-tools-extra +grub2-tools-minimal +grubby +gsettings-desktop-schemas +gsettings-desktop-schemas-devel +gsl +gsl-devel +gsm +gsound +gspell +gssdp +gssproxy +gstreamer +gstreamer1 +gstreamer1-devel +gstreamer1-plugins-bad-free +gstreamer1-plugins-bad-free-gtk +gstreamer1-plugins-base +gstreamer1-plugins-base-devel +gstreamer1-plugins-good +gstreamer1-plugins-ugly-free +gstreamer-plugins-bad-free +gstreamer-plugins-base +gstreamer-plugins-good +gstreamer-tools +gtk2 +gtk2-devel +gtk2-devel-docs +gtk2-immodule-xim +gtk3 +gtk3-devel +gtk3-immodule-xim +gtkhtml3 +gtkmm24 +gtkmm30 +gtksourceview3 +gtkspell +gtkspell3 +gtk-update-icon-cache +gtk-vnc2 +guava +gubbi-fonts +gucharmap +gucharmap-libs +gupnp +gupnp-av +gupnp-dlna +gupnp-igd +gutenprint +gutenprint-cups +gutenprint-plugin +gvfs +gvfs-afc +gvfs-afp +gvfs-archive +gvfs-client +gvfs-devel +gvfs-fuse +gvfs-goa +gvfs-gphoto2 +gvfs-mtp +gvfs-smb +gvnc +gwenview +gwenview-libs +gzip +hamcrest +haproxy +hardlink +harfbuzz +harfbuzz-devel +harfbuzz-icu +hawkey +hdparm +hesiod +hexedit +hicolor-icon-theme +highcontrast-qt5 +highlight +hivex +hmaccalc +hostname +hpijs +hplip +hplip-common +hplip-gui +hplip-libs +hsakmt +hsqldb +httpcomponents-client +httpcomponents-core +httpd +httpd-devel +httpd-manual +httpd-tools +http-parser +hunspell +hunspell-af +hunspell-ak +hunspell-am +hunspell-ar +hunspell-as +hunspell-ast +hunspell-az +hunspell-be +hunspell-ber +hunspell-bg +hunspell-bn +hunspell-br +hunspell-ca +hunspell-cop +hunspell-cs +hunspell-csb +hunspell-cv +hunspell-cy +hunspell-da +hunspell-de +hunspell-devel +hunspell-dsb +hunspell-el +hunspell-en +hunspell-en-GB +hunspell-en-US +hunspell-eo +hunspell-es +hunspell-et +hunspell-eu +hunspell-fa +hunspell-fj +hunspell-fo +hunspell-fr +hunspell-fur +hunspell-fy +hunspell-ga +hunspell-gd +hunspell-gl +hunspell-grc +hunspell-gu +hunspell-gv +hunspell-haw +hunspell-he +hunspell-hi +hunspell-hil +hunspell-hr +hunspell-hsb +hunspell-ht +hunspell-hu +hunspell-hy +hunspell-ia +hunspell-id +hunspell-is +hunspell-it +hunspell-kk +hunspell-km +hunspell-kn +hunspell-ko +hunspell-ku +hunspell-ky +hunspell-la +hunspell-lb +hunspell-ln +hunspell-lt +hunspell-lv +hunspell-mai +hunspell-mg +hunspell-mi +hunspell-mk +hunspell-ml +hunspell-mn +hunspell-mos +hunspell-mr +hunspell-ms +hunspell-mt +hunspell-nb +hunspell-nds +hunspell-ne +hunspell-nl +hunspell-nn +hunspell-nr +hunspell-nso +hunspell-ny +hunspell-oc +hunspell-om +hunspell-or +hunspell-pa +hunspell-pl +hunspell-pt +hunspell-qu +hunspell-quh +hunspell-ro +hunspell-ru +hunspell-rw +hunspell-sc +hunspell-se +hunspell-shs +hunspell-si +hunspell-sk +hunspell-sl +hunspell-smj +hunspell-so +hunspell-sq +hunspell-sr +hunspell-ss +hunspell-st +hunspell-sv +hunspell-sw +hunspell-ta +hunspell-te +hunspell-tet +hunspell-th +hunspell-ti +hunspell-tk +hunspell-tl +hunspell-tn +hunspell-tpi +hunspell-ts +hunspell-uk +hunspell-ur +hunspell-uz +hunspell-ve +hunspell-vi +hunspell-wa +hunspell-xh +hunspell-yi +hunspell-zu +hwdata +hwloc +hwloc-libs +hyperv-daemons +hyperv-daemons-license +hypervfcopyd +hypervkvpd +hypervvssd +hyphen +hyphen-af +hyphen-as +hyphen-be +hyphen-bg +hyphen-bn +hyphen-ca +hyphen-cs +hyphen-cy +hyphen-da +hyphen-de +hyphen-el +hyphen-en +hyphen-es +hyphen-et +hyphen-eu +hyphen-fa +hyphen-fo +hyphen-fr +hyphen-ga +hyphen-gl +hyphen-grc +hyphen-gu +hyphen-hi +hyphen-hr +hyphen-hsb +hyphen-hu +hyphen-ia +hyphen-id +hyphen-is +hyphen-it +hyphen-kn +hyphen-ku +hyphen-lt +hyphen-lv +hyphen-mi +hyphen-ml +hyphen-mn +hyphen-mr +hyphen-nb +hyphen-nl +hyphen-nn +hyphen-or +hyphen-pa +hyphen-pl +hyphen-pt +hyphen-ro +hyphen-ru +hyphen-sa +hyphen-sk +hyphen-sl +hyphen-sr +hyphen-sv +hyphen-ta +hyphen-te +hyphen-tk +hyphen-uk +hyphen-zu +i2c-tools +ibacm +ibus +ibus-chewing +ibus-gtk2 +ibus-gtk3 +ibus-hangul +ibus-kkc +ibus-libpinyin +ibus-libs +ibus-m17n +ibus-qt +ibus-rawcode +ibus-sayura +ibus-setup +ibus-table +ibus-table-chinese +ibus-typing-booster +ibutils +ibutils-libs +icedax +icedtea-web +icoutils +ilmbase +ima-evm-utils +ImageMagick +ImageMagick-c++ +ImageMagick-perl +imake +im-chooser +im-chooser-common +imsettings +imsettings-gsettings +imsettings-libs +imsettings-qt +indent +infiniband-diags +infinipath-psm +info +iniparser +initial-setup +initial-setup-gui +initscripts +inkscape +insights-client +intel-cmt-cat +intltool +iok +iotop +iowatcher +ipa-client +ipa-client-common +ipa-common +ipa-gothic-fonts +ipa-mincho-fonts +ipa-pgothic-fonts +ipa-pmincho-fonts +ipa-python-compat +ipa-server +ipa-server-common +ipa-server-dns +ipa-server-trust-ad +iperf3 +ipmitool +iproute +iprutils +ipset +ipset-libs +ipset-service +ipsilon +ipsilon-authform +ipsilon-authgssapi +ipsilon-authldap +ipsilon-base +ipsilon-client +ipsilon-filesystem +ipsilon-infosssd +ipsilon-persona +ipsilon-saml2 +ipsilon-saml2-base +ipsilon-tools-ipa +iptables +iptables-devel +iptables-services +iptraf-ng +iptstate +iputils +ipvsadm +ipxe-bootimgs +ipxe-roms-qemu +irqbalance +irssi +iscsi-initiator-utils +iscsi-initiator-utils-iscsiuio +isdn4k-utils +isns-utils +iso-codes +isomd5sum +isorelax +istack-commons +itstool +ivtv-firmware +iw +iwl1000-firmware +iwl100-firmware +iwl105-firmware +iwl135-firmware +iwl2000-firmware +iwl2030-firmware +iwl3160-firmware +iwl3945-firmware +iwl4965-firmware +iwl5000-firmware +iwl5150-firmware +iwl6000-firmware +iwl6000g2a-firmware +iwl6000g2b-firmware +iwl6050-firmware +iwl7260-firmware +iwpmd +ixpdimm_sw +jackson +jakarta-commons-httpclient +jakarta-oro +jakarta-taglibs-standard +jansson +jasper-libs +java-11-openjdk +java-11-openjdk-devel +java-11-openjdk-headless +java-1.6.0-openjdk +java-1.6.0-openjdk-devel +java-1.7.0-openjdk +java-1.7.0-openjdk-devel +java-1.7.0-openjdk-headless +java-1.7.1-ibm +java-1.7.1-ibm-demo +java-1.7.1-ibm-devel +java-1.7.1-ibm-jdbc +java-1.7.1-ibm-plugin +java-1.7.1-ibm-src +java-1.8.0-ibm +java-1.8.0-ibm-demo +java-1.8.0-ibm-devel +java-1.8.0-ibm-jdbc +java-1.8.0-ibm-plugin +java-1.8.0-ibm-src +java-1.8.0-openjdk +java-1.8.0-openjdk-devel +java-1.8.0-openjdk-headless +java-atk-wrapper +javamail +javapackages-tools +javassist +jaxen +jbigkit-libs +jboss-annotations-1.1-api +jdom +jettison +jing +jline +jna +joda-convert +joda-time +jomolhari-fonts +jose +js +json-c +json-glib +json-glib-devel +jsr-311 +jss +junit +jvnet-parent +k3b +k3b-common +k3b-libs +kabi-yum-plugins +kaccessible +kaccessible-libs +kacst-art-fonts +kacst-book-fonts +kacst-decorative-fonts +kacst-digital-fonts +kacst-farsi-fonts +kacst-fonts-common +kacst-letter-fonts +kacst-naskh-fonts +kacst-office-fonts +kacst-one-fonts +kacst-pen-fonts +kacst-poster-fonts +kacst-qurn-fonts +kacst-screen-fonts +kacst-title-fonts +kacst-titlel-fonts +kactivities +kamera +kate-part +kbd +kbd-legacy +kbd-misc +kcalc +kcharselect +kcm_colors +kcm-gtk +kcm_touchpad +kcolorchooser +kcoloredit +kdeaccessibility +kdeadmin +kdeartwork-screensavers +kde-baseapps +kde-baseapps-libs +kde-base-artwork +kde-filesystem +kdegraphics-devel +kdegraphics-libs +kdegraphics-strigi-analyzer +kdegraphics-thumbnailers +kde-l10n +kdelibs +kdelibs-common +kdelibs-devel +kdelibs-ktexteditor +kdenetwork-common +kdenetwork-devel +kdenetwork-kdnssd +kdenetwork-kget +kdenetwork-kget-libs +kdenetwork-kopete +kdenetwork-kopete-devel +kdenetwork-kopete-libs +kdenetwork-krdc +kdenetwork-krdc-devel +kdenetwork-krdc-libs +kdenetwork-krfb +kdenetwork-krfb-libs +kdepim +kdepim-devel +kdepim-libs +kdepimlibs +kdepimlibs-akonadi +kdepimlibs-devel +kdepimlibs-kxmlrpcclient +kdepim-runtime +kdepim-runtime-libs +kdeplasma-addons +kdeplasma-addons-libs +kde-plasma-networkmanagement +kde-plasma-networkmanagement-libs +kde-print-manager +kde-runtime +kde-runtime-drkonqi +kde-runtime-libs +kdesdk-common +kdesdk-devel +kdesdk-kmtrace +kdesdk-kmtrace-devel +kdesdk-kmtrace-libs +kdesdk-kompare +kdesdk-kompare-devel +kdesdk-kompare-libs +kdesdk-okteta +kdesdk-okteta-devel +kdesdk-okteta-libs +kde-settings +kde-settings-ksplash +kde-settings-plasma +kde-settings-pulseaudio +kde-style-oxygen +kdeutils-minimal +kde-workspace +kde-workspace-devel +kde-workspace-libs +kdf +keepalived +kernel +kernel-abi-whitelists +kernel-bootwrapper +kernel-debug +kernel-debug-devel +kernel-devel +kernel-doc +kernel-headers +kernel-kdump +kernel-kdump-devel +kernel-tools +kernel-tools-libs +kexec-tools +keybinder3 +keycloak-httpd-client-install +keyutils +keyutils-libs +keyutils-libs-devel +kgpg +kgreeter-plugins +khmeros-base-fonts +khmeros-battambang-fonts +khmeros-bokor-fonts +khmeros-fonts-common +khmeros-handwritten-fonts +khmeros-metal-chrieng-fonts +khmeros-muol-fonts +khmeros-siemreap-fonts +khotkeys +khotkeys-libs +kiconedit +kinfocenter +kio_sysinfo +kmag +kmenuedit +kmix +kmod +kmod-kvdo +kmod-libs +kmod-oracleasm +kolourpaint +kolourpaint-libs +konkretcmpi +konkretcmpi-python +konsole +konsole-part +kpartx +kpatch +krb5-devel +krb5-libs +krb5-pkinit +krb5-server +krb5-server-ldap +krb5-workstation +kruler +ksaneplugin +ksc +kscreen +ksh +ksnapshot +ksshaskpass +ksysguard +ksysguardd +ksysguard-libs +ktimer +kurdit-unikurd-web-fonts +kwallet +kwin +kwin-gles-libs +kwin-libs +kwrite +langtable +langtable-data +langtable-python +lapack +lasso +lasso-python +latencytop +latencytop-common +latencytop-tui +latrace +lcms2 +ldapjdk +ldns +ledmon +less +lftp +libabw +libacl +libacl-devel +libaio +libaio-devel +libao +libappindicator-gtk3 +libappstream-glib +libarchive +libart_lgpl +libassuan +libasyncns +libatasmart +libatomic +libatomic-static +libattr +libattr-devel +libavc1394 +libbase +libbasicobjects +libblkid +libblkid-devel +libblockdev +libblockdev-crypto +libblockdev-fs +libblockdev-loop +libblockdev-lvm +libblockdev-mdraid +libblockdev-nvdimm +libblockdev-part +libblockdev-swap +libblockdev-utils +libbluedevil +libbluray +libbonobo +libbonoboui +libburn +libbytesize +libcacard +libcacard-tools +libcanberra +libcanberra-devel +libcanberra-gtk2 +libcanberra-gtk3 +libcap +libcap-devel +libcap-ng +libcap-ng-devel +libcdio +libcdio-paranoia +libcdr +libcgroup +libcgroup-tools +libchamplain +libchamplain-gtk +libchewing +libcmis +libcmpiCppImpl0 +libcmpiutil +libcollection +libcom_err +libcom_err-devel +libconfig +libcroco +libcryptui +libcurl +libcurl-devel +libcxl +libdaemon +libdb +libdb-cxx +libdb-devel +libdbi +libdbi-dbd-mysql +libdbi-dbd-pgsql +libdbi-drivers +libdbusmenu +libdbusmenu-gtk3 +libdb-utils +libdfp +libdfp-devel +libdhash +libdmapsharing +libdmx +libdnet +libdrm +libdrm-devel +libdv +libdvdnav +libdvdread +libdwarf +libeasyfc +libeasyfc-gobject +libecap +libedit +libehca +libepoxy +libepoxy-devel +liberation-fonts +liberation-fonts-common +liberation-mono-fonts +liberation-narrow-fonts +liberation-sans-fonts +liberation-serif-fonts +libesmtp +libestr +libetonyek +libevdev +libevent +libexif +libexttextcat +libfabric +libfastjson +libfdt +libffi +libffi-devel +libfontenc +libfonts +libformula +libfprint +libfreehand +libgcab1 +libgcc +libgcrypt +libgcrypt-devel +libgdata +libgdata-devel +libgdither +libgee +libgee06 +libgepub +libgexiv2 +libgfortran +libgfortran4 +libgfortran5 +libglade2 +libGLEW +libglvnd +libglvnd-core-devel +libglvnd-devel +libglvnd-egl +libglvnd-gles +libglvnd-glx +libglvnd-opengl +libgnat +libgnat-devel +libgnome +libgnomecanvas +libgnomekbd +libgnome-keyring +libgnome-keyring-devel +libgnomeui +libgomp +libgovirt +libgpg-error +libgpg-error-devel +libgphoto2 +libgpod +libgs +libgsf +libgtop2 +libgudev1 +libgudev1-devel +libguestfs +libguestfs-inspect-icons +libguestfs-java +libguestfs-tools +libguestfs-tools-c +libguestfs-winsupport +libguestfs-xfs +libgusb +libgweather +libgweather-devel +libgxps +libhangul +libhbaapi +libhbalinux +libhif +libhugetlbfs +libhugetlbfs-devel +libhugetlbfs-utils +libibcommon +libibmad +libibumad +libibverbs +libibverbs-utils +libica +libical +libical-devel +libICE +libICE-devel +libicu +libicu-devel +libIDL +libidn +libiec61883 +libieee1284 +libieee1284-devel +libimobiledevice +libindicator-gtk3 +libini_config +libinput +libinvm-cim +libinvm-cli +libinvm-i18n +libiodbc +libipa_hbac +libiptcdata +libiscsi +libisofs +libitm +libitm-devel +libjose +libjpeg-turbo +libjpeg-turbo-devel +libkadm5 +libkcddb +libkdcraw +libkdcraw-devel +libkexiv2 +libkexiv2-devel +libkipi +libkipi-devel +libkkc +libkkc-common +libkkc-data +libksane +libksane-devel +libkscreen +libkworkspace +liblangtag +liblayout +libldb +libloader +liblockfile +liblouis +liblouis-python +libluksmeta +libmatchbox +libmaxminddb +libmbim +libmbim-utils +libmediaart +libmemcached +libmicrohttpd +libmng +libmng-devel +libmnl +libmodman +libmount +libmpc +libmpcdec +libmsn +libmspack +libmspub +libmtp +libmusicbrainz +libmusicbrainz5 +libmwaw +libmx +libndp +libnet +libnetfilter_conntrack +libnetfilter_cthelper +libnetfilter_cttimeout +libnetfilter_queue +libnfnetlink +libnfsidmap +libnftnl +libnice +libnl +libnl3 +libnl3-cli +libnl-devel +libnma +libnm-gtk +libnotify +libnotify-devel +libntlm +liboauth +liboauth-devel +libobjc +libocxl +libodfgen +libofa +libogg +libopenraw +liborcus +libosinfo +libotf +libpagemaker +libpaper +libpath_utils +libpcap +libpciaccess +libpeas +libpeas-gtk +libpeas-loader-python +libpfm +libpfm-devel +libpinyin +libpinyin-data +libpipeline +libplist +libpmem +libpmemblk +libpmemlog +libpmemobj +libpmempool +libpng +libpng12 +libpng-devel +libproxy +libproxy-mozjs +libpsm2 +libpurple +libpwquality +libqb +libqb-devel +libqmi +libqmi-utils +libquadmath +libquadmath-devel +libquvi +libquvi-scripts +librabbitmq +librados2 +LibRaw +libraw1394 +librbd1 +librdkafka +librdmacm +librdmacm-utils +libref_array +librelp +libreoffice-base +libreoffice-calc +libreoffice-core +libreoffice-data +libreoffice-draw +libreoffice-emailmerge +libreoffice-filters +libreoffice-graphicfilter +libreoffice-gtk2 +libreoffice-gtk3 +libreoffice-impress +libreofficekit +libreoffice-langpack-en +libreoffice-math +libreoffice-ogltrans +libreoffice-opensymbol-fonts +libreoffice-pdfimport +libreoffice-pyuno +libreoffice-ure +libreoffice-ure-common +libreoffice-voikko +libreoffice-wiki-publisher +libreoffice-writer +libreoffice-x11 +libreoffice-xsltfilter +librepo +libreport +libreport-anaconda +libreport-cli +libreport-filesystem +libreport-gtk +libreport-plugin-bugzilla +libreport-plugin-mailx +libreport-plugin-reportuploader +libreport-plugin-rhtsupport +libreport-plugin-ureport +libreport-python +libreport-rhel +libreport-rhel-anaconda-bugzilla +libreport-web +librepository +libreswan +librevenge +librpmem +librsvg2 +librsvg2-devel +librsvg2-tools +librtas +libsamplerate +libsane-hpaio +libseccomp +libsecret +libsecret-devel +libselinux +libselinux-devel +libselinux-python +libselinux-python3 +libselinux-ruby +libselinux-utils +libsemanage +libsemanage-python +libsepol +libsepol-devel +libserializer +libservicelog +libsexy +libshout +libsigc++20 +libSM +libsmartcols +libsmbclient +libsmbios +libSM-devel +libsmi +libsndfile +libsolv +libsoup +libsoup-devel +libspectre +libspiro +libsrtp +libss +libssh2 +libsss_autofs +libsss_certmap +libsss_idmap +libsss_nss_idmap +libsss_simpleifp +libsss_sudo +libstaroffice +libstdc++ +libstdc++-devel +libstdc++-docs +libstoragemgmt +libstoragemgmt-arcconf-plugin +libstoragemgmt-hpsa-plugin +libstoragemgmt-local-plugin +libstoragemgmt-megaraid-plugin +libstoragemgmt-nfs-plugin +libstoragemgmt-nfs-plugin-clibs +libstoragemgmt-nstor-plugin +libstoragemgmt-python +libstoragemgmt-python-clibs +libstoragemgmt-smis-plugin +libstoragemgmt-targetd-plugin +libstoragemgmt-udev +libsysfs +libtalloc +libtar +libtasn1 +libtasn1-devel +libtdb +libteam +libtevent +libthai +libtheora +libtiff +libtiff-devel +libtimezonemap +libtirpc +libtool +libtool-ltdl +libtool-ltdl-devel +libtranslit +libtranslit-m17n +libudisks2 +libunistring +libunwind +libusal +libusb +libusbmuxd +libusbx +libusbx-devel +libuser +libuser-python +libusnic_verbs +libutempter +libuuid +libuuid-devel +libv4l +libva +libva-devel +libvdpau +libverto +libverto-devel +libverto-libevent +libverto-tevent +libvirt +libvirt-bash-completion +libvirt-cim +libvirt-client +libvirt-daemon +libvirt-daemon-config-network +libvirt-daemon-config-nwfilter +libvirt-daemon-driver-interface +libvirt-daemon-driver-lxc +libvirt-daemon-driver-network +libvirt-daemon-driver-nodedev +libvirt-daemon-driver-nwfilter +libvirt-daemon-driver-qemu +libvirt-daemon-driver-secret +libvirt-daemon-driver-storage +libvirt-daemon-driver-storage-core +libvirt-daemon-driver-storage-disk +libvirt-daemon-driver-storage-gluster +libvirt-daemon-driver-storage-iscsi +libvirt-daemon-driver-storage-logical +libvirt-daemon-driver-storage-mpath +libvirt-daemon-driver-storage-rbd +libvirt-daemon-driver-storage-scsi +libvirt-daemon-kvm +libvirt-devel +libvirt-docs +libvirt-gconfig +libvirt-glib +libvirt-gobject +libvirt-java +libvirt-java-devel +libvirt-libs +libvirt-python +libvirt-snmp +libvisio +libvisual +libvma +libvmem +libvmmalloc +libvncserver +libvoikko +libvorbis +libvpd +libvpx +libwacom +libwacom-data +libwayland-client +libwayland-cursor +libwayland-egl +libwayland-server +libwbclient +libwebp +libwinpr +libwmf +libwmf-lite +libwnck3 +libwpd +libwpg +libwps +libwsman1 +libwvstreams +libX11 +libX11-common +libX11-devel +libXau +libXau-devel +libXaw +libXaw-devel +libxcb +libxcb-devel +libXcomposite +libXcomposite-devel +libXcursor +libXcursor-devel +libXdamage +libXdamage-devel +libXdmcp +libXevie +libXext +libXext-devel +libXfixes +libXfixes-devel +libXfont +libXfont2 +libXft +libXft-devel +libXi +libXi-devel +libXinerama +libXinerama-devel +libxkbcommon +libxkbcommon-devel +libxkbcommon-x11 +libxkbfile +libxkbfile-devel +libxklavier +libxml2 +libxml2-devel +libxml2-python +libXmu +libXmu-devel +libXp +libXp-devel +libXpm +libXpm-devel +libXrandr +libXrandr-devel +libXrender +libXrender-devel +libXres +libXScrnSaver +libXScrnSaver-devel +libxshmfence +libxshmfence-devel +libxslt +libxslt-devel +libXt +libXt-devel +libXtst +libXtst-devel +libXv +libXv-devel +libXvMC +libXxf86dga +libXxf86misc +libXxf86misc-devel +libXxf86vm +libXxf86vm-devel +libyami +libyaml +libzapojit +libzfcphbaapi +libzip +libzmf +linuxconsoletools +linux-firmware +linuxptp +lklug-fonts +lksctp-tools +lldpad +llvm-private +lm_sensors +lm_sensors-devel +lm_sensors-libs +lockdev +log4cxx +log4j +logrotate +logwatch +lohit-assamese-fonts +lohit-bengali-fonts +lohit-devanagari-fonts +lohit-gujarati-fonts +lohit-kannada-fonts +lohit-malayalam-fonts +lohit-marathi-fonts +lohit-nepali-fonts +lohit-oriya-fonts +lohit-punjabi-fonts +lohit-tamil-fonts +lohit-telugu-fonts +lorax +lpsolve +lrzsz +lshw +lsof +lsscsi +lsvpd +ltrace +lua +luksmeta +lvm2 +lvm2-libs +lvm2-python-boom +lvm2-python-libs +lz4 +lzo +lzo-minilzo +lzop +m17n-contrib +m17n-db +m17n-lib +m2crypto +m4 +madan-fonts +mailcap +mailman +mailx +make +malaga-suomi-voikko +mallard-rng +man-db +man-pages +man-pages-cs +man-pages-es +man-pages-es-extra +man-pages-fr +man-pages-it +man-pages-ja +man-pages-ko +man-pages-overrides +man-pages-pl +man-pages-ru +man-pages-zh-CN +mariadb +mariadb-bench +mariadb-devel +mariadb-libs +mariadb-server +mariadb-test +marisa +matchbox-window-manager +mc +mcelog +mcstrans +mdadm +meanwhile +media-player-info +memcached +memkind +memstomp +memtest86+ +mercurial +mesa-dri-drivers +mesa-filesystem +mesa-khr-devel +mesa-libEGL +mesa-libEGL-devel +mesa-libgbm +mesa-libGL +mesa-libglapi +mesa-libGL-devel +mesa-libGLES +mesa-libGLU +mesa-libGLU-devel +mesa-libGLw +mesa-libGLw-devel +mesa-libxatracker +mesa-private-llvm +metacity +mgetty +microcode_ctl +migrationtools +minicom +mipv6-daemon +mkbootdisk +mksh +mlocate +mobile-broadband-provider-info +mod_auth_gssapi +mod_auth_kerb +mod_auth_mellon +mod_auth_mellon-diagnostics +mod_authnz_pam +mod_auth_openidc +mod_dav_svn +ModemManager +ModemManager-glib +mod_fcgid +mod_intercept_form_submit +mod_lookup_identity +mod_nss +mod_revocator +mod_security +mod_security_crs +mod_session +mod_ssl +mod_wsgi +mokutil +motif +motif-devel +mousetweaks +mozilla-filesystem +mozjs17 +mozjs24 +mozjs52 +mpfr +mpfr-devel +mpg123-libs +mpich-3.0 +mpich-3.0-devel +mpich-3.2 +mpich-3.2-devel +mpitests-mpich +mpitests-mpich32 +mpitests-mvapich2 +mpitests-mvapich222 +mpitests-mvapich222-psm +mpitests-mvapich222-psm2 +mpitests-mvapich23 +mpitests-mvapich23-psm +mpitests-mvapich23-psm2 +mpitests-mvapich2-psm +mpitests-openmpi +mpitests-openmpi3 +mrtg +mstflint +msv-msv +msv-xsdlib +mtdev +mtools +mtr +mt-st +mtx +mutt +mutter +mvapich2-2.0 +mvapich2-2.0-devel +mvapich2-2.0-doc +mvapich2-2.0-psm +mvapich2-2.0-psm-devel +mvapich2-2.2 +mvapich2-2.2-devel +mvapich2-2.2-doc +mvapich2-2.2-psm +mvapich2-2.2-psm2 +mvapich2-2.2-psm2-devel +mvapich2-2.2-psm-devel +mvapich23 +mvapich23-devel +mvapich23-doc +mvapich23-psm +mvapich23-psm2 +mvapich23-psm2-devel +mvapich23-psm-devel +mysql-connector-java +mysql-connector-odbc +MySQL-python +mythes +mythes-bg +mythes-ca +mythes-cs +mythes-da +mythes-de +mythes-el +mythes-en +mythes-es +mythes-fr +mythes-ga +mythes-hu +mythes-it +mythes-lb +mythes-lv +mythes-mi +mythes-nb +mythes-ne +mythes-nl +mythes-nn +mythes-pl +mythes-pt +mythes-ro +mythes-ru +mythes-sk +mythes-sl +mythes-sv +mythes-uk +nafees-web-naskh-fonts +nano +nasm +nautilus +nautilus-extensions +nautilus-sendto +navilu-fonts +nbdkit +nbdkit-plugin-python2 +nbdkit-plugin-python-common +nbdkit-plugin-vddk +ncompress +ncurses +ncurses-base +ncurses-devel +ncurses-libs +ncurses-term +ndctl +ndctl-libs +neon +nepomuk-core +nepomuk-core-devel +nepomuk-core-libs +nepomuk-widgets +netcf-libs +netlabel_tools +netpbm +netpbm-devel +netpbm-progs +netsniff-ng +net-snmp +net-snmp-agent-libs +net-snmp-devel +net-snmp-libs +net-snmp-utils +nettle +nettle-devel +net-tools +NetworkManager +NetworkManager-adsl +NetworkManager-bluetooth +NetworkManager-config-server +NetworkManager-glib +NetworkManager-libnm +NetworkManager-libreswan +NetworkManager-libreswan-gnome +NetworkManager-ppp +NetworkManager-team +NetworkManager-tui +NetworkManager-wifi +NetworkManager-wwan +newt +newt-python +nfs4-acl-tools +nfsometer +nfstest +nfs-utils +nftables +nhn-nanum-brush-fonts +nhn-nanum-fonts-common +nhn-nanum-gothic-fonts +nhn-nanum-myeongjo-fonts +nhn-nanum-pen-fonts +nmap +nmap-ncat +nm-connection-editor +nscd +nspr +nspr-devel +nss +nss_compat_ossl +nss-devel +nss-pam-ldapd +nss-pem +nss-softokn +nss-softokn-devel +nss-softokn-freebl +nss-softokn-freebl-devel +nss-sysinit +nss-tools +nss-util +nss-util-devel +ntp +ntpdate +ntsysv +numactl +numactl-devel +numactl-libs +numad +numpy +numpy-f2py +nuxwdog +nuxwdog-client-java +nvme-cli +nvmetcli +obexd +obex-data-server +objectweb-asm +oddjob +oddjob-mkhomedir +okular +okular-devel +okular-libs +okular-part +omping +opa-address-resolution +opa-basic-tools +opa-fastfabric +opa-fm +opal +opa-libopamgt +opal-prd +opencc +openchange +opencryptoki +opencryptoki-ccatok +opencryptoki-ep11tok +opencryptoki-icatok +opencryptoki-icsftok +opencryptoki-libs +opencryptoki-swtok +opencryptoki-tpmtok +opendnssec +OpenEXR-libs +openhpi +openhpi-libs +OpenIPMI +OpenIPMI-libs +OpenIPMI-modalias +OpenIPMI-perl +openjade +openjpeg2 +openjpeg-libs +openldap +openldap-clients +openldap-devel +openldap-servers +openlmi +openlmi-account +openlmi-account-doc +openlmi-fan +openlmi-fan-doc +openlmi-hardware +openlmi-hardware-doc +openlmi-indicationmanager-libs +openlmi-logicalfile +openlmi-logicalfile-doc +openlmi-networking +openlmi-networking-doc +openlmi-powermanagement +openlmi-powermanagement-doc +openlmi-providers +openlmi-providers-devel +openlmi-python-base +openlmi-python-providers +openlmi-realmd +openlmi-realmd-doc +openlmi-service +openlmi-service-doc +openlmi-software +openlmi-software-doc +openlmi-storage +openlmi-storage-doc +openlmi-tools +openlmi-tools-doc +openmpi +openmpi3 +openmpi3-devel +openmpi-devel +openobex +open-sans-fonts +opensc +openscap +openscap-containers +openscap-python +openscap-scanner +openscap-utils +openslp +openslp-server +opensm +opensm-libs +opensp +openssh +openssh-askpass +openssh-clients +openssh-keycat +openssh-server +openssl +openssl098e +openssl-devel +openssl-ibmca +openssl-libs +open-vm-tools +open-vm-tools-desktop +openwsman-client +openwsman-python +openwsman-server +oprofile +oprofile-gui +oprofile-jit +opus +ORBit2 +orc +orca +ortp +oscap-anaconda-addon +osinfo-db +osinfo-db-tools +os-prober +overpass-fonts +OVMF +oxygen-gtk +oxygen-gtk2 +oxygen-gtk3 +oxygen-icon-theme +p11-kit +p11-kit-devel +p11-kit-trust +pacemaker +pacemaker-cli +pacemaker-cluster-libs +pacemaker-cts +pacemaker-doc +pacemaker-libs +pacemaker-libs-devel +pacemaker-nagios-plugins-metadata +pacemaker-remote +Package +PackageKit +PackageKit-command-not-found +PackageKit-glib +PackageKit-gstreamer-plugin +PackageKit-gtk3-module +PackageKit-yum +paflib +pakchois +paktype-naqsh-fonts +paktype-naskh-basic-fonts +paktype-tehreer-fonts +pam +pam-devel +pam_krb5 +pam_pkcs11 +pango +pango-devel +pangomm +papi +papi-devel +paps +paps-libs +paratype-pt-sans-fonts +parfait +parted +passivetex +passwd +patch +patchutils +pavucontrol +pax +pciutils +pciutils-libs +pcp +pcp-conf +pcp-doc +pcp-export-pcp2graphite +pcp-gui +pcp-libs +pcp-manager +pcp-pmda-activemq +pcp-pmda-apache +pcp-pmda-bash +pcp-pmda-bonding +pcp-pmda-cisco +pcp-pmda-dbping +pcp-pmda-dm +pcp-pmda-ds389 +pcp-pmda-ds389log +pcp-pmda-elasticsearch +pcp-pmda-gfs2 +pcp-pmda-gluster +pcp-pmda-gpfs +pcp-pmda-gpsd +pcp-pmda-json +pcp-pmda-lmsensors +pcp-pmda-logger +pcp-pmda-lustre +pcp-pmda-lustrecomm +pcp-pmda-mailq +pcp-pmda-memcache +pcp-pmda-mounts +pcp-pmda-mysql +pcp-pmda-named +pcp-pmda-netfilter +pcp-pmda-news +pcp-pmda-nfsclient +pcp-pmda-nginx +pcp-pmda-nvidia-gpu +pcp-pmda-pdns +pcp-pmda-postfix +pcp-pmda-postgresql +pcp-pmda-roomtemp +pcp-pmda-rpm +pcp-pmda-sendmail +pcp-pmda-shping +pcp-pmda-summary +pcp-pmda-trace +pcp-pmda-unbound +pcp-pmda-weblog +pcp-pmda-zswap +pcp-selinux +pcp-system-tools +pcp-webapi +pcp-zeroconf +pcre +pcre2 +pcre2-utf16 +pcre-devel +pcs +pcsc-lite +pcsc-lite-ccid +pcsc-lite-libs +pcs-snmp +pentaho-libxml +pentaho-reporting-flow-engine +perf +perftest +perl +perl-Algorithm-Diff +perl-App-cpanminus +perl-Archive-Extract +perl-Archive-Tar +perl-Archive-Zip +perl-Authen-SASL +perl-autodie +perl-Bit-Vector +perl-B-Lint +perl-Business-ISBN +perl-Business-ISBN-Data +perl-Carp +perl-Carp-Clan +perl-CGI +perl-CGI-Session +perl-Class-ISA +perl-Class-Load +perl-Class-Singleton +perl-Compress-Raw-Bzip2 +perl-Compress-Raw-Zlib +perl-constant +perl-Convert-ASN1 +perl-core +perl-CPAN +perl-CPAN-Meta +perl-CPAN-Meta-Requirements +perl-CPAN-Meta-YAML +perl-CPANPLUS +perl-CPANPLUS-Dist-Build +perl-Crypt-OpenSSL-Bignum +perl-Crypt-OpenSSL-Random +perl-Crypt-OpenSSL-RSA +perl-Crypt-SSLeay +perl-Data-Dumper +perl-Data-OptList +perl-Date-Calc +perl-Date-Manip +perl-DateTime +perl-DateTime-Format-DateParse +perl-DateTime-Locale +perl-DateTime-TimeZone +perl-DBD-MySQL +perl-DBD-Pg +perl-DBD-SQLite +perl-DB_File +perl-DBI +perl-DBIx-Simple +perl-devel +perl-Devel-Symdump +perl-Digest +perl-Digest-HMAC +perl-Digest-MD5 +perl-Digest-SHA +perl-Digest-SHA1 +perl-Encode +perl-Encode-Detect +perl-Encode-Locale +perl-Env +perl-Error +perl-Exporter +perl-ExtUtils-CBuilder +perl-ExtUtils-Embed +perl-ExtUtils-Install +perl-ExtUtils-MakeMaker +perl-ExtUtils-Manifest +perl-ExtUtils-ParseXS +perl-FCGI +perl-File-CheckTree +perl-File-Fetch +perl-File-Listing +perl-File-Path +perl-File-Slurp +perl-File-Temp +perl-Filter +perl-Font-AFM +perl-FreezeThaw +perl-GD +perl-Getopt-Long +perl-gettext +perl-Git +perl-GSSAPI +perl-hivex +perl-homedir +perl-HTML-Format +perl-HTML-Parser +perl-HTML-Tagset +perl-HTML-Tree +perl-HTTP-Cookies +perl-HTTP-Daemon +perl-HTTP-Date +perl-HTTP-Message +perl-HTTP-Negotiate +perl-HTTP-Tiny +perl-IO-Compress +perl-IO-HTML +perl-IO-Socket-INET6 +perl-IO-Socket-IP +perl-IO-Socket-SSL +perl-IO-stringy +perl-IO-Zlib +perl-IPC-Cmd +perl-JSON +perl-JSON-PP +perl-LDAP +perl-libintl +perl-libs +perl-libwww-perl +perl-libxml-perl +perl-List-MoreUtils +perl-Locale-Codes +perl-Locale-Maketext +perl-Locale-Maketext-Simple +perl-local-lib +perl-Log-Message +perl-Log-Message-Simple +perl-LWP-MediaTypes +perl-LWP-Protocol-https +perl-macros +perl-Mail-DKIM +perl-Mail-SPF +perl-MailTools +perl-Module-Build +perl-Module-CoreList +perl-Module-Implementation +perl-Module-Load +perl-Module-Load-Conditional +perl-Module-Loaded +perl-Module-Metadata +perl-Module-Pluggable +perl-Module-Runtime +perl-Module-Signature +perl-Mozilla-CA +perl-Mozilla-LDAP +perl-NetAddr-IP +perl-Net-Daemon +perl-Net-DNS +perl-Net-HTTP +perl-Net-LibIDN +perl-Net-SMTP-SSL +perl-Net-SSLeay +perl-Newt +perl-Object-Accessor +perl-Package-Constants +perl-Package-DeprecationManager +perl-Package-Stash +perl-Package-Stash-XS +perl-Params-Check +perl-Params-Util +perl-Params-Validate +perl-PAR-Dist +perl-parent +perl-Parse-CPAN-Meta +perl-PathTools +perl-PCP-PMDA +perl-Perl4-CoreLibs +perl-Perl-OSType +perl-PlRPC +perl-Pod-Checker +perl-Pod-Coverage +perl-Pod-Escapes +perl-Pod-LaTeX +perl-podlators +perl-Pod-Parser +perl-Pod-Perldoc +perl-Pod-Plainer +perl-Pod-Simple +perl-Pod-Usage +perl-Scalar-List-Utils +perl-SGMLSpm +perl-SNMP_Session +perl-Socket +perl-Socket6 +perl-srpm-macros +perl-Storable +perl-String-ShellQuote +perl-Sub-Install +perl-Sys-CPU +perl-Sys-Guestfs +perl-Sys-MemInfo +perl-Sys-Syslog +perl-Sys-Virt +perl-TermReadKey +perl-Term-UI +perl-Test-Harness +perl-Test-Pod +perl-Test-Pod-Coverage +perl-Test-Simple +perl-Text-Diff +perl-Text-ParseWords +perl-Text-Soundex +perl-Text-Unidecode +perl-Thread-Queue +perl-threads +perl-threads-shared +perltidy +perl-TimeDate +perl-Time-HiRes +perl-Time-Local +perl-Time-Piece +perl-Try-Tiny +perl-URI +perl-version +perl-Version-Requirements +perl-WWW-RobotRules +perl-XML-Dumper +perl-XML-Filter-BufferText +perl-XML-Grove +perl-XML-LibXML +perl-XML-NamespaceSupport +perl-XML-Parser +perl-XML-SAX +perl-XML-SAX-Base +perl-XML-SAX-Writer +perl-XML-Simple +perl-XML-Twig +perl-XML-Writer +perl-XML-XPath +perl-YAML +perl-YAML-Tiny +pexpect +phonon +phonon-backend-gstreamer +phonon-devel +php +php-cli +php-common +php-gd +php-ldap +php-mysql +php-odbc +php-pdo +php-pear +php-pecl-memcache +php-pgsql +php-process +php-recode +php-soap +php-xml +php-xmlrpc +pidgin +pidgin-sipe +pinentry +pinentry-gtk +pinentry-qt +pinentry-qt4 +pinfo +pixman +pixman-devel +pkgconfig +pki-base +pki-base-java +pki-ca +pki-kra +pki-server +pki-symkey +pki-tools +plasma-scriptengine-python +plymouth +plymouth-core-libs +plymouth-graphics-libs +plymouth-plugin-label +plymouth-plugin-two-step +plymouth-scripts +plymouth-system-theme +plymouth-theme-charge +pmdk-convert +pmempool +pm-utils +pnm2ppa +po4a +policycoreutils +policycoreutils-devel +policycoreutils-gui +policycoreutils-newrole +policycoreutils-python +policycoreutils-sandbox +polkit +polkit-devel +polkit-docs +polkit-kde +polkit-pkla-compat +polkit-qt +poppler +poppler-data +poppler-glib +poppler-qt +poppler-utils +popt +popt-devel +portreserve +postfix +postfix-perl-scripts +postgresql +postgresql-contrib +postgresql-devel +postgresql-docs +postgresql-jdbc +postgresql-libs +postgresql-odbc +postgresql-plperl +postgresql-plpython +postgresql-pltcl +postgresql-server +postgresql-test +pothana2000-fonts +powerpc-utils +powerpc-utils-python +powertop +ppc64-diag +ppc64-utils +ppp +pptp +prelink +procmail +procps-ng +protobuf +protobuf-c +psacct +ps_mem +psmisc +pth +ptlib +pulseaudio +pulseaudio-gdm-hooks +pulseaudio-libs +pulseaudio-libs-devel +pulseaudio-libs-glib2 +pulseaudio-module-bluetooth +pulseaudio-module-x11 +pulseaudio-utils +purple-sipe +pycairo +pygobject2 +pygobject3-devel +pygpgme +PyGreSQL +pygtk2 +pygtk2-libglade +pykde4 +pykickstart +pyldb +pyliblzma +pyOpenSSL +pyorbit +PyPAM +pyparsing +pyparted +PyQt4 +PyQt4-devel +pyserial +pytalloc +python +python2-blivet3 +python2-blockdev +python2-bytesize +python2-caribou +python2-cryptography +python2-futures +python2-hawkey +python2-ipaclient +python2-ipalib +python2-ipaserver +python2-keycloak-httpd-client-install +python2-oauthlib +python2-pyasn1 +python2-pyasn1-modules +python2-pyatspi +python2-requests-oauthlib +python2-rpm-macros +python2-subprocess32 +python3 +python3-libs +python3-pip +python3-rpm-generators +python3-rpm-macros +python3-setuptools +python3-wheel +python-adal +python-augeas +python-azure-sdk +python-babel +python-backports +python-backports-ssl_match_hostname +python-bcc +python-beaker +python-blivet +python-boto3 +python-brlapi +python-cffi +python-chardet +python-cherrypy +python-clufter +python-configobj +python-configshell +python-coverage +python-cpio +python-cups +python-custodia +python-dateutil +python-decorator +python-deltarpm +python-devel +python-di +python-dmidecode +python-dns +python-docs +python-docutils +python-enum34 +python-ethtool +python-firewall +python-gobject +python-gobject-base +python-gssapi +python-gudev +python-hwdata +python-idna +python-iniparse +python-inotify +python-ipaddr +python-ipaddress +python-IPy +python-isodate +python-javapackages +python-jinja2 +python-jsonpatch +python-jsonpointer +python-jwcrypto +python-jwt +python-kdcproxy +python-kerberos +python-kitchen +python-kmod +python-krbV +python-ldap +python-libguestfs +python-libipa_hbac +python-libs +python-libsss_nss_idmap +python-linux-procfs +python-lxml +python-magic +python-mako +python-markupsafe +python-matplotlib +python-meh +python-meh-gui +python-memcached +python-msrest +python-msrestazure +python-netaddr +python-netifaces +python-nose +python-nss +python-ntplib +python-paramiko +python-paste +python-pcp +python-perf +python-pillow +python-ply +python-prettytable +python-psycopg2 +python-pwquality +python-pyblock +python-pycparser +python-pycurl +python-pyudev +python-qrcode-core +python-rados +python-rbd +python-reportlab +python-requests +python-rhsm +python-rhsm-certificates +python-rpm-macros +python-rtslib +python-s3transfer +python-schedutils +python-setproctitle +python-setuptools +python-six +python-slip +python-slip-dbus +python-smbc +python-sqlalchemy +python-srpm-macros +python-sss +python-sssdconfig +python-sss-murmur +python-suds +python-syspurpose +python-tdb +python-tempita +python-tevent +python-urlgrabber +python-urllib3 +python-urwid +python-virtualenv +python-volume_key +python-yubico +pytz +pyusb +pywbem +pyxattr +PyYAML +qca2 +qca-ossl +qclib +qdox +qemu-guest-agent +qemu-img +qemu-img-ma +qemu-kvm +qemu-kvm-common +qemu-kvm-common-ma +qemu-kvm-ma +qemu-kvm-tools +qemu-kvm-tools-ma +qgnomeplatform +qimageblitz +qjson +qpdf-libs +qperf +qrencode-libs +qt +qt3 +qt3-devel +qt3-MySQL +qt3-ODBC +qt3-PostgreSQL +qt5-designer +qt5-doctools +qt5-linguist +qt5-qt3d +qt5-qt3d-devel +qt5-qtbase +qt5-qtbase-common +qt5-qtbase-devel +qt5-qtbase-gui +qt5-qtbase-mysql +qt5-qtbase-odbc +qt5-qtbase-postgresql +qt5-qtcanvas3d +qt5-qtconnectivity +qt5-qtconnectivity-devel +qt5-qtdeclarative +qt5-qtdeclarative-devel +qt5-qtdoc +qt5-qtenginio +qt5-qtenginio-devel +qt5-qtgraphicaleffects +qt5-qtimageformats +qt5-qtlocation +qt5-qtlocation-devel +qt5-qtmultimedia +qt5-qtmultimedia-devel +qt5-qtquickcontrols +qt5-qtquickcontrols2 +qt5-qtscript +qt5-qtscript-devel +qt5-qtsensors +qt5-qtsensors-devel +qt5-qtserialbus +qt5-qtserialport +qt5-qtserialport-devel +qt5-qtsvg +qt5-qtsvg-devel +qt5-qttools +qt5-qttools-common +qt5-qttools-devel +qt5-qttools-libs-designer +qt5-qttools-libs-designercomponents +qt5-qttools-libs-help +qt5-qttranslations +qt5-qtwayland +qt5-qtwebchannel +qt5-qtwebchannel-devel +qt5-qtwebsockets +qt5-qtwebsockets-devel +qt5-qtx11extras +qt5-qtx11extras-devel +qt5-qtxmlpatterns +qt5-qtxmlpatterns-devel +qt5-rpm-macros +qt-devel +qt-mysql +qt-odbc +qt-postgresql +qt-settings +qt-x11 +quagga +quota +quota-nls +radvd +raptor2 +rarian +rarian-compat +rasdaemon +rasqal +rcs +rdate +rdist +rdma-core +rdma-core-devel +readline +readline-devel +realmd +rear +recode +redfish-finder +redhat-access-gui +redhat-access-plugin-ipa +redhat-bookmarks +Red_Hat_Enterprise_Linux-Release_Notes-7-as-IN +Red_Hat_Enterprise_Linux-Release_Notes-7-bn-IN +Red_Hat_Enterprise_Linux-Release_Notes-7-de-DE +Red_Hat_Enterprise_Linux-Release_Notes-7-en-US +Red_Hat_Enterprise_Linux-Release_Notes-7-es-ES +Red_Hat_Enterprise_Linux-Release_Notes-7-fr-FR +Red_Hat_Enterprise_Linux-Release_Notes-7-gu-IN +Red_Hat_Enterprise_Linux-Release_Notes-7-hi-IN +Red_Hat_Enterprise_Linux-Release_Notes-7-it-IT +Red_Hat_Enterprise_Linux-Release_Notes-7-ja-JP +Red_Hat_Enterprise_Linux-Release_Notes-7-kn-IN +Red_Hat_Enterprise_Linux-Release_Notes-7-ko-KR +Red_Hat_Enterprise_Linux-Release_Notes-7-ml-IN +Red_Hat_Enterprise_Linux-Release_Notes-7-mr-IN +Red_Hat_Enterprise_Linux-Release_Notes-7-or-IN +Red_Hat_Enterprise_Linux-Release_Notes-7-pa-IN +Red_Hat_Enterprise_Linux-Release_Notes-7-pt-BR +Red_Hat_Enterprise_Linux-Release_Notes-7-ru-RU +Red_Hat_Enterprise_Linux-Release_Notes-7-ta-IN +Red_Hat_Enterprise_Linux-Release_Notes-7-te-IN +Red_Hat_Enterprise_Linux-Release_Notes-7-zh-CN +Red_Hat_Enterprise_Linux-Release_Notes-7-zh-TW +redhat-indexhtml +redhat-logos +redhat-lsb +redhat-lsb-core +redhat-lsb-cxx +redhat-lsb-desktop +redhat-lsb-languages +redhat-lsb-printing +redhat-lsb-submod-multimedia +redhat-lsb-submod-security +redhat-menus +redhat-release-client +redhat-release-computenode +redhat-release-eula +redhat-release-server +redhat-release-workstation +redhat-rpm-config +redhat-support-lib-python +redhat-support-tool +redhat-upgrade-dracut +redhat-upgrade-dracut-plymouth +redhat-upgrade-tool +redland +redland-virtuoso +regexp +relaxngDatatype +resource-agents +resource-agents-aliyun +resource-agents-gcp +rest +resteasy-base-atom-provider +resteasy-base-client +resteasy-base-jackson-provider +resteasy-base-jaxb-provider +resteasy-base-jaxrs +resteasy-base-jaxrs-api +resteasy-base-jettison-provider +rfkill +rhdb-utils +rhino +rhn-check +rhn-client-tools +rhnlib +rhnsd +rhn-setup +rhn-setup-gnome +rhsm-gtk +rhythmbox +rmt +rngom +rng-tools +rootfiles +rpcbind +rpm +rpm-build +rpm-build-libs +rpm-devel +rpmdevtools +rpmemd +rpm-libs +rpmlint +rpm-python +rpm-sign +rp-pppoe +rrdtool +rrdtool-perl +rsh +rsh-server +rsync +rsyslog +rsyslog-gnutls +rsyslog-gssapi +rsyslog-kafka +rsyslog-mmjsonparse +rsyslog-mysql +rsyslog-pgsql +rsyslog-relp +rtkit +ruby +rubygem-abrt +rubygem-bigdecimal +rubygem-bundler +rubygem-io-console +rubygem-json +rubygem-net-http-persistent +rubygem-psych +rubygem-rdoc +rubygems +rubygem-thor +ruby-irb +ruby-libs +rusers +rusers-server +rwho +s390utils +s390utils-base +s390utils-cmsfs +s390utils-cmsfs-fuse +s390utils-cpuplugd +s390utils-hmcdrvfs +s390utils-iucvterm +s390utils-mon_statd +s390utils-osasnmpd +s390utils-zdsfs +s390utils-ziomon +saab-fonts +sac +samba +samba-client +samba-client-libs +samba-common +samba-common-libs +samba-common-tools +samba-krb5-printing +samba-libs +samba-python +samba-winbind +samba-winbind-clients +samba-winbind-modules +samyak-devanagari-fonts +samyak-fonts-common +samyak-gujarati-fonts +samyak-malayalam-fonts +samyak-oriya-fonts +samyak-tamil-fonts +sane-backends +sane-backends-devel +sane-backends-drivers-cameras +sane-backends-drivers-scanners +sane-backends-libs +sane-frontends +sassist +satyr +sbc +sbd +sblim-cim-client2 +sblim-cmpi-base +sblim-cmpi-fsvol +sblim-cmpi-network +sblim-cmpi-nfsv3 +sblim-cmpi-nfsv4 +sblim-cmpi-params +sblim-cmpi-sysfs +sblim-cmpi-syslog +sblim-gather +sblim-gather-provider +sblim-indication_helper +sblim-sfcb +sblim-sfcc +sblim-smis-hba +sblim-wbemcli +scannotation +scap-security-guide +scap-security-guide-doc +scap-workbench +scipy +scl-utils +screen +scrub +SDL +SDL-devel +sdparm +seabios-bin +seahorse +seahorse-nautilus +seahorse-sharing +seavgabios-bin +sed +selinux-policy +selinux-policy-devel +selinux-policy-minimum +selinux-policy-mls +selinux-policy-targeted +sendmail +sendmail-cf +servicelog +setools-console +setools-libs +setroubleshoot +setroubleshoot-plugins +setroubleshoot-server +setserial +setup +setuptool +sg3_utils +sg3_utils-libs +sgabios-bin +sgml-common +sgpio +shadow-utils +shared-desktop-ontologies +shared-desktop-ontologies-devel +shared-mime-info +shim-ia32 +shim-unsigned-ia32 +shim-unsigned-x64 +shim-x64 +shotwell +sil-abyssinica-fonts +sil-nuosu-fonts +sil-padauk-fonts +sip +sip-devel +sip-macros +si-units +skkdic +slang +slapi-nis +slf4j +SLOF +smartmontools +smc-anjalioldlipi-fonts +smc-dyuthi-fonts +smc-fonts-common +smc-kalyani-fonts +smc-meera-fonts +smc-rachana-fonts +smc-raghumalayalam-fonts +smc-suruma-fonts +snapper +snapper-libs +snappy +socat +softhsm +soprano +soprano-devel +sos +sos-collector +sound-theme-freedesktop +soundtouch +sox +spamassassin +spausedd +spax +speech-dispatcher +speech-dispatcher-python +speex +spice-glib +spice-gtk3 +spice-protocol +spice-server +spice-streaming-agent +spice-vdagent +spice-xpi +sqlite +sqlite-devel +squashfs-tools +squid +squid-migration-script +srp_daemon +sssd +sssd-ad +sssd-client +sssd-common +sssd-common-pac +sssd-dbus +sssd-ipa +sssd-kcm +sssd-krb5 +sssd-krb5-common +sssd-ldap +sssd-libwbclient +sssd-polkit-rules +sssd-proxy +sssd-tools +sssd-winbind-idmap +star +startup-notification +startup-notification-devel +stax2-api +stax-ex +stix-fonts +stix-math-fonts +strace +strace32 +strigi-libs +strongimcv +stunnel +subscription-manager +subscription-manager-gui +subscription-manager-initial-setup-addon +subscription-manager-migration +subscription-manager-migration-data +subscription-manager-plugin-container +subscription-manager-rhsm +subscription-manager-rhsm-certificates +subversion +subversion-gnome +subversion-libs +sudo +suitesparse +supermin5 +supermin-helper +sushi +svrcore +sweeper +swig +symlinks +sysfsutils +syslinux +syslinux-extlinux +syslinux-tftpboot +sysstat +system-config-date +system-config-date-docs +system-config-firewall-base +system-config-kdump +system-config-keyboard +system-config-keyboard-base +system-config-kickstart +system-config-language +system-config-printer +system-config-printer-libs +system-config-printer-udev +system-config-users +system-config-users-docs +systemd +systemd-devel +systemd-libs +systemd-python +systemd-sysv +system-storage-manager +system-switch-java +systemtap +systemtap-client +systemtap-devel +systemtap-initscript +systemtap-runtime +systemtap-sdt-devel +systemtap-server +sysvinit-tools +t1lib +taglib +tagsoup +talk +talk-server +tang +tar +targetcli +targetd +tbb +tbb-devel +tboot +tcl +tcl-devel +tcl-pgtcl +tcpdump +tcp_wrappers +tcp_wrappers-devel +tcp_wrappers-libs +tcsh +tdb-tools +teamd +telepathy-farstream +telepathy-filesystem +telepathy-gabble +telepathy-glib +telepathy-haze +telepathy-logger +telepathy-mission-control +telepathy-salut +telnet +telnet-server +tex-fonts-hebrew +texinfo +texlive +texlive-ae +texlive-algorithms +texlive-amscls +texlive-amsfonts +texlive-amsmath +texlive-anysize +texlive-attachfile +texlive-avantgar +texlive-babel +texlive-babelbib +texlive-base +texlive-beamer +texlive-bera +texlive-beton +texlive-bibtex +texlive-bibtex-bin +texlive-bookman +texlive-booktabs +texlive-breakurl +texlive-caption +texlive-carlisle +texlive-charter +texlive-chngcntr +texlive-cite +texlive-cm +texlive-cmap +texlive-cmextra +texlive-cm-lgc +texlive-cm-super +texlive-collection-basic +texlive-collection-documentation-base +texlive-collection-fontsrecommended +texlive-collection-htmlxml +texlive-collection-latex +texlive-collection-latexrecommended +texlive-colortbl +texlive-courier +texlive-crop +texlive-csquotes +texlive-ctable +texlive-currfile +texlive-dvipdfm +texlive-dvipdfm-bin +texlive-dvipdfmx +texlive-dvipdfmx-bin +texlive-dvipdfmx-def +texlive-dvipng +texlive-dvipng-bin +texlive-dvips +texlive-dvips-bin +texlive-ec +texlive-enctex +texlive-enumitem +texlive-eso-pic +texlive-etex +texlive-etex-pkg +texlive-etoolbox +texlive-euler +texlive-euro +texlive-eurosym +texlive-extsizes +texlive-fancybox +texlive-fancyhdr +texlive-fancyref +texlive-fancyvrb +texlive-filecontents +texlive-filehook +texlive-fix2col +texlive-float +texlive-fontspec +texlive-footmisc +texlive-fp +texlive-fpl +texlive-geometry +texlive-glyphlist +texlive-graphics +texlive-gsftopk +texlive-gsftopk-bin +texlive-helvetic +texlive-hyperref +texlive-hyphen-base +texlive-hyph-utf8 +texlive-ifetex +texlive-ifluatex +texlive-ifxetex +texlive-index +texlive-jadetex +texlive-jadetex-bin +texlive-jknapltx +texlive-kastrup +texlive-kerkis +texlive-koma-script +texlive-kpathsea +texlive-kpathsea-bin +texlive-kpathsea-lib +texlive-l3experimental +texlive-l3kernel +texlive-l3packages +texlive-latex +texlive-latex-bin +texlive-latex-bin-bin +texlive-latexconfig +texlive-latex-fonts +texlive-listings +texlive-lm +texlive-lm-math +texlive-ltxmisc +texlive-lua-alt-getopt +texlive-lualatex-math +texlive-luaotfload +texlive-luaotfload-bin +texlive-luatex +texlive-luatexbase +texlive-luatex-bin +texlive-makeindex +texlive-makeindex-bin +texlive-marginnote +texlive-marvosym +texlive-mathpazo +texlive-mdwtools +texlive-memoir +texlive-metafont +texlive-metafont-bin +texlive-metalogo +texlive-mflogo +texlive-mfnfss +texlive-mfware +texlive-mfware-bin +texlive-mh +texlive-microtype +texlive-misc +texlive-mparhack +texlive-mptopdf +texlive-mptopdf-bin +texlive-ms +texlive-multido +texlive-natbib +texlive-ncntrsbk +texlive-ntgclass +texlive-oberdiek +texlive-palatino +texlive-paralist +texlive-parallel +texlive-parskip +texlive-passivetex +texlive-pdfpages +texlive-pdftex +texlive-pdftex-bin +texlive-pdftex-def +texlive-pgf +texlive-plain +texlive-powerdot +texlive-psfrag +texlive-pslatex +texlive-psnfss +texlive-pspicture +texlive-pst-3d +texlive-pst-blur +texlive-pst-coil +texlive-pst-eps +texlive-pst-fill +texlive-pst-grad +texlive-pst-math +texlive-pst-node +texlive-pst-plot +texlive-pstricks +texlive-pstricks-add +texlive-pst-slpe +texlive-pst-text +texlive-pst-tree +texlive-pxfonts +texlive-qstest +texlive-rcs +texlive-rotating +texlive-rsfs +texlive-sansmath +texlive-sauerj +texlive-scheme-basic +texlive-section +texlive-seminar +texlive-sepnum +texlive-setspace +texlive-showexpl +texlive-soul +texlive-subfig +texlive-symbol +texlive-tetex +texlive-tetex-bin +texlive-tex +texlive-tex4ht +texlive-tex4ht-bin +texlive-tex-bin +texlive-texconfig +texlive-texconfig-bin +texlive-tex-gyre +texlive-tex-gyre-math +texlive-texlive.infra +texlive-texlive.infra-bin +texlive-textcase +texlive-thumbpdf +texlive-thumbpdf-bin +texlive-times +texlive-tipa +texlive-tools +texlive-txfonts +texlive-type1cm +texlive-typehtml +texlive-ucs +texlive-ulem +texlive-underscore +texlive-unicode-math +texlive-url +texlive-utopia +texlive-varwidth +texlive-wasy +texlive-wasysym +texlive-xcolor +texlive-xdvi +texlive-xdvi-bin +texlive-xkeyval +texlive-xmltex +texlive-xmltex-bin +texlive-xunicode +texlive-zapfchan +texlive-zapfding +tex-preview +tftp +tftp-server +thai-scalable-fonts-common +thai-scalable-garuda-fonts +thai-scalable-kinnari-fonts +thai-scalable-loma-fonts +thai-scalable-norasi-fonts +thai-scalable-purisa-fonts +thai-scalable-sawasdee-fonts +thai-scalable-tlwgmono-fonts +thai-scalable-tlwgtypewriter-fonts +thai-scalable-tlwgtypist-fonts +thai-scalable-tlwgtypo-fonts +thai-scalable-umpush-fonts +thai-scalable-waree-fonts +theora-tools +thunderbird +tibetan-machine-uni-fonts +tigervnc +tigervnc-icons +tigervnc-license +tigervnc-server +tigervnc-server-minimal +time +tk +tk-devel +tmpwatch +tmux +tn5250 +tncfhh +tncfhh-libs +tncfhh-utils +tog-pegasus +tog-pegasus-libs +tokyocabinet +tomcat +tomcat-admin-webapps +tomcat-el-2.2-api +tomcat-jsp-2.2-api +tomcatjss +tomcat-lib +tomcat-servlet-3.0-api +tomcat-webapps +totem +totem-nautilus +totem-pl-parser +tpm2-abrmd +tpm2-tools +tpm2-tss +tpm2-tss-devel +tpm-quote-tools +tpm-tools +trace-cmd +traceroute +tracker +tree +trousers +tss2 +ttmkfdir +tuna +tuned +tuned-profiles-cpu-partitioning +tuned-utils +txw2 +tzdata +tzdata-java +ucs-miscfixed-fonts +ucx +udftools +udisks2 +udisks2-iscsi +udisks2-lsm +udisks2-lvm2 +unbound +unbound-libs +unique3 +unique3-devel +unit-api +units +unixODBC +unixODBC-devel +unoconv +unzip +uom-lib +uom-se +uom-systems +upower +urlview +urw-base35-bookman-fonts +urw-base35-c059-fonts +urw-base35-d050000l-fonts +urw-base35-fonts +urw-base35-fonts-common +urw-base35-gothic-fonts +urw-base35-nimbus-mono-ps-fonts +urw-base35-nimbus-roman-fonts +urw-base35-nimbus-sans-fonts +urw-base35-p052-fonts +urw-base35-standard-symbols-ps-fonts +urw-base35-z003-fonts +urw-fonts +usbguard +usb_modeswitch +usb_modeswitch-data +usbmuxd +usbredir +usbutils +usermode +usermode-gtk +usnic-tools +ustr +util-linux +uuid +uuidd +valgrind +vdo +velocity +vemana2000-fonts +vim-common +vim-enhanced +vim-filesystem +vim-minimal +vim-X11 +vinagre +vino +virt-install +virtio-win +virt-manager +virt-manager-common +virt-p2v-maker +virt-top +virtuoso-opensource +virt-v2v +virt-viewer +virt-what +virt-who +vlgothic-fonts +vlgothic-p-fonts +volume_key +volume_key-libs +vorbis-tools +vsftpd +vte291 +vte3 +vte-profile +watchdog +wavpack +wayland-devel +wayland-protocols-devel +webkitgtk3 +webkitgtk4 +webkitgtk4-devel +webkitgtk4-jsc +webkitgtk4-jsc-devel +webrtc-audio-processing +wget +which +whois +wireshark +wireshark-gnome +wodim +words +wpa_supplicant +wqy-microhei-fonts +wqy-unibit-fonts +wqy-zenhei-fonts +ws-jaxme +wsmancli +wvdial +x3270 +x3270-text +x3270-x11 +x86info +xalan-j2 +xcb-util +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xchat +xdelta +xdg-desktop-portal +xdg-desktop-portal-gtk +xdg-user-dirs +xdg-user-dirs-gtk +xdg-utils +xerces-c +xerces-j2 +xferstats +xfsdump +xfsprogs +xguest +xinetd +xkeyboard-config +xml-common +xml-commons-apis +xml-commons-resolver +xmlrpc-c +xmlrpc-c-client +xmlsec1 +xmlsec1-openssl +xmlto +xmltoman +xmlto-tex +xorg-x11-apps +xorg-x11-docs +xorg-x11-drivers +xorg-x11-drv-ati +xorg-x11-drv-dummy +xorg-x11-drv-evdev +xorg-x11-drv-fbdev +xorg-x11-drv-intel +xorg-x11-drv-keyboard +xorg-x11-drv-libinput +xorg-x11-drv-mouse +xorg-x11-drv-nouveau +xorg-x11-drv-openchrome +xorg-x11-drv-qxl +xorg-x11-drv-synaptics +xorg-x11-drv-v4l +xorg-x11-drv-vesa +xorg-x11-drv-vmmouse +xorg-x11-drv-vmware +xorg-x11-drv-void +xorg-x11-drv-wacom +xorg-x11-fonts-100dpi +xorg-x11-fonts-75dpi +xorg-x11-fonts-cyrillic +xorg-x11-fonts-ethiopic +xorg-x11-fonts-ISO8859-1-100dpi +xorg-x11-fonts-ISO8859-14-100dpi +xorg-x11-fonts-ISO8859-14-75dpi +xorg-x11-fonts-ISO8859-15-75dpi +xorg-x11-fonts-ISO8859-1-75dpi +xorg-x11-fonts-ISO8859-2-100dpi +xorg-x11-fonts-ISO8859-2-75dpi +xorg-x11-fonts-ISO8859-9-100dpi +xorg-x11-fonts-ISO8859-9-75dpi +xorg-x11-fonts-misc +xorg-x11-fonts-Type1 +xorg-x11-font-utils +xorg-x11-proto-devel +xorg-x11-server-common +xorg-x11-server-utils +xorg-x11-server-Xephyr +xorg-x11-server-Xorg +xorg-x11-utils +xorg-x11-xauth +xorg-x11-xbitmaps +xorg-x11-xinit +xorg-x11-xkb-utils +xorriso +xpp3 +xrestop +xsane-common +xsane-gimp +xsettings-kde +xsom +xterm +xulrunner +xvattr +xz +xz-devel +xz-libs +yaboot +yajl +yelp +yelp-libs +yelp-tools +yelp-xsl +ypbind +ypserv +yp-tools +yum +yum-cron +yum-langpacks +yum-metadata-parser +yum-plugin-aliases +yum-plugin-changelog +yum-plugin-ovl +yum-plugin-tmprepo +yum-plugin-verify +yum-plugin-versionlock +yum-rhn-plugin +yum-utils +zenity +zip +zlib +zlib-devel +zsh +zziplib diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/389-ds-base-libs_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/389-ds-base-libs_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/389-ds-base-libs_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/389-ds-base_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/389-ds-base_security_api_results.json new file mode 100644 index 0000000..88b41f6 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/389-ds-base_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2019-14824","severity":"important","public_date":"2019-11-04T09:14:00Z","advisories":["RHSA-2019:3401","RHSA-2020:0464","RHSA-2019:3981"],"bugzilla":"1747448","bugzilla_description":"CVE-2019-14824 389-ds-base: Read permission check bypass via the deref plugin","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["389-ds:1.4-8000020191107193846.187e9a3f","389-ds:1.4-8010020190903200205.eb48df33","389-ds-base-0:1.3.9.1-12.el7_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14824.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2019-10171","severity":"important","public_date":"2019-06-19T00:00:00Z","advisories":["RHSA-2019:1789"],"bugzilla":"1722081","bugzilla_description":"CVE-2019-10171 389-ds-base: Insufficient fix for CVE-2018-14648 denial of service in RHEL-7.5","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["389-ds-base-0:1.3.7.5-30.el7_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10171.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-3883","severity":"moderate","public_date":"2019-04-12T00:00:00Z","advisories":["RHSA-2019:3401","RHSA-2019:1896"],"bugzilla":"1693612","bugzilla_description":"CVE-2019-3883 389-ds-base: DoS via hanging secured connections","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["389-ds-base-0:1.3.8.4-25.1.el7_6","389-ds:1.4-8010020190903200205.eb48df33"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3883.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2019-10224","severity":"low","public_date":"2018-11-27T00:00:00Z","advisories":["RHSA-2019:3401"],"bugzilla":"1677147","bugzilla_description":"CVE-2019-10224 389-ds-base: using dscreate in verbose mode results in information disclosure","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-522","affected_packages":["389-ds:1.4-8010020190903200205.eb48df33"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10224.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2018-14648","severity":"moderate","public_date":"2018-09-21T00:00:00Z","advisories":["RHSA-2018:3507","RHSA-2018:3127"],"bugzilla":"1630668","bugzilla_description":"CVE-2018-14648 389-ds-base: Mishandled search requests in servers/slapd/search.c:do_search() allows for denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["389-ds-base-0:1.3.8.4-15.el7","389-ds-base-0:1.3.7.5-29.el7_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14648.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-14624","severity":"moderate","public_date":"2018-08-31T00:36:00Z","advisories":["RHSA-2018:2757"],"bugzilla":"1619450","bugzilla_description":"CVE-2018-14624 389-ds-base: Server crash through modify command with large DN","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["389-ds-base-0:1.3.7.5-28.el7_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14624.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-14638","severity":"moderate","public_date":"2018-08-30T00:00:00Z","advisories":["RHSA-2018:2757"],"bugzilla":"1626079","bugzilla_description":"CVE-2018-14638 389-ds-base: Crash in delete_passwdPolicy when persistent search connections are terminated unexpectedly","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["389-ds-base-0:1.3.7.5-28.el7_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14638.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-10935","severity":"moderate","public_date":"2018-07-22T00:00:00Z","advisories":["RHSA-2018:2757"],"bugzilla":"1613606","bugzilla_description":"CVE-2018-10935 389-ds-base: ldapsearch with server side sort allows users to cause a crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["389-ds-base-0:1.3.7.5-28.el7_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10935.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2018-10871","severity":"moderate","public_date":"2018-06-18T00:00:00Z","advisories":["RHSA-2019:3401"],"bugzilla":"1591480","bugzilla_description":"CVE-2018-10871 389-ds-base: replication and the Retro Changelog plugin store plaintext password by default","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-312","affected_packages":["389-ds:1.4-8010020190903200205.eb48df33"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10871.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N","cvss3_score":"3.8"},{"CVE":"CVE-2018-10850","severity":"moderate","public_date":"2018-06-06T00:00:00Z","advisories":["RHSA-2018:2757"],"bugzilla":"1588056","bugzilla_description":"CVE-2018-10850 389-ds-base: race condition on reference counter leads to DoS using persistent search","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":["389-ds-base-0:1.3.7.5-28.el7_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10850.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-1089","severity":"important","public_date":"2018-05-07T15:00:00Z","advisories":["RHSA-2018:1380","RHSA-2018:1364"],"bugzilla":"1559802","bugzilla_description":"CVE-2018-1089 389-ds-base: ns-slapd crash via large filter value in ldapsearch","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":["389-ds-base-0:1.2.11.15-95.el6_9","389-ds-base-0:1.3.7.5-21.el7_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1089.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-1054","severity":"important","public_date":"2018-03-05T00:00:00Z","advisories":["RHSA-2018:0515","RHSA-2018:0414"],"bugzilla":"1537314","bugzilla_description":"CVE-2018-1054 389-ds-base: remote Denial of Service (DoS) via search filters in SetUnicodeStringFromUTF_8 in collate.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["389-ds-base-0:1.2.11.15-94.el6_9","389-ds-base-0:1.3.6.1-28.el7_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1054.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-15135","severity":"moderate","public_date":"2018-01-22T00:00:00Z","advisories":["RHSA-2018:0515","RHSA-2018:0414"],"bugzilla":"1525628","bugzilla_description":"CVE-2017-15135 389-ds-base: Authentication bypass due to lack of size check in slapi_ct_memcmp function in ch_malloc.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-287","affected_packages":["389-ds-base-0:1.2.11.15-94.el6_9","389-ds-base-0:1.3.6.1-28.el7_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15135.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"4.6"},{"CVE":"CVE-2017-15134","severity":"important","public_date":"2018-01-22T00:00:00Z","advisories":["RHSA-2018:0163"],"bugzilla":"1531573","bugzilla_description":"CVE-2017-15134 389-ds-base: Remote DoS via search filters in slapi_filter_sprintf in slapd/util.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["389-ds-base-0:1.3.6.1-26.el7_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15134.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-7551","severity":"moderate","public_date":"2017-07-31T00:00:00Z","advisories":["RHSA-2017:2569"],"bugzilla":"1477669","bugzilla_description":"CVE-2017-7551 389-ds-base: Password brute-force possible for locked account due to different return codes","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-209","affected_packages":["389-ds-base-0:1.3.6.1-19.el7_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7551.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2017-2668","severity":"important","public_date":"2017-04-10T00:00:00Z","advisories":["RHSA-2017:0920","RHSA-2017:0893"],"bugzilla":"1436575","bugzilla_description":"CVE-2017-2668 389-ds-base: Remote crash via crafted LDAP messages","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["389-ds-base-0:1.2.11.15-91.el6_9","389-ds-base-0:1.3.5.10-20.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2668.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2016-5405","severity":"low","public_date":"2016-10-26T00:00:00Z","advisories":["RHSA-2016:2594","RHSA-2016:2765"],"bugzilla":"1358865","bugzilla_description":"CVE-2016-5405 389-ds-base: Password verification vulnerable to timing attack","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:N/A:N","CWE":"CWE-385","affected_packages":["389-ds-base-0:1.3.5.10-11.el7","389-ds-base-0:1.2.11.15-84.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5405.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N","cvss3_score":"6.8"},{"CVE":"CVE-2017-2591","severity":"low","public_date":"2016-09-13T00:00:00Z","advisories":[],"bugzilla":"1381481","bugzilla_description":"CVE-2017-2591 389-ds-base: Heap buffer overflow in uiduniq.c","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:N/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2591.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.7"},{"CVE":"CVE-2016-4992","severity":"low","public_date":"2016-06-17T00:00:00Z","advisories":["RHSA-2016:2594","RHSA-2016:2765"],"bugzilla":"1347760","bugzilla_description":"CVE-2016-4992 389-ds-base: Information disclosure via repeated use of LDAP ADD operation","cvss_score":3.5,"cvss_scoring_vector":"AV:N/AC:M/Au:S/C:P/I:N/A:N","CWE":"CWE-209","affected_packages":["389-ds-base-0:1.3.5.10-11.el7","389-ds-base-0:1.2.11.15-84.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4992.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2016-5416","severity":"moderate","public_date":"2016-05-25T00:00:00Z","advisories":["RHSA-2016:2594","RHSA-2016:2765"],"bugzilla":"1349540","bugzilla_description":"CVE-2016-5416 389-ds-base: ACI readable by anonymous user","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","CWE":"CWE-200","affected_packages":["389-ds-base-0:1.3.5.10-11.el7","389-ds-base-0:1.2.11.15-84.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5416.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2016-0741","severity":"important","public_date":"2016-01-15T00:00:00Z","advisories":["RHSA-2016:0204"],"bugzilla":"1299416","bugzilla_description":"CVE-2016-0741 389-ds-base: worker threads do not detect abnormally closed connections causing DoS","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-772->CWE-835","affected_packages":["389-ds-base-0:1.3.4.0-26.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0741.json"},{"CVE":"CVE-2015-3230","severity":"moderate","public_date":"2015-06-09T00:00:00Z","advisories":["RHBA-2015:1554"],"bugzilla":"1232096","bugzilla_description":"CVE-2015-3230 389-ds-base: nsSSL3Ciphers preference not enforced server side (regression)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-665->CWE-327","affected_packages":["389-ds-base-0:1.3.3.1-20.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3230.json"},{"CVE":"CVE-2015-1854","severity":"important","public_date":"2015-04-28T00:00:00Z","advisories":["RHSA-2015:0895"],"bugzilla":"1209573","bugzilla_description":"CVE-2015-1854 389-ds-base: access control bypass with modrdn","cvss_score":4.8,"cvss_scoring_vector":"AV:A/AC:L/Au:N/C:N/I:P/A:P","CWE":"CWE-697->CWE-863","affected_packages":["389-ds-base-0:1.3.3.1-16.ael7b_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1854.json"},{"CVE":"CVE-2014-8105","severity":"important","public_date":"2015-03-05T00:00:00Z","advisories":["RHSA-2015:0416","RHSA-2015:0628"],"bugzilla":"1167858","bugzilla_description":"CVE-2014-8105 389-ds-base: information disclosure through 'cn=changelog' subtree","cvss_score":5.8,"cvss_scoring_vector":"AV:A/AC:L/Au:N/C:P/I:P/A:P","CWE":"CWE-862->CWE-200","affected_packages":["389-ds-base-0:1.3.3.1-13.el7","389-ds-base-0:1.2.11.15-50.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8105.json"},{"CVE":"CVE-2014-8112","severity":"low","public_date":"2015-03-05T00:00:00Z","advisories":["RHSA-2015:0416"],"bugzilla":"1172729","bugzilla_description":"CVE-2014-8112 389-ds-base: password hashing bypassed when \"nsslapd-unhashed-pw-switch\" is set to off","cvss_score":1.4,"cvss_scoring_vector":"AV:A/AC:H/Au:S/C:P/I:N/A:N","CWE":"CWE-522","affected_packages":["389-ds-base-0:1.3.3.1-13.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8112.json"},{"CVE":"CVE-2014-3562","severity":"important","public_date":"2014-08-07T00:00:00Z","advisories":["RHSA-2014:1032","RHSA-2014:1031"],"bugzilla":"1123477","bugzilla_description":"CVE-2014-3562 389-ds: unauthenticated information disclosure","cvss_score":7.5,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","CWE":"CWE-862->CWE-201","affected_packages":["389-ds-base-0:1.3.1.6-26.el7_0","redhat-ds-base-0:8.2.11-15.el5dsrv","389-ds-base-0:1.2.11.15-34.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3562.json"},{"CVE":"CVE-2014-0132","severity":"important","public_date":"2014-03-13T00:00:00Z","advisories":["RHSA-2014:0292"],"bugzilla":"1074845","bugzilla_description":"CVE-2014-0132 389-ds: flaw in parsing authzid can lead to privilege escalation","cvss_score":6.5,"cvss_scoring_vector":"AV:N/AC:L/Au:S/C:P/I:P/A:P","CWE":"CWE-290","affected_packages":["389-ds-base-0:1.2.11.15-32.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0132.json"},{"CVE":"CVE-2013-4485","severity":"important","public_date":"2013-11-21T00:00:00Z","advisories":["RHSA-2013:1753","RHSA-2013:1752"],"bugzilla":"1024552","bugzilla_description":"CVE-2013-4485 389-ds-base: DoS due to improper handling of ger attr searches","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["389-ds-base-0:1.2.11.15-30.el6_5","redhat-ds-base-0:8.2.11-14.el5dsrv"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4485.json"},{"CVE":"CVE-2013-4283","severity":"important","public_date":"2013-08-28T00:00:00Z","advisories":["RHSA-2013:1182"],"bugzilla":"999634","bugzilla_description":"CVE-2013-4283 389-ds-base: ns-slapd crash due to bogus DN","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["389-ds-base-0:1.2.11.15-22.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4283.json"},{"CVE":"CVE-2013-2219","severity":"moderate","public_date":"2013-07-29T00:00:00Z","advisories":["RHSA-2013:1119","RHSA-2013:1116"],"bugzilla":"979508","bugzilla_description":"CVE-2013-2219 Directory Server: ACLs inoperative in some search scenarios","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["redhat-ds-base-0:8.2.11-13.el5dsrv","389-ds-base-0:1.2.11.15-20.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2219.json"},{"CVE":"CVE-2013-1897","severity":"low","public_date":"2013-03-28T00:00:00Z","advisories":["RHSA-2013:0742"],"bugzilla":"928105","bugzilla_description":"CVE-2013-1897 389-ds: unintended information exposure when rootdse is enabled","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["389-ds-base-0:1.2.11.15-14.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1897.json"},{"CVE":"CVE-2013-0336","severity":"moderate","public_date":"2013-03-27T00:00:00Z","advisories":[],"bugzilla":"913751","bugzilla_description":"CVE-2013-0336 389-ds-base: DoS when connecting with a missing username/dn","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0336.json"},{"CVE":"CVE-2013-0312","severity":"moderate","public_date":"2013-03-11T00:00:00Z","advisories":["RHSA-2013:0628"],"bugzilla":"912964","bugzilla_description":"CVE-2013-0312 389-ds: unauthenticated denial of service vulnerability in handling of LDAPv3 control data","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["389-ds-base-0:1.2.11.15-12.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0312.json"},{"CVE":"CVE-2012-2678","severity":"moderate","public_date":"2012-06-20T00:00:00Z","advisories":["RHSA-2012:0997","RHSA-2012:1041"],"bugzilla":"829933","bugzilla_description":"CVE-2012-2678 rhds/389: plaintext password disclosure flaw","cvss_score":4.0,"cvss_scoring_vector":"AV:N/AC:L/Au:S/C:P/I:N/A:N","CWE":null,"affected_packages":["389-ds-base-0:1.2.10.2-18.el6_3","redhat-ds-base-0:8.2.10-3.el5dsrv"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2678.json"},{"CVE":"CVE-2012-2746","severity":"low","public_date":"2012-05-10T00:00:00Z","advisories":["RHSA-2012:0997","RHSA-2012:1041"],"bugzilla":"833482","bugzilla_description":"CVE-2012-2746 rhds/389: plaintext password disclosure in audit log","cvss_score":1.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["389-ds-base-0:1.2.10.2-18.el6_3","redhat-ds-base-0:8.2.10-3.el5dsrv"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2746.json"},{"CVE":"CVE-2012-4450","severity":"moderate","public_date":"2012-04-16T00:00:00Z","advisories":["RHSA-2013:0503"],"bugzilla":"860603","bugzilla_description":"CVE-2012-4450 389-ds-base: Change on SLAPI_MODRDN_NEWSUPERIOR is not evaluated in ACL (ACL rules bypass possible)","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["389-ds-base-0:1.2.11.15-11.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4450.json"},{"CVE":"CVE-2012-0833","severity":"low","public_date":"2012-01-05T00:00:00Z","advisories":["RHSA-2012:0813","RHSA-2013:0549"],"bugzilla":"787014","bugzilla_description":"CVE-2012-0833 389: denial of service when using certificate groups","cvss_score":1.4,"cvss_scoring_vector":"AV:A/AC:H/Au:S/C:N/I:N/A:P","CWE":null,"affected_packages":["389-ds-base-0:1.2.10.2-15.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0833.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ElectricFence_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ElectricFence_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ElectricFence_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/GConf2_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/GConf2_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/GConf2_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/GeoIP_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/GeoIP_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/GeoIP_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ImageMagick-c++_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ImageMagick-c++_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ImageMagick-c++_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ImageMagick-perl_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ImageMagick-perl_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ImageMagick-perl_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ImageMagick_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ImageMagick_security_api_results.json new file mode 100644 index 0000000..3a6aa31 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ImageMagick_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2020-27560","severity":"low","public_date":"2020-10-18T00:00:00Z","advisories":[],"bugzilla":"1890687","bugzilla_description":"CVE-2020-27560 ImageMagick: division by zero in OptimizeLayerFrames function in MagickCore/layer.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-369","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27560.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2012-1610","severity":"moderate","public_date":"2020-07-31T00:00:00Z","advisories":[],"bugzilla":"1868354","bugzilla_description":"CVE-2012-1610 ImageMagick: integer overflow in the GetEXIFProperty function in magick/property.c could lead to DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1610.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-13902","severity":"moderate","public_date":"2020-06-07T00:00:00Z","advisories":[],"bugzilla":"1849028","bugzilla_description":"CVE-2020-13902 ImageMagick: heap-based buffer over-read in BlobToStringInfo in MagickCore/string.c during TIFF image decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13902.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2020-10251","severity":"moderate","public_date":"2020-03-03T00:00:00Z","advisories":[],"bugzilla":"1813322","bugzilla_description":"CVE-2020-10251 ImageMagick: out-of-bounds read in ReadHEICImageByID function in coders/heic.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10251.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2019-19952","severity":"moderate","public_date":"2019-12-23T00:00:00Z","advisories":[],"bugzilla":"1792465","bugzilla_description":"CVE-2019-19952 ImageMagick: use-after-free in MngInfoDiscardObject in coders/png.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19952.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2019-19949","severity":"low","public_date":"2019-12-23T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1792480","bugzilla_description":"CVE-2019-19949 ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19949.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2019-19948","severity":"moderate","public_date":"2019-12-23T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1793177","bugzilla_description":"CVE-2019-19948 ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19948.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2014-8561","severity":"low","public_date":"2019-11-14T00:00:00Z","advisories":[],"bugzilla":"1777543","bugzilla_description":"CVE-2014-8561 ImageMagick: convert +profile regression enters infinite loop exhausting memory","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8561.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2019-18853","severity":"moderate","public_date":"2019-10-29T00:00:00Z","advisories":[],"bugzilla":"1820568","bugzilla_description":"CVE-2019-18853 ImageMagick: XML_PARSE_HUGE not properly restricted in coders/svg.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18853.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-16709","severity":"low","public_date":"2019-09-23T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1801661","bugzilla_description":"CVE-2019-16709 ImageMagick: memory leak in coders/dps.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-772","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16709.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2019-16708","severity":"low","public_date":"2019-09-23T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1801665","bugzilla_description":"CVE-2019-16708 ImageMagick: memory leak in magick/xwindow.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-772","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16708.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2019-16710","severity":"low","public_date":"2019-09-23T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1801667","bugzilla_description":"CVE-2019-16710 ImageMagick: memory leak in coders/dot.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-772","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16710.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2019-16711","severity":"low","public_date":"2019-09-23T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1801673","bugzilla_description":"CVE-2019-16711 ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps2.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-772","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16711.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2019-16712","severity":"low","public_date":"2019-09-23T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1801674","bugzilla_description":"CVE-2019-16712 ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps3.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-772","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16712.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2019-16713","severity":"low","public_date":"2019-09-23T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1801681","bugzilla_description":"CVE-2019-16713 ImageMagick: memory leak in coders/dot.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-772","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16713.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2019-17547","severity":"moderate","public_date":"2019-08-18T00:00:00Z","advisories":[],"bugzilla":"1767041","bugzilla_description":"CVE-2019-17547 ImageMagick: use-after-free in TraceBezier function in MagickCore/draw.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17547.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2019-13302","severity":"moderate","public_date":"2019-07-17T00:00:00Z","advisories":[],"bugzilla":"1730571","bugzilla_description":"CVE-2019-13302 ImageMagick: heap-based buffer over-read in MagickCore/fourier.c in ComplexImages","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13302.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L","cvss3_score":"6.5"},{"CVE":"CVE-2019-13301","severity":"moderate","public_date":"2019-07-17T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1730575","bugzilla_description":"CVE-2019-13301 ImageMagick: memory leaks in AcquireMagickMemory","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13301.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2019-13300","severity":"moderate","public_date":"2019-07-17T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1730580","bugzilla_description":"CVE-2019-13300 ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13300.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-13299","severity":"moderate","public_date":"2019-07-17T00:00:00Z","advisories":[],"bugzilla":"1730583","bugzilla_description":"CVE-2019-13299 ImageMagick: heap-based buffer over-read at MagickCore/pixel-accessor.h in GetPixelChannel","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13299.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L","cvss3_score":"5.4"},{"CVE":"CVE-2019-13298","severity":"moderate","public_date":"2019-07-17T00:00:00Z","advisories":[],"bugzilla":"1730590","bugzilla_description":"CVE-2019-13298 ImageMagick: heap-based buffer overflow at MagickCore/pixel-accessor.h in SetPixelViaPixelInfo because of a MagickCore/enhance.c error","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13298.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-13297","severity":"moderate","public_date":"2019-07-17T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1730596","bugzilla_description":"CVE-2019-13297 ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13297.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L","cvss3_score":"5.4"},{"CVE":"CVE-2019-13296","severity":"low","public_date":"2019-07-17T00:00:00Z","advisories":[],"bugzilla":"1730599","bugzilla_description":"CVE-2019-13296 ImageMagick: direct memory leaks in AcquireMagickMemory because of an error in CLIListOperatorImages in MagickWand/operation.c for a NULL value","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13296.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2019-13295","severity":"moderate","public_date":"2019-07-17T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1730604","bugzilla_description":"CVE-2019-13295 ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13295.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L","cvss3_score":"5.4"},{"CVE":"CVE-2019-13311","severity":"low","public_date":"2019-07-16T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1730329","bugzilla_description":"CVE-2019-13311 ImageMagick: memory leaks at AcquireMagickMemory because of a wand/mogrify.c error","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13311.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2019-13310","severity":"low","public_date":"2019-07-16T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1730333","bugzilla_description":"CVE-2019-13310 ImageMagick: memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13310.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2019-13309","severity":"low","public_date":"2019-07-16T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1730337","bugzilla_description":"CVE-2019-13309 ImageMagick: memory leaks at AcquireMagickMemory due to mishandling the NoSuchImage error in CLIListOperatorImages","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13309.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2019-13308","severity":"moderate","public_date":"2019-07-16T00:00:00Z","advisories":[],"bugzilla":"1730342","bugzilla_description":"CVE-2019-13308 ImageMagick: heap-based buffer overflow in MagickCore/fourier.c in ComplexImage","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13308.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-13307","severity":"moderate","public_date":"2019-07-16T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1730351","bugzilla_description":"CVE-2019-13307 ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13307.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"7.3"},{"CVE":"CVE-2019-13306","severity":"moderate","public_date":"2019-07-16T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1730357","bugzilla_description":"CVE-2019-13306 ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13306.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-13305","severity":"moderate","public_date":"2019-07-16T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1730361","bugzilla_description":"CVE-2019-13305 ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13305.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-13304","severity":"moderate","public_date":"2019-07-16T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1730364","bugzilla_description":"CVE-2019-13304 ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-193","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13304.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-13303","severity":"moderate","public_date":"2019-07-16T00:00:00Z","advisories":[],"bugzilla":"1730368","bugzilla_description":"CVE-2019-13303 ImageMagick: heap-based buffer over-read in MagickCore/composite.c in CompositeImage","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13303.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-17540","severity":"moderate","public_date":"2019-07-14T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1765330","bugzilla_description":"CVE-2019-17540 ImageMagick: heap-based buffer overflow in ReadPSInfo in coders/ps.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17540.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-17541","severity":"moderate","public_date":"2019-07-14T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1767087","bugzilla_description":"CVE-2019-17541 ImageMagick: Use after free in ReadICCProfile function in coders/jpeg.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17541.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2019-13454","severity":"low","public_date":"2019-07-09T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1728474","bugzilla_description":"CVE-2019-13454 ImageMagick: division by zero in RemoveDuplicateLayers in MagickCore/layer.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-369","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13454.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2019-12974","severity":"moderate","public_date":"2019-06-26T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1732278","bugzilla_description":"CVE-2019-12974 imagemagick: null-pointer dereference in function ReadPANGOImage in coders/pango.c and ReadVIDImage in coders/vid.c causing denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12974.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-12975","severity":"low","public_date":"2019-06-26T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1732282","bugzilla_description":"CVE-2019-12975 imagemagick: memory leak vulnerability in function WriteDPXImage in coders/dpx.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12975.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2019-12976","severity":"low","public_date":"2019-06-26T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1732284","bugzilla_description":"CVE-2019-12976 imagemagick: memory leak vulnerability in function ReadPCLImage in coders/pcl.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12976.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2019-12977","severity":"moderate","public_date":"2019-06-26T00:00:00Z","advisories":[],"bugzilla":"1732289","bugzilla_description":"CVE-2019-12977 imagemagick: use of uninitialised value in function WriteJP2Image in coders/jp2.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-456","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12977.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"7.3"},{"CVE":"CVE-2019-12978","severity":"moderate","public_date":"2019-06-26T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1732292","bugzilla_description":"CVE-2019-12978 imagemagick: use of uninitialized value in function ReadPANGOImage in coders/pango.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-456","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12978.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"7.3"},{"CVE":"CVE-2019-12979","severity":"moderate","public_date":"2019-06-26T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1732294","bugzilla_description":"CVE-2019-12979 imagemagick: use of uninitialized value in functionSyncImageSettings in MagickCore/image.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-456","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12979.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"7.3"},{"CVE":"CVE-2019-13133","severity":"low","public_date":"2019-06-19T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1726078","bugzilla_description":"CVE-2019-13133 ImageMagick: a memory leak vulnerability in the function ReadBMPImage in coders/bmp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-772","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13133.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2019-13134","severity":"low","public_date":"2019-06-19T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1726081","bugzilla_description":"CVE-2019-13134 ImageMagick: a memory leak vulnerability in the function ReadVIFFImage in coders/viff.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-772","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13134.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2019-13137","severity":"low","public_date":"2019-06-19T00:00:00Z","advisories":[],"bugzilla":"1726084","bugzilla_description":"CVE-2019-13137 ImageMagick: a memory leak vulnerability in the function ReadPSImage in coders/ps.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-772","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13137.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"4.0"},{"CVE":"CVE-2019-13135","severity":"moderate","public_date":"2019-06-19T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1726104","bugzilla_description":"CVE-2019-13135 ImageMagick: a \"use of uninitialized value\" vulnerability in the function ReadCUTImage leading to a crash and DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-456","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13135.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.4"},{"CVE":"CVE-2019-13136","severity":"moderate","public_date":"2019-06-19T00:00:00Z","advisories":[],"bugzilla":"1726124","bugzilla_description":"CVE-2019-13136 ImageMagick: an integer overflow vulnerability in the function TIFFSeekCustomStream in coders/tiff.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13136.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.4"},{"CVE":"CVE-2019-13391","severity":"low","public_date":"2019-06-11T00:00:00Z","advisories":[],"bugzilla":"1727739","bugzilla_description":"CVE-2019-13391 ImageMagick: heap-based buffer over-read in MagickCore/fourier.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13391.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"4.0"},{"CVE":"CVE-2019-10131","severity":"low","public_date":"2019-04-30T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1704762","bugzilla_description":"CVE-2019-10131 ImageMagick: off-by-one read in formatIPTCfromBuffer function in coders/meta.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-193","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10131.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L","cvss3_score":"6.5"},{"CVE":"CVE-2019-15141","severity":"moderate","public_date":"2019-04-28T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1767802","bugzilla_description":"CVE-2019-15141 ImageMagick: heap-based buffer overflow in WriteTIFFImage in coders/tiff.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119->CWE-122","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15141.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2019-11597","severity":"moderate","public_date":"2019-04-27T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1705406","bugzilla_description":"CVE-2019-11597 ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11597.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2019-15140","severity":"moderate","public_date":"2019-04-27T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1767828","bugzilla_description":"CVE-2019-15140 ImageMagick: Use after free in ReadMATImage in coders/mat.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15140.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2019-14980","severity":"low","public_date":"2019-04-21T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1757779","bugzilla_description":"CVE-2019-14980 ImageMagick: use-after-free in magick/blob.c resulting in a denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14980.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.9"},{"CVE":"CVE-2019-15139","severity":"moderate","public_date":"2019-04-20T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1767812","bugzilla_description":"CVE-2019-15139 ImageMagick: out-of-bounds read in ReadXWDImage in coders/xwd.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15139.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2019-14981","severity":"low","public_date":"2019-04-18T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1757911","bugzilla_description":"CVE-2019-14981 ImageMagick: division by zero in MeanShiftImage in MagickCore/feature.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-369","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14981.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2019-11472","severity":"low","public_date":"2019-04-14T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1707768","bugzilla_description":"CVE-2019-11472 ImageMagick: denial of service in ReadXWDImage in coders/xwd.c in the XWD image parsing component","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-248","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11472.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2019-11598","severity":"moderate","public_date":"2019-04-08T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1705414","bugzilla_description":"CVE-2019-11598 ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11598.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L","cvss3_score":"6.5"},{"CVE":"CVE-2019-10649","severity":"low","public_date":"2019-03-28T00:00:00Z","advisories":[],"bugzilla":"1700417","bugzilla_description":"CVE-2019-10649 ImageMagick: memory leak in SVGKeyValuePairs of coders/svg.c that leads to denial of service via crafted image file","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-400|CWE-772)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10649.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2019-10650","severity":"low","public_date":"2019-03-28T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1700755","bugzilla_description":"CVE-2019-10650 ImageMagick: heap-based buffer over-read in WriteTIFFImage of coders/tiff.c leads to denial of service or information disclosure via crafted image file","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125->CWE-200","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10650.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2019-9956","severity":"moderate","public_date":"2019-03-22T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1692300","bugzilla_description":"CVE-2019-9956 imagemagick: stack-based buffer overflow in function PopHexPixel in coders/ps.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9956.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2019-10714","severity":"moderate","public_date":"2019-03-04T00:00:00Z","advisories":[],"bugzilla":"1695477","bugzilla_description":"CVE-2019-10714 ImageMagick: out-of-bounds access in function LocaleLowercase in MagickCore/locale.c leads to SIGSEGV","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10714.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"4.0"},{"CVE":"CVE-2019-11470","severity":"low","public_date":"2019-02-05T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1707770","bugzilla_description":"CVE-2019-11470 ImageMagick: denial of service in cineon parsing component","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11470.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2019-7398","severity":"low","public_date":"2019-01-17T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1672560","bugzilla_description":"CVE-2019-7398 ImageMagick: Memory leak in the WriteDIBImage function in coders/dib.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7398.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2019-7397","severity":"low","public_date":"2019-01-17T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1672564","bugzilla_description":"CVE-2019-7397 ImageMagick: Memory leak in the WritePDFImage function in coders/pdf.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7397.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2019-7396","severity":"low","public_date":"2019-01-17T00:00:00Z","advisories":[],"bugzilla":"1672567","bugzilla_description":"CVE-2019-7396 ImageMagick: Memory leak in the ReadSIXELImage function in coders/sixel.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7396.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2019-7395","severity":"low","public_date":"2019-01-17T00:00:00Z","advisories":[],"bugzilla":"1672576","bugzilla_description":"CVE-2019-7395 ImageMagick: Memory leak in the WritePSDChannel function in coders/psd.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7395.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2019-7175","severity":"low","public_date":"2019-01-17T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1687436","bugzilla_description":"CVE-2019-7175 imagemagick: memory leak in function DecodeImage in coders/pcd.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7175.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"4.0"},{"CVE":"CVE-2018-20467","severity":"low","public_date":"2018-12-06T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1664845","bugzilla_description":"CVE-2018-20467 ImageMagick: infinite loop in coders/bmp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20467.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-18544","severity":"low","public_date":"2018-10-19T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1642614","bugzilla_description":"CVE-2018-18544 ImageMagick: memory leak in WriteMSLImage of coders/msl.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18544.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-18023","severity":"low","public_date":"2018-10-05T00:00:00Z","advisories":[],"bugzilla":"1637186","bugzilla_description":"CVE-2018-18023 ImageMagick: heap-based buffer over-read in the SVGStripString function of coders/svg.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18023.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-18024","severity":"low","public_date":"2018-10-05T00:00:00Z","advisories":[],"bugzilla":"1637189","bugzilla_description":"CVE-2018-18024 ImageMagick: infinite loop in the ReadBMPImage function of the coders/bmp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18024.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-18025","severity":"low","public_date":"2018-10-05T00:00:00Z","advisories":[],"bugzilla":"1637191","bugzilla_description":"CVE-2018-18025 ImageMagick: heap-based buffer over-read in the EncodeImage function of coders/pict.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18025.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-16749","severity":"low","public_date":"2018-09-11T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1627916","bugzilla_description":"CVE-2018-16749 ImageMagick: reachable assertion in ReadOneJNGImage in coders/png.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-617","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16749.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-16750","severity":"low","public_date":"2018-09-11T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1627917","bugzilla_description":"CVE-2018-16750 ImageMagick: Memory leak in the formatIPTCfromBuffer function in coders/meta.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16750.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-16644","severity":"low","public_date":"2018-08-27T00:00:00Z","advisories":[],"bugzilla":"1626606","bugzilla_description":"CVE-2018-16644 ImageMagick: improper check for length in ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16644.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-16645","severity":"low","public_date":"2018-08-27T00:00:00Z","advisories":[],"bugzilla":"1626611","bugzilla_description":"CVE-2018-16645 ImageMagick: Out-of-memory ReadBMPImage of coders/bmp.c and ReadDIBImage of codes/dib.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16645.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-15607","severity":"low","public_date":"2018-08-21T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1622738","bugzilla_description":"CVE-2018-15607 ImageMagick: CPU Exhaustion via crafted input file","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20->CWE-400","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-15607.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-16412","severity":"low","public_date":"2018-08-19T00:00:00Z","advisories":[],"bugzilla":"1625429","bugzilla_description":"CVE-2018-16412 ImageMagick: heap-based buffer over-read in the ParseImageResourceBlocks function in coders/psd.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16412.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-16413","severity":"low","public_date":"2018-08-19T00:00:00Z","advisories":[],"bugzilla":"1625430","bugzilla_description":"CVE-2018-16413 ImageMagick: heap-based buffer over-read in the PushShortPixel function in MagickCore/quantum-private.h","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16413.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-16323","severity":"low","public_date":"2018-07-24T00:00:00Z","advisories":[],"bugzilla":"1624964","bugzilla_description":"CVE-2018-16323 ImageMagick: Information leak in ReadXBMImage in coders/xbm.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-665->CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16323.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2018-16328","severity":"low","public_date":"2018-07-23T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1624955","bugzilla_description":"CVE-2018-16328 ImageMagick: NULL pointer dereference in CheckEventLogging function in MagickCore/log.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16328.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"4.3"},{"CVE":"CVE-2018-16329","severity":"low","public_date":"2018-07-23T00:00:00Z","advisories":[],"bugzilla":"1624957","bugzilla_description":"CVE-2018-16329 ImageMagick: NULL pointer dereference in GetMagickProperty function in MagickCore/property.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16329.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"4.3"},{"CVE":"CVE-2018-14551","severity":"low","public_date":"2018-07-20T00:00:00Z","advisories":[],"bugzilla":"1610620","bugzilla_description":"CVE-2018-14551 ImageMagick: Uninitialized variable in coders/mat.c:ReadMATImageV4() allows for memory corruption","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-456","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14551.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"4.3"},{"CVE":"CVE-2018-16641","severity":"low","public_date":"2018-07-12T00:00:00Z","advisories":[],"bugzilla":"1626585","bugzilla_description":"CVE-2018-16641 ImageMagick: memory leak in TIFFWritePhotoshopLayers function in coders/tiff.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16641.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-16640","severity":"low","public_date":"2018-07-06T00:00:00Z","advisories":[],"bugzilla":"1626570","bugzilla_description":"CVE-2018-16640 ImageMagick: memory leak in ReadOneJNGImage function in coders/png.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16640.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-16643","severity":"low","public_date":"2018-07-05T00:00:00Z","advisories":[],"bugzilla":"1626599","bugzilla_description":"CVE-2018-16643 ImageMagick: missing check for fputc function in multiple files","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16643.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-13153","severity":"low","public_date":"2018-07-04T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1598471","bugzilla_description":"CVE-2018-13153 ImageMagick: memory leak in the XMagickCommand function in MagickCore/animate.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-13153.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.5"},{"CVE":"CVE-2018-14434","severity":"low","public_date":"2018-07-04T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1609933","bugzilla_description":"CVE-2018-14434 ImageMagick: memory leak for a colormap in WriteMPCImage in coders/mpc.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14434.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-14435","severity":"low","public_date":"2018-07-04T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1609936","bugzilla_description":"CVE-2018-14435 ImageMagick: memory leak in DecodeImage in coders/pcd.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14435.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.5"},{"CVE":"CVE-2018-14436","severity":"low","public_date":"2018-07-04T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1609939","bugzilla_description":"CVE-2018-14436 ImageMagick: memory leak in ReadMIFFImage in coders/miff.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14436.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-14437","severity":"low","public_date":"2018-07-04T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1609942","bugzilla_description":"CVE-2018-14437 ImageMagick: memory leak in parse8BIM in coders/meta.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14437.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-12599","severity":"moderate","public_date":"2018-06-19T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1594338","bugzilla_description":"CVE-2018-12599 ImageMagick: out of bounds write in ReadBMPImage and WriteBMPImage in coders/bmp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12599.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-12600","severity":"moderate","public_date":"2018-06-19T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1594339","bugzilla_description":"CVE-2018-12600 ImageMagick: out of bounds write ReadDIBImage and WriteDIBImage in coders/dib.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12600.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-16642","severity":"moderate","public_date":"2018-06-01T00:00:00Z","advisories":[],"bugzilla":"1626591","bugzilla_description":"CVE-2018-16642 ImageMagick: out-of-bounds write in InsertRow function in coders/cut.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16642.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-11625","severity":"low","public_date":"2018-05-30T00:00:00Z","advisories":[],"bugzilla":"1584904","bugzilla_description":"CVE-2018-11625 ImageMagick: heap-based buffer over-read in SetGrayscaleImage in the quantize.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11625.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-11624","severity":"low","public_date":"2018-05-29T00:00:00Z","advisories":[],"bugzilla":"1584898","bugzilla_description":"CVE-2018-11624 ImageMagick: use after free in ReadMATImage function in coders/mat.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11624.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-10177","severity":"low","public_date":"2018-04-17T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1572044","bugzilla_description":"CVE-2018-10177 ImageMagick: Infinite loop in coders/png.c:ReadOneMNGImage() allows attackers to cause a denial of service via crafted MNG file","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10177.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-9133","severity":"low","public_date":"2018-03-29T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1563875","bugzilla_description":"CVE-2018-9133 ImageMagick: excessive iteration in the DecodeLabImage and EncodeLabImage functions in coders/tiff.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9133.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-10805","severity":"low","public_date":"2018-03-24T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1577398","bugzilla_description":"CVE-2018-10805 ImageMagick: Memory leak in ReadYCBCRImage","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-401","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10805.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-10804","severity":"low","public_date":"2018-03-24T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1577399","bugzilla_description":"CVE-2018-10804 ImageMagick: Memory leak in WriteTIFFImage","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-401","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10804.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-18016","severity":"low","public_date":"2018-03-24T00:00:00Z","advisories":[],"bugzilla":"1636579","bugzilla_description":"CVE-2018-18016 ImageMagick: memory leak in WritePCXImage in coders/pcx.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18016.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-17966","severity":"low","public_date":"2018-03-24T00:00:00Z","advisories":[],"bugzilla":"1636587","bugzilla_description":"CVE-2018-17966 ImageMagick: memory leak in WritePDBImage in coders/pdb.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17966.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-17967","severity":"low","public_date":"2018-03-24T00:00:00Z","advisories":[],"bugzilla":"1636590","bugzilla_description":"CVE-2018-17967 ImageMagick: memory leak in ReadBGRImage in coders/bgr.c.","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17967.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-17965","severity":"low","public_date":"2018-03-24T00:00:00Z","advisories":[],"bugzilla":"1636592","bugzilla_description":"CVE-2018-17965 ImageMagick: memory leak in WriteSGIImage in coders/sgi.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17965.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-8804","severity":"low","public_date":"2018-03-15T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1559892","bugzilla_description":"CVE-2018-8804 ImageMagick: double free in WriteEPTImage function in coders/ept.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8804.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-8960","severity":"low","public_date":"2018-03-13T00:00:00Z","advisories":[],"bugzilla":"1561190","bugzilla_description":"CVE-2018-8960 ImageMagick: heap-buffer-overflow in ReadTIFFImage function in coders/tiff.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8960.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-9135","severity":"low","public_date":"2018-03-02T00:00:00Z","advisories":[],"bugzilla":"1563889","bugzilla_description":"CVE-2018-9135 ImageMagick: Heap-based buffer over-read in coders/webp.c:IsWEBPImageLossless()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9135.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-7443","severity":"low","public_date":"2018-02-23T00:00:00Z","advisories":[],"bugzilla":"1549668","bugzilla_description":"CVE-2018-7443 ImageMagick: Memory allocation failure in ReadTIFFImage function in memory.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7443.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-7470","severity":"low","public_date":"2018-02-23T00:00:00Z","advisories":[],"bugzilla":"1549786","bugzilla_description":"CVE-2018-7470 ImageMagick: denial of service (DoS) in IsWEBPImageLossless function in coders/webp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-665","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7470.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-6876","severity":"low","public_date":"2018-02-07T00:00:00Z","advisories":[],"bugzilla":"1544777","bugzilla_description":"CVE-2018-6876 ImageMagick: Stack-based buffer under-read in ole/oleprop.cpp","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6876.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-6405","severity":"low","public_date":"2018-01-31T00:00:00Z","advisories":[],"bugzilla":"1541866","bugzilla_description":"CVE-2018-6405 ImageMagick: Memory leak in coders/dcm.c:ReadDCMImage can allow for denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6405.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-6930","severity":"low","public_date":"2018-01-31T00:00:00Z","advisories":[],"bugzilla":"1544789","bugzilla_description":"CVE-2018-6930 ImageMagick: Stack-based buffer over-read in the ComputeResizeImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6930.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-11251","severity":"low","public_date":"2018-01-23T00:00:00Z","advisories":[],"bugzilla":"1581493","bugzilla_description":"CVE-2018-11251 ImageMagick: heap-based buffer over-read in ReadSUNImage in coders/sun.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11251.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-5357","severity":"moderate","public_date":"2018-01-15T00:00:00Z","advisories":[],"bugzilla":"1534382","bugzilla_description":"CVE-2018-5357 ImageMagick: memory leak in coders/dcm.c:ReadDCImage can cause denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5357.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2018-5358","severity":"moderate","public_date":"2018-01-12T00:00:00Z","advisories":[],"bugzilla":"1534380","bugzilla_description":"CVE-2018-5358 ImageMagick: memory leak in coders/json.c:EncodeImageAttributes could cause crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5358.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2018-5246","severity":"low","public_date":"2018-01-04T00:00:00Z","advisories":[],"bugzilla":"1533546","bugzilla_description":"CVE-2018-5246 ImageMagick: Memory Leak in ReadPATTERNImage in coders/pattern.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5246.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2018-5247","severity":"low","public_date":"2018-01-04T00:00:00Z","advisories":[],"bugzilla":"1533553","bugzilla_description":"CVE-2018-5247 ImageMagick: Memory Leak in ReadRLAImage in coders/rla.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5247.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2018-5248","severity":"low","public_date":"2018-01-04T00:00:00Z","advisories":[],"bugzilla":"1533568","bugzilla_description":"CVE-2018-5248 ImageMagick: Heap-based buffer over-read in the ReadSIXELImage function in coders/sixel.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5248.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2018-11655","severity":"low","public_date":"2018-01-04T00:00:00Z","advisories":[],"bugzilla":"1588165","bugzilla_description":"CVE-2018-11655 ImageMagick: memory leak in GetImagePixelCache function in MagickCore/cache.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11655.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-11656","severity":"low","public_date":"2018-01-04T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1588170","bugzilla_description":"CVE-2018-11656 ImageMagick: memory leak in ReadDCMImage function in coders/dcm.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11656.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2017-1000445","severity":"moderate","public_date":"2018-01-02T00:00:00Z","advisories":[],"bugzilla":"1531351","bugzilla_description":"CVE-2017-1000445 imagemagick: NULL pointer dereference in MagickCore component can lead to a denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000445.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2017-18008","severity":"low","public_date":"2017-12-27T00:00:00Z","advisories":[],"bugzilla":"1531257","bugzilla_description":"CVE-2017-18008 ImageMagick: Memory Leak in ReadPWPImage in coders/pwp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18008.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"4.3"},{"CVE":"CVE-2017-17934","severity":"low","public_date":"2017-12-26T00:00:00Z","advisories":[],"bugzilla":"1529585","bugzilla_description":"CVE-2017-17934 ImageMagick: memory leaks in coders/msl.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17934.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2017-18272","severity":"low","public_date":"2017-12-25T00:00:00Z","advisories":[],"bugzilla":"1581485","bugzilla_description":"CVE-2017-18272 ImageMagick: use-after-free in ReadOneMNGImage function in coders/png.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18272.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-17879","severity":"low","public_date":"2017-12-24T00:00:00Z","advisories":[],"bugzilla":"1529170","bugzilla_description":"CVE-2017-17879 ImageMagick: Heap-based buffer over-read in ReadOneMNGImage function in coders/png.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17879.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-17880","severity":"low","public_date":"2017-12-22T00:00:00Z","advisories":[],"bugzilla":"1529316","bugzilla_description":"CVE-2017-17880 ImageMagick: stack-based buffer over-read in WriteWEBPImage in coders/webp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17880.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L","cvss3_score":"4.4"},{"CVE":"CVE-2017-17914","severity":"low","public_date":"2017-12-22T00:00:00Z","advisories":[],"bugzilla":"1529550","bugzilla_description":"CVE-2017-17914 ImageMagick: denial of service in the function ReadOnePNGImage in coders/png.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-460","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17914.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-18271","severity":"low","public_date":"2017-12-22T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1581486","bugzilla_description":"CVE-2017-18271 ImageMagick: infinite loop in ReadMIFFImage function in coders/miff.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18271.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-18273","severity":"low","public_date":"2017-12-21T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1581489","bugzilla_description":"CVE-2017-18273 ImageMagick: infinite loop ReadTXTImage in function in coders/txt.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18273.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-17887","severity":"low","public_date":"2017-12-20T00:00:00Z","advisories":[],"bugzilla":"1529511","bugzilla_description":"CVE-2017-17887 ImageMagick: memory leak in the function GetImagePixelCache","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17887.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-17884","severity":"low","public_date":"2017-12-19T00:00:00Z","advisories":[],"bugzilla":"1529382","bugzilla_description":"CVE-2017-17884 ImageMagick: memory leak in function WriteOnePNGImage in coders/png.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17884.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-18022","severity":"low","public_date":"2017-12-19T00:00:00Z","advisories":[],"bugzilla":"1533612","bugzilla_description":"CVE-2017-18022 ImageMagick: Memory Leak in MontageImageCommand function in MagickWand/montage.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18022.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2017-17680","severity":"low","public_date":"2017-12-14T00:00:00Z","advisories":[],"bugzilla":"1526069","bugzilla_description":"CVE-2017-17680 ImageMagick: Memory leak in ReadXPMImage function in coders/xpm.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17680.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-17681","severity":"low","public_date":"2017-12-14T00:00:00Z","advisories":[],"bugzilla":"1526073","bugzilla_description":"CVE-2017-17681 ImageMagick: Infinite loop in ReadPSDChannelZip function in coders/psd.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17681.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-17682","severity":"low","public_date":"2017-12-14T00:00:00Z","advisories":[],"bugzilla":"1526077","bugzilla_description":"CVE-2017-17682 ImageMagick: Resource exhaustion in ExtractPostscript function in coders/wpg.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17682.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-17881","severity":"low","public_date":"2017-11-24T00:00:00Z","advisories":[],"bugzilla":"1529353","bugzilla_description":"CVE-2017-17881 ImageMagick: memory leak vulnerability in the function ReadMATImage in coders/mat.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17881.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-17882","severity":"low","public_date":"2017-11-24T00:00:00Z","advisories":[],"bugzilla":"1529369","bugzilla_description":"CVE-2017-17882 ImageMagick: Memory leak in function ReadXPMImage in coders/xpm.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17882.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-17883","severity":"low","public_date":"2017-11-24T00:00:00Z","advisories":[],"bugzilla":"1529374","bugzilla_description":"CVE-2017-17883 ImageMagick: memory leak in the function ReadPGXImage in coders/pgx.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17883.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-17885","severity":"low","public_date":"2017-11-24T00:00:00Z","advisories":[],"bugzilla":"1529387","bugzilla_description":"CVE-2017-17885 ImageMagick: memory leak in the function ReadPICTImage in coders/pict.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17885.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-17886","severity":"low","public_date":"2017-11-22T00:00:00Z","advisories":[],"bugzilla":"1529503","bugzilla_description":"CVE-2017-17886 ImageMagick: memory leak in the function ReadPSDChannelZip in coders/psd.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17886.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-17504","severity":"low","public_date":"2017-11-21T00:00:00Z","advisories":[],"bugzilla":"1524902","bugzilla_description":"CVE-2017-17504 ImageMagick: Heap-based buffer overflow in Magick_png_read_raw_profile","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17504.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-1000476","severity":"low","public_date":"2017-11-17T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1532845","bugzilla_description":"CVE-2017-1000476 ImageMagick: CPU exhaustion vulnerability in function ReadDDSInfo in coders/dds.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000476.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-17499","severity":"low","public_date":"2017-11-15T00:00:00Z","advisories":[],"bugzilla":"1524900","bugzilla_description":"CVE-2017-17499 ImageMagick: Use-after-free in Magick::Image::read","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17499.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-16546","severity":"low","public_date":"2017-11-04T00:00:00Z","advisories":[],"bugzilla":"1513940","bugzilla_description":"CVE-2017-16546 ImageMagick: Invalid memory allocation in the ReadWPGImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16546.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-16352","severity":"low","public_date":"2017-11-01T00:00:00Z","advisories":[],"bugzilla":"1512043","bugzilla_description":"CVE-2017-16352 ImageMagick, GraphicsMagick: Heap based buffer over-write in DescribeImage() function of the magick/describe.c or magick/image.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16352.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-16353","severity":"low","public_date":"2017-11-01T00:00:00Z","advisories":[],"bugzilla":"1512047","bugzilla_description":"CVE-2017-16353 ImageMagick, GraphicsMagick: memory information disclosure in DescribeImage function in magick/describe.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16353.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2017-15281","severity":"low","public_date":"2017-10-09T00:00:00Z","advisories":[],"bugzilla":"1510427","bugzilla_description":"CVE-2017-15281 ImageMagick: Conditional statement depends on unitialized value","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15281.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-18209","severity":"low","public_date":"2017-09-30T00:00:00Z","advisories":[],"bugzilla":"1552312","bugzilla_description":"CVE-2017-18209 ImageMagick: NULL pointer dereference in GetOpenCLCachedFilesDirectory function in magick/opencl.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18209.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-18210","severity":"low","public_date":"2017-09-30T00:00:00Z","advisories":[],"bugzilla":"1552316","bugzilla_description":"CVE-2017-18210 ImageMagick: NULL pointer dereference in BenchmarkOpenCLDevices in MagickCore/opencl.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18210.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-18211","severity":"low","public_date":"2017-09-30T00:00:00Z","advisories":[],"bugzilla":"1552320","bugzilla_description":"CVE-2017-18211 ImageMagick: NULL pointer dereference in saveBinaryCLProgram in magick/opencl.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18211.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-18250","severity":"low","public_date":"2017-09-30T00:00:00Z","advisories":[],"bugzilla":"1561738","bugzilla_description":"CVE-2017-18250 ImageMagick: NULL pointer dereference in LogOpenCLBuildFailure function in MagickCore/opencl.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18250.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-18251","severity":"low","public_date":"2017-09-30T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1561741","bugzilla_description":"CVE-2017-18251 ImageMagick: memory leak in ReadPCDImage function in coders/pcd.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18251.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-18252","severity":"low","public_date":"2017-09-30T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1561742","bugzilla_description":"CVE-2017-18252 ImageMagick: assertion failure in MogrifyImageList function in MagickWand/mogrify.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-617","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18252.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-18253","severity":"low","public_date":"2017-09-30T00:00:00Z","advisories":[],"bugzilla":"1561743","bugzilla_description":"CVE-2017-18253 ImageMagick: NULL pointer dereference LoadOpenCLDevices function in MagickCore/opencl.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18253.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-18254","severity":"low","public_date":"2017-09-30T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1561744","bugzilla_description":"CVE-2017-18254 ImageMagick: memory leak in WriteGIFImage function in coders/gif.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18254.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-14739","severity":"low","public_date":"2017-09-25T00:00:00Z","advisories":[],"bugzilla":"1500240","bugzilla_description":"CVE-2017-14739 ImageMagick: NULL pointer dereference in the AcquireResampleFilterThreadSet function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14739.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-14989","severity":"low","public_date":"2017-09-25T00:00:00Z","advisories":[],"bugzilla":"1500348","bugzilla_description":"CVE-2017-14989 ImageMagick: Use-after-free in RendererFreetype","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14989.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-18231","severity":"low","public_date":"2017-09-25T00:00:00Z","advisories":[],"bugzilla":"1558746","bugzilla_description":"CVE-2017-18231 GraphicsMagick: NULL pointer dereference in ReadEnhMetaFile function in coders/emf.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18231.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-14684","severity":"low","public_date":"2017-09-21T00:00:00Z","advisories":[],"bugzilla":"1500013","bugzilla_description":"CVE-2017-14684 ImageMagick: Memory leak in the function ReadVIPSImage","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14684.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-14741","severity":"low","public_date":"2017-09-21T00:00:00Z","advisories":[],"bugzilla":"1500241","bugzilla_description":"CVE-2017-14741 ImageMagick: Infinite loop in the ReadCAPTIONImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14741.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-14607","severity":"low","public_date":"2017-09-20T00:00:00Z","advisories":[],"bugzilla":"1496592","bugzilla_description":"CVE-2017-14607 ImageMagick: Out-of-bounds read in ReadTIFFImage in coders/tiff.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14607.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-14682","severity":"low","public_date":"2017-09-18T00:00:00Z","advisories":[],"bugzilla":"1500009","bugzilla_description":"CVE-2017-14682 ImageMagick: Heap buffer overflow in the GetNextToken function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14682.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-14505","severity":"low","public_date":"2017-09-17T00:00:00Z","advisories":[],"bugzilla":"1494540","bugzilla_description":"CVE-2017-14505 ImageMagick: Null pointer dereference in DrawGetStrokeDashArray function in wand/drawing-wand.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14505.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-15217","severity":"low","public_date":"2017-09-15T00:00:00Z","advisories":[],"bugzilla":"1500680","bugzilla_description":"CVE-2017-15217 ImageMagick: Memory leak in ReadSGIImage","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15217.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-15218","severity":"low","public_date":"2017-09-15T00:00:00Z","advisories":[],"bugzilla":"1500682","bugzilla_description":"CVE-2017-15218 ImageMagick: Memory leak in ReadOneJNGImage","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15218.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-15033","severity":"low","public_date":"2017-09-14T00:00:00Z","advisories":[],"bugzilla":"1500423","bugzilla_description":"CVE-2017-15033 ImageMagick: Memory leak in ReadYUVImage","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15033.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-15032","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":[],"bugzilla":"1500422","bugzilla_description":"CVE-2017-15032 ImageMagick: Memory leak in ReadYCBCRImage","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15032.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-14400","severity":"low","public_date":"2017-09-11T00:00:00Z","advisories":[],"bugzilla":"1491280","bugzilla_description":"CVE-2017-14400 ImageMagick: NULL pointer dereference in the GetVirtualPixels function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14400.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-14324","severity":"low","public_date":"2017-09-08T00:00:00Z","advisories":[],"bugzilla":"1491276","bugzilla_description":"CVE-2017-14324 ImageMagick: Memory leak in the ReadMPCImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14324.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-14325","severity":"low","public_date":"2017-09-08T00:00:00Z","advisories":[],"bugzilla":"1491345","bugzilla_description":"CVE-2017-14325 ImageMagick: Memory leak in the PersistPixelCache function","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14325.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-14326","severity":"low","public_date":"2017-09-08T00:00:00Z","advisories":[],"bugzilla":"1491347","bugzilla_description":"CVE-2017-14326 ImageMagick: Memory leak in the ReadMATImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14326.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-14172","severity":"low","public_date":"2017-09-07T00:00:00Z","advisories":[],"bugzilla":"1489700","bugzilla_description":"CVE-2017-14172 ImageMagick: Lack of an EOF check in ReadPSImage() function","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14172.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-14173","severity":"low","public_date":"2017-09-07T00:00:00Z","advisories":[],"bugzilla":"1489702","bugzilla_description":"CVE-2017-14173 ImageMagick: Integer overflow in the function ReadTXTImage()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14173.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-14174","severity":"low","public_date":"2017-09-07T00:00:00Z","advisories":[],"bugzilla":"1489705","bugzilla_description":"CVE-2017-14174 ImageMagick: Lack of EOF check in the ReadPSDLayersInternal() function","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14174.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-14175","severity":"low","public_date":"2017-09-07T00:00:00Z","advisories":[],"bugzilla":"1489706","bugzilla_description":"CVE-2017-14175 ImageMagick: Lack of EOF check in the ReadXBMImage() function","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14175.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-18028","severity":"low","public_date":"2017-09-07T00:00:00Z","advisories":[],"bugzilla":"1534736","bugzilla_description":"CVE-2017-18028 ImageMagick: memory exhaustion in the function ReadTIFFImage in coders/tiff.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18028.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-14224","severity":"low","public_date":"2017-09-06T00:00:00Z","advisories":[],"bugzilla":"1491251","bugzilla_description":"CVE-2017-14224 ImageMagick: Heap-based buffer overflow in the WritePCXImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14224.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-18027","severity":"low","public_date":"2017-09-06T00:00:00Z","advisories":[],"bugzilla":"1534738","bugzilla_description":"CVE-2017-18027 ImageMagick: memory leak vulnerability in the function ReadMATImage in coders/mat.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18027.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-14139","severity":"low","public_date":"2017-09-05T00:00:00Z","advisories":[],"bugzilla":"1488430","bugzilla_description":"CVE-2017-14139 ImageMagick, GraphicsMagick: Memory leak in WriteMSLImage function in coders/msl.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14139.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-14137","severity":"low","public_date":"2017-09-05T00:00:00Z","advisories":[],"bugzilla":"1488436","bugzilla_description":"CVE-2017-14137 ImageMagick: Excessive memory allocation in ReadWEBPImage function in coders/webp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14137.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-14138","severity":"low","public_date":"2017-09-05T00:00:00Z","advisories":[],"bugzilla":"1488438","bugzilla_description":"CVE-2017-14138 ImageMagick: Memory leak in ReadWEBPImage function in coders/webp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14138.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-14532","severity":"low","public_date":"2017-09-03T00:00:00Z","advisories":[],"bugzilla":"1499672","bugzilla_description":"CVE-2017-14532 ImageMagick: NULL pointer dereference in the TIFFIgnoreTags function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14532.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-14624","severity":"low","public_date":"2017-09-03T00:00:00Z","advisories":[],"bugzilla":"1499912","bugzilla_description":"CVE-2017-14624 ImageMagick: NULL pointer dereference in the PostscriptDelegateMessage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14624.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-14625","severity":"low","public_date":"2017-09-03T00:00:00Z","advisories":[],"bugzilla":"1499915","bugzilla_description":"CVE-2017-14625 ImageMagick: NULL pointer dereference in the sixel_output_create function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14625.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-14626","severity":"low","public_date":"2017-09-03T00:00:00Z","advisories":[],"bugzilla":"1499917","bugzilla_description":"CVE-2017-14626 ImageMagick: NULL pointer dereference in the sixel_decode function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14626.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-15015","severity":"low","public_date":"2017-09-03T00:00:00Z","advisories":[],"bugzilla":"1500413","bugzilla_description":"CVE-2017-15015 ImageMagick: NULL pointer dereference in PDFDelegateMessage","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15015.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-15016","severity":"low","public_date":"2017-09-03T00:00:00Z","advisories":[],"bugzilla":"1500414","bugzilla_description":"CVE-2017-15016 ImageMagick: NULL pointer dereference in ReadEnhMetaFile","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15016.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-15017","severity":"low","public_date":"2017-09-03T00:00:00Z","advisories":[],"bugzilla":"1500415","bugzilla_description":"CVE-2017-15017 ImageMagick: NULL pointer dereference in ReadOneMNGImage","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15017.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-14531","severity":"low","public_date":"2017-09-02T00:00:00Z","advisories":[],"bugzilla":"1499670","bugzilla_description":"CVE-2017-14531 ImageMagick: Memory exhaustion in the ReadSUNImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14531.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12875","severity":"low","public_date":"2017-09-01T00:00:00Z","advisories":[],"bugzilla":"1487752","bugzilla_description":"CVE-2017-12875 ImageMagick: Resource exhaustion in WritePixelCachePixels function in coders/xcf.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12875.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12693","severity":"low","public_date":"2017-09-01T00:00:00Z","advisories":[],"bugzilla":"1488445","bugzilla_description":"CVE-2017-12693 ImageMagick: Memory exhaustion in ReadBMPImage function in coders/bmp.c in ImageMagick","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12693.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12692","severity":"low","public_date":"2017-09-01T00:00:00Z","advisories":[],"bugzilla":"1488449","bugzilla_description":"CVE-2017-12692 ImageMagick: Memory exhaustion in ReadVIFFImage function in coders/viff.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12692.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12691","severity":"low","public_date":"2017-09-01T00:00:00Z","advisories":[],"bugzilla":"1488450","bugzilla_description":"CVE-2017-12691 ImageMagick: Memory exhaustion in ReadOneLayer function in coders/xcf.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12691.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-14248","severity":"low","public_date":"2017-09-01T00:00:00Z","advisories":[],"bugzilla":"1491254","bugzilla_description":"CVE-2017-14248 ImageMagick: Heap-based buffer over-read in the SampleImage() function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14248.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-14060","severity":"low","public_date":"2017-08-31T00:00:00Z","advisories":[],"bugzilla":"1488979","bugzilla_description":"CVE-2017-14060 ImageMagick: NULL pointer dereference in ReadCUTImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14060.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-14249","severity":"low","public_date":"2017-08-31T00:00:00Z","advisories":[],"bugzilla":"1491260","bugzilla_description":"CVE-2017-14249 ImageMagick: Division by zero in the GetPixelCacheTileSize function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-369","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14249.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-13768","severity":"low","public_date":"2017-08-30T00:00:00Z","advisories":[],"bugzilla":"1487679","bugzilla_description":"CVE-2017-13768 ImageMagick: NULL pointer dereference in IdentifyImage function in MagickCore/identify.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13768.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-13769","severity":"moderate","public_date":"2017-08-30T00:00:00Z","advisories":[],"bugzilla":"1487714","bugzilla_description":"CVE-2017-13769 ImageMagick: Improper input validation in WriteTHUMBNAILImage function in coders/thumbnail.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13769.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L","cvss3_score":"4.4"},{"CVE":"CVE-2017-13758","severity":"low","public_date":"2017-08-29T00:00:00Z","advisories":[],"bugzilla":"1487763","bugzilla_description":"CVE-2017-13758 ImageMagick: Heap-based buffer overflow in the TracePoint() function in MagickCore/draw.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13758.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-13066","severity":"low","public_date":"2017-08-23T00:00:00Z","advisories":[],"bugzilla":"1484491","bugzilla_description":"CVE-2017-13066 ImageMagick, GraphicsMagick: Memory leak in CloneImage function in magick/image.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13066.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-13131","severity":"low","public_date":"2017-08-23T00:00:00Z","advisories":[],"bugzilla":"1486770","bugzilla_description":"CVE-2017-13131 ImageMagick: Memory leak in ReadMIFFImage function in coders/miff.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13131.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-13132","severity":"low","public_date":"2017-08-23T00:00:00Z","advisories":[],"bugzilla":"1486776","bugzilla_description":"CVE-2017-13132 ImageMagick: Assertion failure WriteBlobStream function in MagickCore/blob.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-665","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13132.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-13133","severity":"low","public_date":"2017-08-23T00:00:00Z","advisories":[],"bugzilla":"1486778","bugzilla_description":"CVE-2017-13133 ImageMagick: Improper input validadion in load_level function in coders/xcf.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13133.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-13134","severity":"low","public_date":"2017-08-23T00:00:00Z","advisories":[],"bugzilla":"1486779","bugzilla_description":"CVE-2017-13134 ImageMagick: heap-based buffer over-read in SFWScan function in coders/sfw.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13134.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-13139","severity":"low","public_date":"2017-08-23T00:00:00Z","advisories":[],"bugzilla":"1486784","bugzilla_description":"CVE-2017-13139 ImageMagick: Out of bounds read in ReadOneMNGImage function in coders/png.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13139.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-13140","severity":"low","public_date":"2017-08-23T00:00:00Z","advisories":[],"bugzilla":"1486792","bugzilla_description":"CVE-2017-13140 ImageMagick: Denial of service in ReadOnePNGImage function in coders/png.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-770","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13140.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-13141","severity":"low","public_date":"2017-08-23T00:00:00Z","advisories":[],"bugzilla":"1486793","bugzilla_description":"CVE-2017-13141 ImageMagick: Memory leak in ReadOnePNGImage function in coders/png.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13141.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-13142","severity":"low","public_date":"2017-08-23T00:00:00Z","advisories":[],"bugzilla":"1486795","bugzilla_description":"CVE-2017-13142 ImageMagick: Improper validation of short files in coders/png.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13142.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-13143","severity":"low","public_date":"2017-08-23T00:00:00Z","advisories":[],"bugzilla":"1486799","bugzilla_description":"CVE-2017-13143 ImageMagick: Initialized data use in ReadMATImage function in coders/mat.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-665","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13143.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-13144","severity":"low","public_date":"2017-08-23T00:00:00Z","advisories":[],"bugzilla":"1486802","bugzilla_description":"CVE-2017-13144 ImageMagick: Improper size validation in ReadJPEGImage function in error/jpeg.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13144.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-13145","severity":"low","public_date":"2017-08-23T00:00:00Z","advisories":[],"bugzilla":"1486804","bugzilla_description":"CVE-2017-13145 ImageMagick: Improper input validation in ReadJP2Image function in coders/jp2.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13145.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-13146","severity":"low","public_date":"2017-08-23T00:00:00Z","advisories":[],"bugzilla":"1486806","bugzilla_description":"CVE-2017-13146 ImageMagick: Memory leak in the ReadMATImage function in coders/mat.c.","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13146.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-14528","severity":"low","public_date":"2017-08-23T00:00:00Z","advisories":[],"bugzilla":"1499664","bugzilla_description":"CVE-2017-14528 ImageMagick: Use-after-free in the TIFFSetProfiles function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14528.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-18029","severity":"low","public_date":"2017-08-22T00:00:00Z","advisories":[],"bugzilla":"1534732","bugzilla_description":"CVE-2017-18029 ImageMagick: memory leak in the function ReadMATImage in coders/mat.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18029.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12983","severity":"low","public_date":"2017-08-18T00:00:00Z","advisories":[],"bugzilla":"1487238","bugzilla_description":"CVE-2017-12983 ImageMagick: Heap-based buffer overflow in the ReadSFWImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12983.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-13062","severity":"low","public_date":"2017-08-11T00:00:00Z","advisories":[],"bugzilla":"1487263","bugzilla_description":"CVE-2017-13062 ImageMagick: Memory leak in the formatIPTC function","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13062.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12876","severity":"low","public_date":"2017-08-10T00:00:00Z","advisories":[],"bugzilla":"1487115","bugzilla_description":"CVE-2017-12876 ImageMagick: Heap-based buffer overflow in enhance.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12876.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12877","severity":"low","public_date":"2017-08-10T00:00:00Z","advisories":[],"bugzilla":"1487118","bugzilla_description":"CVE-2017-12877 ImageMagick: Use-after-free vulnerability in the DestroyImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12877.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-13058","severity":"low","public_date":"2017-08-10T00:00:00Z","advisories":[],"bugzilla":"1487258","bugzilla_description":"CVE-2017-13058 ImageMagick: Memory leak in the WritePCXImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13058.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-13059","severity":"low","public_date":"2017-08-10T00:00:00Z","advisories":[],"bugzilla":"1487260","bugzilla_description":"CVE-2017-13059 ImageMagick: Memory leak in the WriteOneJNGImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13059.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12805","severity":"low","public_date":"2017-08-10T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1708521","bugzilla_description":"CVE-2017-12805 ImageMagick: memory exhaustion in function ReadTIFFImage causing denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12805.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2017-12666","severity":"low","public_date":"2017-08-08T00:00:00Z","advisories":[],"bugzilla":"1483068","bugzilla_description":"CVE-2017-12666 ImageMagick: Memory leak in WriteINLINEImage function in coders/inline.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12666.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12643","severity":"low","public_date":"2017-08-08T00:00:00Z","advisories":[],"bugzilla":"1483074","bugzilla_description":"CVE-2017-12643 ImageMagick: Memory exhaustion in ReadOneJNGImage function in coders\\png.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12643.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12664","severity":"low","public_date":"2017-08-08T00:00:00Z","advisories":[],"bugzilla":"1483082","bugzilla_description":"CVE-2017-12664 ImageMagick: Memory leak in WritePALMImage function in coders/palm.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12664.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12641","severity":"low","public_date":"2017-08-08T00:00:00Z","advisories":[],"bugzilla":"1483091","bugzilla_description":"CVE-2017-12641 ImageMagick: Memory leak in ReadOneJNGImage function in coders\\png.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12641.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12665","severity":"low","public_date":"2017-08-08T00:00:00Z","advisories":[],"bugzilla":"1483102","bugzilla_description":"CVE-2017-12665 ImageMagick: Memory leak vulnerability in WritePICTImage function in coders/pict.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12665.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12640","severity":"low","public_date":"2017-08-08T00:00:00Z","advisories":[],"bugzilla":"1483103","bugzilla_description":"CVE-2017-12640 ImageMagick: Out-of-bounds read in ReadOneMNGImage function in coders/png.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12640.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12662","severity":"low","public_date":"2017-08-08T00:00:00Z","advisories":[],"bugzilla":"1483104","bugzilla_description":"CVE-2017-12662 ImageMagick: Memory leak in WritePDFImage function in coders/pdf.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12662.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12663","severity":"low","public_date":"2017-08-08T00:00:00Z","advisories":[],"bugzilla":"1483107","bugzilla_description":"CVE-2017-12663 ImageMagick: Memory leak in WriteMAPImage function in coders/map.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12663.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12654","severity":"low","public_date":"2017-08-08T00:00:00Z","advisories":[],"bugzilla":"1483110","bugzilla_description":"CVE-2017-12654 ImageMagick: Memory leak in ReadPICTImage function in coders/pict.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12654.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12642","severity":"low","public_date":"2017-08-08T00:00:00Z","advisories":[],"bugzilla":"1483111","bugzilla_description":"CVE-2017-12642 ImageMagick: Memory leak in ReadMPCImage function in coders/mpc.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12642.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12644","severity":"low","public_date":"2017-08-08T00:00:00Z","advisories":[],"bugzilla":"1483116","bugzilla_description":"CVE-2017-12644 ImageMagick: Memory leak in ReadDCMImage function in coders/dcm.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12644.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12806","severity":"low","public_date":"2017-08-08T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1708517","bugzilla_description":"CVE-2017-12806 ImageMagick: memory exhaustion in function format8BIM causing denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12806.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2017-12587","severity":"low","public_date":"2017-08-06T00:00:00Z","advisories":[],"bugzilla":"1483574","bugzilla_description":"CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\\pwp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12587.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-14341","severity":"low","public_date":"2017-08-06T00:00:00Z","advisories":[],"bugzilla":"1491262","bugzilla_description":"CVE-2017-14341 ImageMagick: Infinite loop in the ReadWPGImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14341.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-14342","severity":"low","public_date":"2017-08-05T00:00:00Z","advisories":[],"bugzilla":"1491263","bugzilla_description":"CVE-2017-14342 ImageMagick: Memory exhaustion in the ReadWPGImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14342.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-14343","severity":"low","public_date":"2017-08-05T00:00:00Z","advisories":[],"bugzilla":"1491267","bugzilla_description":"CVE-2017-14343 ImageMagick: Memory leak in the ReadXCFImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14343.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-14533","severity":"low","public_date":"2017-08-05T00:00:00Z","advisories":[],"bugzilla":"1499674","bugzilla_description":"CVE-2017-14533 ImageMagick: Memory leak in the ReadMATImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14533.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12428","severity":"low","public_date":"2017-08-04T00:00:00Z","advisories":[],"bugzilla":"1482628","bugzilla_description":"CVE-2017-12428 ImageMagick: Memory leak in the function ReadWMFImage in coders/wmf.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12428.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12431","severity":"low","public_date":"2017-08-04T00:00:00Z","advisories":[],"bugzilla":"1482647","bugzilla_description":"CVE-2017-12431 ImageMagick: User-after-free in ReadWMFImage in coders/wmf.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12431.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12430","severity":"low","public_date":"2017-08-04T00:00:00Z","advisories":[],"bugzilla":"1482650","bugzilla_description":"CVE-2017-12430 GraphicsMagick, ImageMagick: Memory exhaustion in ReadMPCImage in coders/mpc.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12430.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12427","severity":"low","public_date":"2017-08-04T00:00:00Z","advisories":[],"bugzilla":"1482652","bugzilla_description":"CVE-2017-12427 GraphicsMagick, ImageMagick: Mermory leak in ProcessMSLScript coders/msl.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12427.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12432","severity":"low","public_date":"2017-08-04T00:00:00Z","advisories":[],"bugzilla":"1482653","bugzilla_description":"CVE-2017-12432 ImageMagick: Memory exhaustion in ReadPCXImage in coders/pcx.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12432.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12429","severity":"low","public_date":"2017-08-04T00:00:00Z","advisories":[],"bugzilla":"1482654","bugzilla_description":"CVE-2017-12429 ImageMagick: Memory exhaustion in ReadMIFFImage in coders/miff.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12429.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12433","severity":"low","public_date":"2017-08-04T00:00:00Z","advisories":[],"bugzilla":"1483127","bugzilla_description":"CVE-2017-12433 ImageMagick: Memory leak in ReadPESImage function in coders/pes.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12433.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12434","severity":"low","public_date":"2017-08-04T00:00:00Z","advisories":[],"bugzilla":"1483130","bugzilla_description":"CVE-2017-12434 ImageMagick: Missing NULL check in ReadMATImage function in coders/mat.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12434.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12435","severity":"low","public_date":"2017-08-04T00:00:00Z","advisories":[],"bugzilla":"1483131","bugzilla_description":"CVE-2017-12435 ImageMagick: Memory exhaustion in ReadSUNImage function in coders/sun.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12435.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-13060","severity":"low","public_date":"2017-08-04T00:00:00Z","advisories":[],"bugzilla":"1487261","bugzilla_description":"CVE-2017-13060 ImageMagick: Memory leak in the ReadMATImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13060.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-13061","severity":"low","public_date":"2017-08-04T00:00:00Z","advisories":[],"bugzilla":"1487262","bugzilla_description":"CVE-2017-13061 ImageMagick: Length-validation vulnerability was found in the function ReadPSDLayersInternal function","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13061.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12418","severity":"low","public_date":"2017-08-03T00:00:00Z","advisories":[],"bugzilla":"1482625","bugzilla_description":"CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12418.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11750","severity":"low","public_date":"2017-07-30T00:00:00Z","advisories":[],"bugzilla":"1477062","bugzilla_description":"CVE-2017-11750 ImageMagick: NULL pointer dereference in ReadOneJNGImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11750.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-11751","severity":"low","public_date":"2017-07-30T00:00:00Z","advisories":[],"bugzilla":"1477063","bugzilla_description":"CVE-2017-11751 ImageMagick: Memory leak in WritePICONImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-401","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11751.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11755","severity":"low","public_date":"2017-07-30T00:00:00Z","advisories":[],"bugzilla":"1477069","bugzilla_description":"CVE-2017-11755 ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-401","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11755.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11752","severity":"low","public_date":"2017-07-29T00:00:00Z","advisories":[],"bugzilla":"1477064","bugzilla_description":"CVE-2017-11752 ImageMagick: Memory leak in ReadMAGICKImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-401","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11752.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11753","severity":"low","public_date":"2017-07-29T00:00:00Z","advisories":[],"bugzilla":"1477066","bugzilla_description":"CVE-2017-11753 ImageMagick: heap-based buffer over-read in GetImageDepth function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11753.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11754","severity":"low","public_date":"2017-07-29T00:00:00Z","advisories":[],"bugzilla":"1477068","bugzilla_description":"CVE-2017-11754 ImageMagick: Memory leak in WritePICONImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-401","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11754.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11724","severity":"low","public_date":"2017-07-27T00:00:00Z","advisories":[],"bugzilla":"1477058","bugzilla_description":"CVE-2017-11724 ImageMagick: Memory leaks in ReadMATImage function involving the quantum_info and clone_info data structures","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-401","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11724.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11640","severity":"low","public_date":"2017-07-26T00:00:00Z","advisories":[],"bugzilla":"1475463","bugzilla_description":"CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11640.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11639","severity":"low","public_date":"2017-07-26T00:00:00Z","advisories":[],"bugzilla":"1475470","bugzilla_description":"CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11639.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11644","severity":"low","public_date":"2017-07-26T00:00:00Z","advisories":[],"bugzilla":"1475485","bugzilla_description":"CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-770","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11644.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12676","severity":"low","public_date":"2017-07-25T00:00:00Z","advisories":[],"bugzilla":"1484874","bugzilla_description":"CVE-2017-12676 ImageMagick: Memory leak in the function ReadOneJNGImage","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12676.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12672","severity":"low","public_date":"2017-07-25T00:00:00Z","advisories":[],"bugzilla":"1484875","bugzilla_description":"CVE-2017-12672 ImageMagick: Memory leak in the function ReadMATImage","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12672.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12671","severity":"low","public_date":"2017-07-25T00:00:00Z","advisories":[],"bugzilla":"1484877","bugzilla_description":"CVE-2017-12671 ImageMagick: Invalid free in the function RelinquishMagickMemory","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12671.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12675","severity":"low","public_date":"2017-07-25T00:00:00Z","advisories":[],"bugzilla":"1484880","bugzilla_description":"CVE-2017-12675 ImageMagick: Memory leak in the function ReadImage","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12675.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12673","severity":"low","public_date":"2017-07-25T00:00:00Z","advisories":[],"bugzilla":"1484882","bugzilla_description":"CVE-2017-12673 ImageMagick: Memory leak in the function ReadOneMNGImage","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12673.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11478","severity":"low","public_date":"2017-07-24T00:00:00Z","advisories":[],"bugzilla":"1474363","bugzilla_description":"CVE-2017-11478 ImageMagick: Infinite loop in ReadOneDJVUImage function in coders/djvu.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11478.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11446","severity":"low","public_date":"2017-07-24T00:00:00Z","advisories":[],"bugzilla":"1474391","bugzilla_description":"CVE-2017-11446 ImageMagick: Infinite loop in ReadPESImage function in coders/pes.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11446.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12670","severity":"low","public_date":"2017-07-24T00:00:00Z","advisories":[],"bugzilla":"1484884","bugzilla_description":"CVE-2017-12670 ImageMagick: Assertion failure in the function DestroyImage","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12670.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12563","severity":"low","public_date":"2017-07-23T00:00:00Z","advisories":[],"bugzilla":"1484867","bugzilla_description":"CVE-2017-12563 ImageMagick: Memory exhaustion in the function ReadPSDImage","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12563.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12564","severity":"low","public_date":"2017-07-23T00:00:00Z","advisories":[],"bugzilla":"1484868","bugzilla_description":"CVE-2017-12564 ImageMagick: Memory leak in the function ReadMATImage","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12564.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12565","severity":"low","public_date":"2017-07-23T00:00:00Z","advisories":[],"bugzilla":"1484869","bugzilla_description":"CVE-2017-12565 ImageMagick: Memory leak in the function ReadOneJNGImage","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12565.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12566","severity":"low","public_date":"2017-07-23T00:00:00Z","advisories":[],"bugzilla":"1484870","bugzilla_description":"CVE-2017-12566 ImageMagick: Memory leak in the function ReadMVGImage","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12566.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12674","severity":"low","public_date":"2017-07-23T00:00:00Z","advisories":[],"bugzilla":"1484879","bugzilla_description":"CVE-2017-12674 ImageMagick: Resource exhaustion in the function ReadPDBImage","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12674.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-13658","severity":"low","public_date":"2017-07-23T00:00:00Z","advisories":[],"bugzilla":"1487277","bugzilla_description":"CVE-2017-13658 ImageMagick: Missing NULL check in the ReadMATImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13658.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-10928","severity":"low","public_date":"2017-07-21T00:00:00Z","advisories":[],"bugzilla":"1473717","bugzilla_description":"CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10928.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11141","severity":"low","public_date":"2017-07-21T00:00:00Z","advisories":[],"bugzilla":"1473757","bugzilla_description":"CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\\mat.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11141.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11450","severity":"low","public_date":"2017-07-21T00:00:00Z","advisories":[],"bugzilla":"1473774","bugzilla_description":"CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11450.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11449","severity":"low","public_date":"2017-07-21T00:00:00Z","advisories":[],"bugzilla":"1473796","bugzilla_description":"CVE-2017-11449 ImageMagick: coders/mpc.c don't validade blob sizes of mpc images received from stdin","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11449.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11447","severity":"low","public_date":"2017-07-21T00:00:00Z","advisories":[],"bugzilla":"1473798","bugzilla_description":"CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11447.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11448","severity":"low","public_date":"2017-07-21T00:00:00Z","advisories":[],"bugzilla":"1473801","bugzilla_description":"CVE-2017-11448 ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11448.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2017-11523","severity":"low","public_date":"2017-07-21T00:00:00Z","advisories":[],"bugzilla":"1474845","bugzilla_description":"CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11523.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11522","severity":"low","public_date":"2017-07-21T00:00:00Z","advisories":[],"bugzilla":"1474851","bugzilla_description":"CVE-2017-11522 ImageMagick: Null-Pointer dereference in WriteOnePNGImage function in coders/png.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11522.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-15277","severity":"low","public_date":"2017-07-21T00:00:00Z","advisories":[],"bugzilla":"1510426","bugzilla_description":"CVE-2017-15277 ImageMagick: Unitialized palette in ReadGIFImage when processing a crafted GIF file","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15277.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2017-11352","severity":"low","public_date":"2017-07-17T00:00:00Z","advisories":[],"bugzilla":"1471835","bugzilla_description":"CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11352.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"4.0"},{"CVE":"CVE-2017-11360","severity":"low","public_date":"2017-07-17T00:00:00Z","advisories":[],"bugzilla":"1473847","bugzilla_description":"CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11360.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12669","severity":"low","public_date":"2017-07-17T00:00:00Z","advisories":[],"bugzilla":"1484872","bugzilla_description":"CVE-2017-12669 ImageMagick: Memory leak in the function WriteCALSImage","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12669.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12668","severity":"low","public_date":"2017-07-17T00:00:00Z","advisories":[],"bugzilla":"1484873","bugzilla_description":"CVE-2017-12668 ImageMagick: Memory leak in the function WritePCXImage","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12668.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11531","severity":"low","public_date":"2017-07-16T00:00:00Z","advisories":[],"bugzilla":"1474913","bugzilla_description":"CVE-2017-11531 ImageMagick: Memory leak in the WriteHISTOGRAMImage() function","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11531.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11532","severity":"low","public_date":"2017-07-16T00:00:00Z","advisories":[],"bugzilla":"1474914","bugzilla_description":"CVE-2017-11532 ImageMagick: Memory leak in the WriteMPCImage() function","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11532.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11533","severity":"low","public_date":"2017-07-16T00:00:00Z","advisories":[],"bugzilla":"1474916","bugzilla_description":"CVE-2017-11533 ImageMagick: Heap-buffer over-read in the WriteUILImage() function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11533.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11534","severity":"low","public_date":"2017-07-16T00:00:00Z","advisories":[],"bugzilla":"1474918","bugzilla_description":"CVE-2017-11534 ImageMagick: Memory leak in the lite_font_map() function","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11534.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11535","severity":"low","public_date":"2017-07-16T00:00:00Z","advisories":[],"bugzilla":"1474919","bugzilla_description":"CVE-2017-11535 ImageMagick: Heap-based buffer over-read in the WritePSImage() function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11535.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11536","severity":"low","public_date":"2017-07-16T00:00:00Z","advisories":[],"bugzilla":"1474920","bugzilla_description":"CVE-2017-11536 ImageMagick: Memory leak in the WriteJP2Image() function","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11536.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11537","severity":"low","public_date":"2017-07-16T00:00:00Z","advisories":[],"bugzilla":"1474921","bugzilla_description":"CVE-2017-11537 ImageMagick: Floating point exception in the WritePALMImage() function","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11537.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11538","severity":"low","public_date":"2017-07-16T00:00:00Z","advisories":[],"bugzilla":"1474922","bugzilla_description":"CVE-2017-11538 ImageMagick: Memory leak in the WriteOnePNGImage() function","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11538.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11539","severity":"low","public_date":"2017-07-16T00:00:00Z","advisories":[],"bugzilla":"1474923","bugzilla_description":"CVE-2017-11539 ImageMagick: Memory leak in the ReadOnePNGImage() function","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11539.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11540","severity":"low","public_date":"2017-07-16T00:00:00Z","advisories":[],"bugzilla":"1474924","bugzilla_description":"CVE-2017-11540 ImageMagick: Heap buffer over-read in the GetPixelIndex() function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11540.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11170","severity":"low","public_date":"2017-07-13T00:00:00Z","advisories":[],"bugzilla":"1470669","bugzilla_description":"CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11170.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11188","severity":"low","public_date":"2017-07-12T00:00:00Z","advisories":[],"bugzilla":"1473824","bugzilla_description":"CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\\dpx.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11188.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12667","severity":"low","public_date":"2017-07-09T00:00:00Z","advisories":[],"bugzilla":"1484881","bugzilla_description":"CVE-2017-12667 ImageMagick: Memory leak in the function ReadMATImage","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12667.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-10995","severity":"low","public_date":"2017-07-04T00:00:00Z","advisories":[],"bugzilla":"1471121","bugzilla_description":"CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10995.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12140","severity":"low","public_date":"2017-06-29T00:00:00Z","advisories":[],"bugzilla":"1477565","bugzilla_description":"CVE-2017-12140 ImageMagick: integer signedness error in ReadDCMImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12140.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11528","severity":"low","public_date":"2017-06-24T00:00:00Z","advisories":[],"bugzilla":"1474854","bugzilla_description":"CVE-2017-11528 ImageMagick: Memory leak in ReadDIBImage in dib.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11528.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11527","severity":"low","public_date":"2017-06-24T00:00:00Z","advisories":[],"bugzilla":"1474858","bugzilla_description":"CVE-2017-11527 ImageMagick: Memory leak in the ReadDPXImage function in coders/dpx.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11527.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11530","severity":"low","public_date":"2017-06-24T00:00:00Z","advisories":[],"bugzilla":"1474862","bugzilla_description":"CVE-2017-11530 ImageMagick: Memory exhaustion in ReadEPTImage in ept.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11530.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11529","severity":"low","public_date":"2017-06-24T00:00:00Z","advisories":[],"bugzilla":"1474863","bugzilla_description":"CVE-2017-11529 ImageMagick: Memory leak in ReadMATImage in mat.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11529.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11505","severity":"low","public_date":"2017-06-24T00:00:00Z","advisories":[],"bugzilla":"1474864","bugzilla_description":"CVE-2017-11505 ImageMagick: CPU exhaustion in ReadOneJNGImage","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11505.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11526","severity":"low","public_date":"2017-06-24T00:00:00Z","advisories":[],"bugzilla":"1474865","bugzilla_description":"CVE-2017-11526 ImageMagick: CPU exhaustion in ReadOneMNGImage","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11526.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11525","severity":"low","public_date":"2017-06-23T00:00:00Z","advisories":[],"bugzilla":"1474855","bugzilla_description":"CVE-2017-11525 ImageMagick: Memory leak in ReadCINImage function in coders/cin.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11525.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11310","severity":"low","public_date":"2017-06-22T00:00:00Z","advisories":[],"bugzilla":"1471096","bugzilla_description":"CVE-2017-11310 ImageMagick: Memory leak in read_user_chunk_callback function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-772","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11310.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11524","severity":"low","public_date":"2017-06-04T00:00:00Z","advisories":[],"bugzilla":"1474912","bugzilla_description":"CVE-2017-11524 ImageMagick: Assertion failure in the WriteBlob function","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11524.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-9500","severity":"low","public_date":"2017-05-23T00:00:00Z","advisories":[],"bugzilla":"1461894","bugzilla_description":"CVE-2017-9500 ImageMagick: Assertion failure in ResetImageProfileIterator","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9500.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-9098","severity":"moderate","public_date":"2017-05-18T00:00:00Z","advisories":[],"bugzilla":"1453124","bugzilla_description":"CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-456","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9098.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.1"},{"CVE":"CVE-2017-9141","severity":"low","public_date":"2017-05-15T00:00:00Z","advisories":[],"bugzilla":"1455578","bugzilla_description":"CVE-2017-9141 ImageMagick: Missing checks in the ReadDDSImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9141.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-9142","severity":"low","public_date":"2017-05-15T00:00:00Z","advisories":[],"bugzilla":"1455581","bugzilla_description":"CVE-2017-9142 ImageMagick: Missing checks in the ReadOneJNGImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9142.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-9143","severity":"low","public_date":"2017-05-15T00:00:00Z","advisories":[],"bugzilla":"1455583","bugzilla_description":"CVE-2017-9143 ImageMagick: Memory leak in the REadARTImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9143.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-9144","severity":"low","public_date":"2017-05-15T00:00:00Z","advisories":[],"bugzilla":"1455584","bugzilla_description":"CVE-2017-9144 ImageMagick: Incorrect EOF handling in coders/rle.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9144.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-9499","severity":"low","public_date":"2017-05-15T00:00:00Z","advisories":[],"bugzilla":"1461890","bugzilla_description":"CVE-2017-9499 ImageMagick: Assertion failure in SetPixelChannelAttributes","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9499.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-9501","severity":"low","public_date":"2017-05-15T00:00:00Z","advisories":[],"bugzilla":"1461896","bugzilla_description":"CVE-2017-9501 ImageMagick: Assertion failure in LockSemaphoreInfo","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9501.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-9261","severity":"low","public_date":"2017-05-06T00:00:00Z","advisories":[],"bugzilla":"1457318","bugzilla_description":"CVE-2017-9261 ImageMagick: Memory leak in the ReadMNGImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9261.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-9262","severity":"low","public_date":"2017-05-06T00:00:00Z","advisories":[],"bugzilla":"1457320","bugzilla_description":"CVE-2017-9262 ImageMagick: Memory leak in the ReadJNGImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9262.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11166","severity":"low","public_date":"2017-05-04T00:00:00Z","advisories":["RHSA-2020:1180"],"bugzilla":"1772643","bugzilla_description":"CVE-2017-11166 ImageMagick: memory leak vulnerability in ReadXWDImage function in coders/xwd.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-772","affected_packages":["ImageMagick-0:6.9.10.68-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11166.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-8765","severity":"low","public_date":"2017-05-03T00:00:00Z","advisories":[],"bugzilla":"1449270","bugzilla_description":"CVE-2017-8765 ImageMagick: Memory leak in the ReadICONImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-460","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8765.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-8830","severity":"low","public_date":"2017-05-03T00:00:00Z","advisories":[],"bugzilla":"1449271","bugzilla_description":"CVE-2017-8830 ImageMagick: Memory leak in the ReadBMPImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-460","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8830.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-9405","severity":"low","public_date":"2017-04-28T00:00:00Z","advisories":[],"bugzilla":"1458812","bugzilla_description":"CVE-2017-9405 ImageMagick: Memory leak in the ReadICONImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-460","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9405.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-9407","severity":"low","public_date":"2017-04-28T00:00:00Z","advisories":[],"bugzilla":"1458813","bugzilla_description":"CVE-2017-9407 ImageMagick: Memory leak in the ReadPALMImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-460","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9407.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-9409","severity":"low","public_date":"2017-04-28T00:00:00Z","advisories":[],"bugzilla":"1458814","bugzilla_description":"CVE-2017-9409 ImageMagick: Memory leak in the ReadMPCImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-460","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9409.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-9439","severity":"low","public_date":"2017-04-28T00:00:00Z","advisories":[],"bugzilla":"1461768","bugzilla_description":"CVE-2017-9439 ImageMagick: Memory leak in the ReadPDBImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9439.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-9440","severity":"low","public_date":"2017-04-28T00:00:00Z","advisories":[],"bugzilla":"1461772","bugzilla_description":"CVE-2017-9440 ImageMagick: Memory leak in the ReadPSDChannel function","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9440.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-8343","severity":"low","public_date":"2017-04-26T00:00:00Z","advisories":[],"bugzilla":"1449239","bugzilla_description":"CVE-2017-8343 ImageMagick: Memory leak in the ReadAAIImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-460","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8343.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-8344","severity":"low","public_date":"2017-04-26T00:00:00Z","advisories":[],"bugzilla":"1449240","bugzilla_description":"CVE-2017-8344 ImageMagick: Memory leak in the ReadPCXImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-460","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8344.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-8345","severity":"low","public_date":"2017-04-26T00:00:00Z","advisories":[],"bugzilla":"1449241","bugzilla_description":"CVE-2017-8345 ImageMagick: Memory leak in the ReadMNGImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-460","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8345.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-8346","severity":"low","public_date":"2017-04-26T00:00:00Z","advisories":[],"bugzilla":"1449242","bugzilla_description":"CVE-2017-8346 ImageMagick: Memory leak in the ReadDCMImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-460","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8346.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-8347","severity":"low","public_date":"2017-04-26T00:00:00Z","advisories":[],"bugzilla":"1449244","bugzilla_description":"CVE-2017-8347 ImageMagick: Memory leak in the ReadEXRImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-460","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8347.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-8348","severity":"low","public_date":"2017-04-26T00:00:00Z","advisories":[],"bugzilla":"1449247","bugzilla_description":"CVE-2017-8348 ImageMagick: Memory leak in the ReadMATImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-460","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8348.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-8349","severity":"low","public_date":"2017-04-26T00:00:00Z","advisories":[],"bugzilla":"1449248","bugzilla_description":"CVE-2017-8349 ImageMagick: Memory leak in the ReadSFWImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-460","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8349.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-8350","severity":"low","public_date":"2017-04-26T00:00:00Z","advisories":[],"bugzilla":"1449250","bugzilla_description":"CVE-2017-8350 ImageMagick: Memory leak in the ReadJNGImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-460","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8350.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-8351","severity":"low","public_date":"2017-04-26T00:00:00Z","advisories":[],"bugzilla":"1449251","bugzilla_description":"CVE-2017-8351 ImageMagick: Memory leak in the ReadPCDImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-460","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8351.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-8352","severity":"low","public_date":"2017-04-26T00:00:00Z","advisories":[],"bugzilla":"1449253","bugzilla_description":"CVE-2017-8352 ImageMagick: Memory leak in the ReadXWDImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-460","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8352.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-8353","severity":"low","public_date":"2017-04-26T00:00:00Z","advisories":[],"bugzilla":"1449254","bugzilla_description":"CVE-2017-8353 ImageMagick: Memory leak in the ReadPICTImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-460","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8353.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-8354","severity":"low","public_date":"2017-04-26T00:00:00Z","advisories":[],"bugzilla":"1449261","bugzilla_description":"CVE-2017-8354 ImageMagick: Memory leak in the ReadBMPImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-460","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8354.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-8355","severity":"low","public_date":"2017-04-26T00:00:00Z","advisories":[],"bugzilla":"1449262","bugzilla_description":"CVE-2017-8355 ImageMagick: Memory leak in the ReadMTVImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-460","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8355.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-8356","severity":"low","public_date":"2017-04-26T00:00:00Z","advisories":[],"bugzilla":"1449263","bugzilla_description":"CVE-2017-8356 ImageMagick: Memory leak in the ReadSUNImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-460","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8356.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-8357","severity":"low","public_date":"2017-04-26T00:00:00Z","advisories":[],"bugzilla":"1449264","bugzilla_description":"CVE-2017-8357 ImageMagick: Memory leak in the ReadEPTImage function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-460","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8357.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-7941","severity":"low","public_date":"2017-04-17T00:00:00Z","advisories":[],"bugzilla":"1445676","bugzilla_description":"CVE-2017-7941 ImageMagick: Memory leak in ReadSGIImage","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-460","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7941.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-7942","severity":"low","public_date":"2017-04-17T00:00:00Z","advisories":[],"bugzilla":"1445677","bugzilla_description":"CVE-2017-7942 ImageMagick: Memory leak in ReadAVSImage","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-460","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7942.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-7943","severity":"low","public_date":"2017-04-17T00:00:00Z","advisories":[],"bugzilla":"1445679","bugzilla_description":"CVE-2017-7943 ImageMagick: Memory leak in ReadSVGImage","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-460","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7943.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-7606","severity":"low","public_date":"2017-03-31T00:00:00Z","advisories":[],"bugzilla":"1441586","bugzilla_description":"CVE-2017-7606 ImageMagick: Char outside of range in coders/rle.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7606.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-7275","severity":"moderate","public_date":"2017-03-27T00:00:00Z","advisories":[],"bugzilla":"1437934","bugzilla_description":"CVE-2017-7275 ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7275.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-10252","severity":"low","public_date":"2017-03-07T00:00:00Z","advisories":[],"bugzilla":"1433275","bugzilla_description":"CVE-2016-10252 ImageMagick: Memory leak in isOptionMember function","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10252.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-7619","severity":"low","public_date":"2017-03-02T00:00:00Z","advisories":[],"bugzilla":"1441211","bugzilla_description":"CVE-2017-7619 ImageMagick: Infinite loop due to a floating-point rounding error in some of the color algorithms","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7619.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-6335","severity":"low","public_date":"2017-02-23T00:00:00Z","advisories":[],"bugzilla":"1427975","bugzilla_description":"CVE-2017-6335 ImageMagick: Heap out-of-bounds read in tiff.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6335.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-6502","severity":"low","public_date":"2017-02-18T00:00:00Z","advisories":[],"bugzilla":"1429557","bugzilla_description":"CVE-2017-6502 ImageMagick: File descriptor leak in libmagickcore","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6502.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-6497","severity":"low","public_date":"2017-02-11T00:00:00Z","advisories":[],"bugzilla":"1429548","bugzilla_description":"CVE-2017-6497 ImageMagick: NULL pointer dereference in psd.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6497.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-6501","severity":"low","public_date":"2017-02-10T00:00:00Z","advisories":[],"bugzilla":"1429555","bugzilla_description":"CVE-2017-6501 ImageMagick: NULL pointer dereference in xcf.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6501.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-6499","severity":"low","public_date":"2017-02-09T00:00:00Z","advisories":[],"bugzilla":"1429552","bugzilla_description":"CVE-2017-6499 ImageMagick: Memory leak in Magick++","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6499.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-6500","severity":"low","public_date":"2017-02-08T00:00:00Z","advisories":[],"bugzilla":"1429554","bugzilla_description":"CVE-2017-6500 ImageMagick: Heap-buffer overflow in sun.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6500.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-6498","severity":"low","public_date":"2017-01-20T00:00:00Z","advisories":[],"bugzilla":"1429549","bugzilla_description":"CVE-2017-6498 ImageMagick: Assertion failures in tga.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6498.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-5506","severity":"moderate","public_date":"2017-01-12T00:00:00Z","advisories":[],"bugzilla":"1414442","bugzilla_description":"CVE-2017-5506 ImageMagick: Double-free memory corruption in profile.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5506.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L","cvss3_score":"4.4"},{"CVE":"CVE-2017-5507","severity":"moderate","public_date":"2017-01-11T00:00:00Z","advisories":[],"bugzilla":"1414444","bugzilla_description":"CVE-2017-5507 ImageMagick: Memory leak in mpc file handling","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5507.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L","cvss3_score":"4.4"},{"CVE":"CVE-2017-5509","severity":"moderate","public_date":"2017-01-10T00:00:00Z","advisories":[],"bugzilla":"1414448","bugzilla_description":"CVE-2017-5509 ImageMagick: Out-of-bounds write flaw in psd file handling","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5509.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L","cvss3_score":"4.4"},{"CVE":"CVE-2017-5510","severity":"moderate","public_date":"2017-01-07T00:00:00Z","advisories":[],"bugzilla":"1414449","bugzilla_description":"CVE-2017-5510 ImageMagick: Out-of-bounds write flaw in psd file handling","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5510.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L","cvss3_score":"4.4"},{"CVE":"CVE-2017-5511","severity":"moderate","public_date":"2017-01-07T00:00:00Z","advisories":[],"bugzilla":"1414452","bugzilla_description":"CVE-2017-5511 ImageMagick: Memory corruption heap overflow in psd.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5511.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L","cvss3_score":"4.4"},{"CVE":"CVE-2017-5508","severity":"moderate","public_date":"2017-01-05T00:00:00Z","advisories":[],"bugzilla":"1414445","bugzilla_description":"CVE-2017-5508 ImageMagick: Heap-buffer-overflow in PushQuantumPixel","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5508.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2016-10144","severity":"low","public_date":"2016-12-24T00:00:00Z","advisories":[],"bugzilla":"1414437","bugzilla_description":"CVE-2016-10144 ImageMagick: ipl file missing malloc check","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10144.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-10145","severity":"low","public_date":"2016-12-24T00:00:00Z","advisories":[],"bugzilla":"1414440","bugzilla_description":"CVE-2016-10145 ImageMagick: Off-by-one error in wpg.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-193","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10145.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-10146","severity":"moderate","public_date":"2016-12-11T00:00:00Z","advisories":[],"bugzilla":"1414446","bugzilla_description":"CVE-2016-10146 ImageMagick: Memory leak in caption and label handling","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10146.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L","cvss3_score":"4.4"},{"CVE":"CVE-2016-8707","severity":"moderate","public_date":"2016-12-03T00:00:00Z","advisories":[],"bugzilla":"1408375","bugzilla_description":"CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8707.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"4.9"},{"CVE":"CVE-2016-9773","severity":"low","public_date":"2016-12-01T00:00:00Z","advisories":[],"bugzilla":"1401440","bugzilla_description":"CVE-2016-9773 ImageMagick: Heap-buffer overflow in IsPixelGray in pixel-accessor.h (Incomplete fix for CVE-2016-9556)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9773.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-9559","severity":"low","public_date":"2016-11-19T00:00:00Z","advisories":[],"bugzilla":"1398189","bugzilla_description":"CVE-2016-9559 ImageMagick: Null pointer dereference in tiff.c","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9559.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-9556","severity":"low","public_date":"2016-11-19T00:00:00Z","advisories":[],"bugzilla":"1398198","bugzilla_description":"CVE-2016-9556 ImageMagick: Heap-buffer overflow in IsPixelGray in pixel-accessor.h","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9556.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-10068","severity":"low","public_date":"2016-11-02T00:00:00Z","advisories":[],"bugzilla":"1410500","bugzilla_description":"CVE-2016-10068 ImageMagick: Segmentation fault in MSL interpreter","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10068.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-9298","severity":"moderate","public_date":"2016-10-31T00:00:00Z","advisories":[],"bugzilla":"1395251","bugzilla_description":"CVE-2016-9298 ImageMagick: Heap buffer overflow in WaveletDenoiseImage()","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9298.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-8866","severity":"moderate","public_date":"2016-10-20T00:00:00Z","advisories":[],"bugzilla":"1388816","bugzilla_description":"CVE-2016-8866 ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8862)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8866.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-10058","severity":"low","public_date":"2016-10-19T00:00:00Z","advisories":[],"bugzilla":"1410467","bugzilla_description":"CVE-2016-10058 ImageMagick: Memory leak in psd file handling","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10058.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-8678","severity":"moderate","public_date":"2016-10-07T00:00:00Z","advisories":[],"bugzilla":"1385694","bugzilla_description":"CVE-2016-8678 ImageMagick: Heap-buffer overflow in IsPixelMonochrome","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8678.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-8862","severity":"moderate","public_date":"2016-10-07T00:00:00Z","advisories":[],"bugzilla":"1387135","bugzilla_description":"CVE-2016-8862 ImageMagick: Memory allocation failure in AcquireMagickMemory","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8862.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-7799","severity":"moderate","public_date":"2016-09-30T00:00:00Z","advisories":[],"bugzilla":"1381138","bugzilla_description":"CVE-2016-7799 ImageMagick: Mogrify buffer over-read in profile.c","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7799.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L","cvss3_score":"5.1"},{"CVE":"CVE-2016-7906","severity":"moderate","public_date":"2016-09-30T00:00:00Z","advisories":[],"bugzilla":"1381141","bugzilla_description":"CVE-2016-7906 ImageMagick: Mogrify heap-use-after-free in attribute.c","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7906.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L","cvss3_score":"5.1"},{"CVE":"CVE-2016-7101","severity":"low","public_date":"2016-09-26T00:00:00Z","advisories":[],"bugzilla":"1379584","bugzilla_description":"CVE-2016-7101 ImageMagick: Out-of-bounds read vulnerability in SGI Coder","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7101.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2016-6823","severity":"moderate","public_date":"2016-09-26T00:00:00Z","advisories":[],"bugzilla":"1379587","bugzilla_description":"CVE-2016-6823 ImageMagick: Integer overflow within BMP encoder/writer","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6823.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2016-8677","severity":"moderate","public_date":"2016-09-16T00:00:00Z","advisories":[],"bugzilla":"1385698","bugzilla_description":"CVE-2016-8677 ImageMagick: Memory allocation failure in AcquireQuantumPixels","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8677.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-10053","severity":"low","public_date":"2016-08-24T00:00:00Z","advisories":[],"bugzilla":"1410461","bugzilla_description":"CVE-2016-10053 ImageMagick: TIFF divide by zero","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-369","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10053.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-10054","severity":"moderate","public_date":"2016-08-23T00:00:00Z","advisories":[],"bugzilla":"1410462","bugzilla_description":"CVE-2016-10054 ImageMagick: Buffer overflow in MAP coder","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10054.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L","cvss3_score":"4.4"},{"CVE":"CVE-2016-10055","severity":"moderate","public_date":"2016-08-23T00:00:00Z","advisories":[],"bugzilla":"1410464","bugzilla_description":"CVE-2016-10055 ImageMagick: Buffer overflow in PDB coder","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10055.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L","cvss3_score":"4.4"},{"CVE":"CVE-2016-10056","severity":"moderate","public_date":"2016-08-23T00:00:00Z","advisories":[],"bugzilla":"1410465","bugzilla_description":"CVE-2016-10056 ImageMagick: Buffer overflow in SIXEL coder","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10056.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L","cvss3_score":"4.4"},{"CVE":"CVE-2016-10057","severity":"moderate","public_date":"2016-08-23T00:00:00Z","advisories":[],"bugzilla":"1410466","bugzilla_description":"CVE-2016-10057 ImageMagick: Buffer overflow in CALS coder","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10057.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L","cvss3_score":"4.4"},{"CVE":"CVE-2016-10052","severity":"moderate","public_date":"2016-08-13T00:00:00Z","advisories":[],"bugzilla":"1410459","bugzilla_description":"CVE-2016-10052 ImageMagick: Out-of-bounds write in exif (jpeg) reader","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10052.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L","cvss3_score":"4.4"},{"CVE":"CVE-2016-10051","severity":"moderate","public_date":"2016-08-05T00:00:00Z","advisories":[],"bugzilla":"1410456","bugzilla_description":"CVE-2016-10051 ImageMagick: Use after free when using identify or convert","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10051.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L","cvss3_score":"4.4"},{"CVE":"CVE-2016-10046","severity":"moderate","public_date":"2016-08-04T00:00:00Z","advisories":[],"bugzilla":"1410448","bugzilla_description":"CVE-2016-10046 ImageMagick: Buffer overflow in draw.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10046.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L","cvss3_score":"4.4"},{"CVE":"CVE-2016-6520","severity":"low","public_date":"2016-08-01T00:00:00Z","advisories":[],"bugzilla":"1364357","bugzilla_description":"CVE-2016-6520 ImageMagick: out-of-bounds read in enhance.c","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6520.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L","cvss3_score":"4.0"},{"CVE":"CVE-2016-6491","severity":"low","public_date":"2016-07-28T00:00:00Z","advisories":[],"bugzilla":"1361492","bugzilla_description":"CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6491.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L","cvss3_score":"4.0"},{"CVE":"CVE-2016-5010","severity":"low","public_date":"2016-07-14T00:00:00Z","advisories":[],"bugzilla":"1354500","bugzilla_description":"CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5010.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"4.0"},{"CVE":"CVE-2016-10063","severity":"moderate","public_date":"2016-07-06T00:00:00Z","advisories":[],"bugzilla":"1410476","bugzilla_description":"CVE-2016-10063 ImageMagick: Buffer overflow in tiff.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10063.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L","cvss3_score":"4.4"},{"CVE":"CVE-2016-10064","severity":"moderate","public_date":"2016-07-06T00:00:00Z","advisories":[],"bugzilla":"1410478","bugzilla_description":"CVE-2016-10064 ImageMagick: Buffer overflow in tiff.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10064.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L","cvss3_score":"4.4"},{"CVE":"CVE-2016-5841","severity":"important","public_date":"2016-06-22T00:00:00Z","advisories":[],"bugzilla":"1350459","bugzilla_description":"CVE-2016-5841 ImageMagick: Integer overflow in MagickCore/profile.c","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5841.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.4"},{"CVE":"CVE-2016-5842","severity":"low","public_date":"2016-06-22T00:00:00Z","advisories":[],"bugzilla":"1350461","bugzilla_description":"CVE-2016-5842 ImageMagick: Information leak in MagickCore/property.c","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5842.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"6.2"},{"CVE":"CVE-2016-7540","severity":"low","public_date":"2016-06-19T00:00:00Z","advisories":[],"bugzilla":"1378777","bugzilla_description":"CVE-2016-7540 ImageMagick: writing to rgf format aborts","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7540.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2016-5687","severity":"low","public_date":"2016-06-14T00:00:00Z","advisories":[],"bugzilla":"1348149","bugzilla_description":"CVE-2016-5687 ImageMagick: Out-of-bounds memory read in VerticalFilter()","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5687.json"},{"CVE":"CVE-2016-5688","severity":"moderate","public_date":"2016-06-14T00:00:00Z","advisories":[],"bugzilla":"1348153","bugzilla_description":"CVE-2016-5688 ImageMagick: Heap overflow and random invalid memory writes in WPg parser","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5688.json"},{"CVE":"CVE-2016-5689","severity":"low","public_date":"2016-06-14T00:00:00Z","advisories":[],"bugzilla":"1348159","bugzilla_description":"CVE-2016-5689 ImageMagick: Lack of null pointer check in ReadDCMImage()","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-391","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5689.json"},{"CVE":"CVE-2016-5690","severity":"low","public_date":"2016-06-14T00:00:00Z","advisories":[],"bugzilla":"1348168","bugzilla_description":"CVE-2016-5690 ImageMagick: Possible integer overflow when computing pixel scaling table in ReadDCMImage","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5690.json"},{"CVE":"CVE-2016-5691","severity":"moderate","public_date":"2016-06-14T00:00:00Z","advisories":[],"bugzilla":"1348172","bugzilla_description":"CVE-2016-5691 ImageMagick: Possible out-of-bounds write in ReadDCMImage()","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:P","CWE":"CWE-787","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5691.json"},{"CVE":"CVE-2016-10050","severity":"moderate","public_date":"2016-06-05T00:00:00Z","advisories":[],"bugzilla":"1410454","bugzilla_description":"CVE-2016-10050 ImageMagick: Heap overflow when reading corrupt RLE files","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10050.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L","cvss3_score":"4.4"},{"CVE":"CVE-2016-4562","severity":"moderate","public_date":"2016-06-04T00:00:00Z","advisories":[],"bugzilla":"1343446","bugzilla_description":"CVE-2016-4562 ImageMagick: Mishandled calculation of certain vertices integer data in DrawDashPolygon() function","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4562.json"},{"CVE":"CVE-2016-4563","severity":"moderate","public_date":"2016-06-04T00:00:00Z","advisories":[],"bugzilla":"1343447","bugzilla_description":"CVE-2016-4563 ImageMagick: Mishandled relationship between the BezierQuantum value and certain strokes data in TraceStrokePolygon() function","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4563.json"},{"CVE":"CVE-2016-4564","severity":"moderate","public_date":"2016-06-04T00:00:00Z","advisories":[],"bugzilla":"1343448","bugzilla_description":"CVE-2016-4564 ImageMagick: Incorrect function call in attempting to locate the next token in DrawImage() function","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4564.json"},{"CVE":"CVE-2016-10060","severity":"low","public_date":"2016-06-04T00:00:00Z","advisories":[],"bugzilla":"1410470","bugzilla_description":"CVE-2016-10060 ImageMagick: Write path does not check return of fputc in magick-cli.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-252","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10060.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-10061","severity":"low","public_date":"2016-06-04T00:00:00Z","advisories":[],"bugzilla":"1410471","bugzilla_description":"CVE-2016-10061 ImageMagick: Write path does not check return of fputc in tiff.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-252","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10061.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-10062","severity":"low","public_date":"2016-06-04T00:00:00Z","advisories":[],"bugzilla":"1410473","bugzilla_description":"CVE-2016-10062 ImageMagick: Write path does not check return of fwrite","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-252","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10062.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-10047","severity":"low","public_date":"2016-06-02T00:00:00Z","advisories":[],"bugzilla":"1410449","bugzilla_description":"CVE-2016-10047 ImageMagick: Memory leak in XML file transversal","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10047.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2016-10048","severity":"low","public_date":"2016-06-02T00:00:00Z","advisories":[],"bugzilla":"1410451","bugzilla_description":"CVE-2016-10048 ImageMagick: Arbitrary module loading due to not escaping relative path","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-22","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10048.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2016-5118","severity":"important","public_date":"2016-05-29T00:00:00Z","advisories":["RHSA-2016:1237"],"bugzilla":"1340814","bugzilla_description":"CVE-2016-5118 ImageMagick: Remote code execution via filename","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-20","affected_packages":["ImageMagick-0:6.7.8.9-15.el7_2","ImageMagick-0:6.7.2.7-5.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5118.json"},{"CVE":"CVE-2016-10066","severity":"low","public_date":"2016-05-29T00:00:00Z","advisories":[],"bugzilla":"1410491","bugzilla_description":"CVE-2016-10066 ImageMagick: Buffer overflow due to too many exceptions in viff.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10066.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-10067","severity":"low","public_date":"2016-05-29T00:00:00Z","advisories":[],"bugzilla":"1410494","bugzilla_description":"CVE-2016-10067 ImageMagick: Buffer overflow due to too many exceptions in memory.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10067.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-10069","severity":"low","public_date":"2016-05-29T00:00:00Z","advisories":[],"bugzilla":"1410507","bugzilla_description":"CVE-2016-10069 ImageMagick: Invalid number of frames not checked in mat files","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10069.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-10049","severity":"moderate","public_date":"2016-05-17T00:00:00Z","advisories":[],"bugzilla":"1410452","bugzilla_description":"CVE-2016-10049 ImageMagick: Buffer overflow when reading corrupt RLE files","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10049.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L","cvss3_score":"4.4"},{"CVE":"CVE-2016-5239","severity":"moderate","public_date":"2016-05-08T00:00:00Z","advisories":["RHSA-2016:1237"],"bugzilla":"1334188","bugzilla_description":"CVE-2016-5239 ImageMagick,GraphicsMagick: Gnuplot delegate vulnerability allowing command injection","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-77","affected_packages":["ImageMagick-0:6.7.8.9-15.el7_2","ImageMagick-0:6.7.2.7-5.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5239.json"},{"CVE":"CVE-2016-10059","severity":"moderate","public_date":"2016-05-08T00:00:00Z","advisories":[],"bugzilla":"1410469","bugzilla_description":"CVE-2016-10059 ImageMagick: TIFF file buffer overflow","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10059.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L","cvss3_score":"4.4"},{"CVE":"CVE-2016-3714","severity":"important","public_date":"2016-05-03T00:00:00Z","advisories":["RHSA-2016:0726"],"bugzilla":"1332492","bugzilla_description":"CVE-2016-3714 ImageMagick: Insufficient shell characters filtering","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-20","affected_packages":["ImageMagick-0:6.7.8.9-13.el7_2","ImageMagick-0:6.7.2.7-4.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3714.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.4"},{"CVE":"CVE-2016-3715","severity":"moderate","public_date":"2016-05-03T00:00:00Z","advisories":["RHSA-2016:0726"],"bugzilla":"1332500","bugzilla_description":"CVE-2016-3715 ImageMagick: File deletion","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-20","affected_packages":["ImageMagick-0:6.7.8.9-13.el7_2","ImageMagick-0:6.7.2.7-4.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3715.json"},{"CVE":"CVE-2016-3716","severity":"moderate","public_date":"2016-05-03T00:00:00Z","advisories":["RHSA-2016:0726"],"bugzilla":"1332504","bugzilla_description":"CVE-2016-3716 ImageMagick: File moving","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-20","affected_packages":["ImageMagick-0:6.7.8.9-13.el7_2","ImageMagick-0:6.7.2.7-4.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3716.json"},{"CVE":"CVE-2016-3717","severity":"important","public_date":"2016-05-03T00:00:00Z","advisories":["RHSA-2016:0726"],"bugzilla":"1332505","bugzilla_description":"CVE-2016-3717 ImageMagick: Local file read","cvss_score":7.1,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:C/I:N/A:N","CWE":"CWE-20","affected_packages":["ImageMagick-0:6.7.8.9-13.el7_2","ImageMagick-0:6.7.2.7-4.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3717.json"},{"CVE":"CVE-2016-3718","severity":"low","public_date":"2016-05-03T00:00:00Z","advisories":["RHSA-2016:0726"],"bugzilla":"1332802","bugzilla_description":"CVE-2016-3718 ImageMagick: SSRF vulnerability","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-352","affected_packages":["ImageMagick-0:6.7.8.9-13.el7_2","ImageMagick-0:6.7.2.7-4.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3718.json"},{"CVE":"CVE-2016-5240","severity":"low","public_date":"2016-05-01T00:00:00Z","advisories":["RHSA-2016:1237"],"bugzilla":"1333417","bugzilla_description":"CVE-2016-5240 ImageMagick: SVG converting issue resulting in DoS","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["ImageMagick-0:6.7.8.9-15.el7_2","ImageMagick-0:6.7.2.7-5.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5240.json"},{"CVE":"CVE-2016-7538","severity":"moderate","public_date":"2016-03-11T00:00:00Z","advisories":[],"bugzilla":"1378775","bugzilla_description":"CVE-2016-7538 ImageMagick: SIGABRT for corrupted PSD file","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7538.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"4.0"},{"CVE":"CVE-2016-7537","severity":"moderate","public_date":"2016-03-04T00:00:00Z","advisories":[],"bugzilla":"1378773","bugzilla_description":"CVE-2016-7537 ImageMagick: OOB read for corrupted pdb file","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7537.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"4.0"},{"CVE":"CVE-2016-7536","severity":"moderate","public_date":"2016-02-14T00:00:00Z","advisories":[],"bugzilla":"1378772","bugzilla_description":"CVE-2016-7536 ImageMagick: SEGV reported in corrupted profile handling","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7536.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2016-10065","severity":"moderate","public_date":"2016-02-14T00:00:00Z","advisories":[],"bugzilla":"1410482","bugzilla_description":"CVE-2016-10065 ImageMagick: Out of bounds read in viff file handling","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10065.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L","cvss3_score":"4.4"},{"CVE":"CVE-2016-10070","severity":"moderate","public_date":"2016-02-14T00:00:00Z","advisories":[],"bugzilla":"1410510","bugzilla_description":"CVE-2016-10070 ImageMagick: Out-of-bounds read in mat.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10070.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L","cvss3_score":"4.4"},{"CVE":"CVE-2016-10071","severity":"moderate","public_date":"2016-02-14T00:00:00Z","advisories":[],"bugzilla":"1410513","bugzilla_description":"CVE-2016-10071 ImageMagick: Out-of-bounds read in mat.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10071.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L","cvss3_score":"4.4"},{"CVE":"CVE-2016-7535","severity":"moderate","public_date":"2016-02-12T00:00:00Z","advisories":[],"bugzilla":"1378768","bugzilla_description":"CVE-2016-7535 ImageMagick: out of bound access for corrupted psd file","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7535.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.9"},{"CVE":"CVE-2016-7534","severity":"moderate","public_date":"2016-02-07T00:00:00Z","advisories":[],"bugzilla":"1378767","bugzilla_description":"CVE-2016-7534 ImageMagick: CbYCrY quantum heap-based OOB read/write","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7534.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2016-7527","severity":"low","public_date":"2016-02-05T00:00:00Z","advisories":[],"bugzilla":"1378759","bugzilla_description":"CVE-2016-7527 ImageMagick: out-of-bounds read in MagickCore/memory.c","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7527.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"4.0"},{"CVE":"CVE-2016-7533","severity":"moderate","public_date":"2016-02-05T00:00:00Z","advisories":[],"bugzilla":"1378765","bugzilla_description":"CVE-2016-7533 ImageMagick: WPG file out-of-bounds write","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7533.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2016-7526","severity":"moderate","public_date":"2016-01-28T00:00:00Z","advisories":[],"bugzilla":"1378758","bugzilla_description":"CVE-2016-7526 ImageMagick: out-of-bounds write in ./MagickCore/pixel-accessor.h","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7526.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2016-7529","severity":"low","public_date":"2016-01-28T00:00:00Z","advisories":[],"bugzilla":"1378761","bugzilla_description":"CVE-2016-7529 ImageMagick: out of bound heap read in XCF file coder","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7529.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2016-7530","severity":"moderate","public_date":"2016-01-28T00:00:00Z","advisories":[],"bugzilla":"1378762","bugzilla_description":"CVE-2016-7530 ImageMagick: out of bound in quantum handling","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7530.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.9"},{"CVE":"CVE-2016-7531","severity":"moderate","public_date":"2016-01-28T00:00:00Z","advisories":[],"bugzilla":"1378763","bugzilla_description":"CVE-2016-7531 ImageMagick: pbd file heap-based OOB write","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7531.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.9"},{"CVE":"CVE-2016-7532","severity":"low","public_date":"2016-01-28T00:00:00Z","advisories":[],"bugzilla":"1378764","bugzilla_description":"CVE-2016-7532 ImageMagick: Fix handling of corrupted psd file","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7532.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"4.0"},{"CVE":"CVE-2016-7521","severity":"low","public_date":"2016-01-24T00:00:00Z","advisories":[],"bugzilla":"1378748","bugzilla_description":"CVE-2016-7521 ImageMagick: heap buffer overflow in psd file handling","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7521.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"4.0"},{"CVE":"CVE-2016-7522","severity":"low","public_date":"2016-01-24T00:00:00Z","advisories":[],"bugzilla":"1378751","bugzilla_description":"CVE-2016-7522 ImageMagick: out of bound read for malformed psd file","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7522.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"4.0"},{"CVE":"CVE-2016-7523","severity":"low","public_date":"2016-01-24T00:00:00Z","advisories":[],"bugzilla":"1378754","bugzilla_description":"CVE-2016-7523 ImageMagick: OOB read in coders/meta.c","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7523.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"4.0"},{"CVE":"CVE-2016-7524","severity":null,"public_date":"2016-01-24T00:00:00Z","advisories":[],"bugzilla":"1378756","bugzilla_description":"CVE-2016-7524 ImageMagick: heap-buffer-overflow in coders/meta.c","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7524.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2016-7525","severity":"low","public_date":"2016-01-24T00:00:00Z","advisories":[],"bugzilla":"1378757","bugzilla_description":"CVE-2016-7525 ImageMagick: heap buffer overflow in psd file coder","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7525.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"4.0"},{"CVE":"CVE-2016-7528","severity":"moderate","public_date":"2016-01-24T00:00:00Z","advisories":[],"bugzilla":"1378760","bugzilla_description":"CVE-2016-7528 ImageMagick: out of bound access for viff file coder","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7528.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"4.0"},{"CVE":"CVE-2015-8898","severity":"low","public_date":"2016-01-17T00:00:00Z","advisories":["RHSA-2016:1237"],"bugzilla":"1344264","bugzilla_description":"CVE-2015-8898 ImageMagick: Prevent NULL pointer access in magick/constitute.c","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-476","affected_packages":["ImageMagick-0:6.7.8.9-15.el7_2","ImageMagick-0:6.7.2.7-5.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8898.json"},{"CVE":"CVE-2015-8897","severity":"low","public_date":"2016-01-17T00:00:00Z","advisories":["RHSA-2016:1237"],"bugzilla":"1344271","bugzilla_description":"CVE-2015-8897 ImageMagick: Crash due to out of bounds error in SpliceImage","cvss_score":3.3,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:N/A:P","CWE":"CWE-125","affected_packages":["ImageMagick-0:6.7.8.9-15.el7_2","ImageMagick-0:6.7.2.7-5.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8897.json"},{"CVE":"CVE-2016-7514","severity":"low","public_date":"2016-01-13T00:00:00Z","advisories":[],"bugzilla":"1378739","bugzilla_description":"CVE-2016-7514 ImageMagick: out-of-bounds read in coders/psd.c","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7514.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2016-7515","severity":"low","public_date":"2016-01-13T00:00:00Z","advisories":[],"bugzilla":"1378741","bugzilla_description":"CVE-2016-7515 ImageMagick: rle file handling OOB read","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7515.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2016-7516","severity":"low","public_date":"2016-01-13T00:00:00Z","advisories":[],"bugzilla":"1378743","bugzilla_description":"CVE-2016-7516 ImageMagick: out of bounds read problem in coders/viff.c","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7516.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"4.0"},{"CVE":"CVE-2016-7517","severity":"low","public_date":"2016-01-13T00:00:00Z","advisories":[],"bugzilla":"1378744","bugzilla_description":"CVE-2016-7517 ImageMagick: out-of-bounds read in coders/pict.c","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7517.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"4.0"},{"CVE":"CVE-2016-7518","severity":"low","public_date":"2016-01-13T00:00:00Z","advisories":[],"bugzilla":"1378745","bugzilla_description":"CVE-2016-7518 ImageMagick: out-of-bounds read in coders/sun.c","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7518.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"4.0"},{"CVE":"CVE-2016-7519","severity":"low","public_date":"2016-01-13T00:00:00Z","advisories":[],"bugzilla":"1378746","bugzilla_description":"CVE-2016-7519 ImageMagick: out-of-bounds read in coders/rle.c","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7519.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"4.0"},{"CVE":"CVE-2016-7520","severity":"low","public_date":"2016-01-13T00:00:00Z","advisories":[],"bugzilla":"1378747","bugzilla_description":"CVE-2016-7520 ImageMagick: heap-buffer-overflow read in coders/hdr.c","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7520.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"4.0"},{"CVE":"CVE-2016-7539","severity":"low","public_date":"2016-01-07T00:00:00Z","advisories":[],"bugzilla":"1378776","bugzilla_description":"CVE-2016-7539 ImageMagick: potential DOS by not releasing memory","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7539.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2015-8895","severity":"moderate","public_date":"2015-05-28T00:00:00Z","advisories":["RHSA-2016:1237"],"bugzilla":"1269553","bugzilla_description":"CVE-2015-8895 ImageMagick: Integer and buffer overflow in coders/icon.c","cvss_score":5.5,"cvss_scoring_vector":"AV:N/AC:L/Au:S/C:N/I:P/A:P","CWE":"CWE-190","affected_packages":["ImageMagick-0:6.7.8.9-15.el7_2","ImageMagick-0:6.7.2.7-5.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8895.json"},{"CVE":"CVE-2015-8896","severity":"moderate","public_date":"2015-04-26T00:00:00Z","advisories":["RHSA-2016:1237"],"bugzilla":"1269562","bugzilla_description":"CVE-2015-8896 ImageMagick: Integer truncation vulnerability in coders/pict.c","cvss_score":4.6,"cvss_scoring_vector":"AV:N/AC:H/Au:S/C:P/I:P/A:P","CWE":null,"affected_packages":["ImageMagick-0:6.7.8.9-15.el7_2","ImageMagick-0:6.7.2.7-5.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8896.json"},{"CVE":"CVE-2015-8894","severity":"moderate","public_date":"2015-04-23T00:00:00Z","advisories":[],"bugzilla":"1347275","bugzilla_description":"CVE-2015-8894 ImageMagick: Double free flaw in tga.c","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-672","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8894.json"},{"CVE":"CVE-2015-8900","severity":"low","public_date":"2015-02-19T00:00:00Z","advisories":[],"bugzilla":"1195260","bugzilla_description":"CVE-2015-8900 ImageMagick: denial of service flaw in HDR file processing","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8900.json"},{"CVE":"CVE-2015-8901","severity":"low","public_date":"2015-02-19T00:00:00Z","advisories":[],"bugzilla":"1195265","bugzilla_description":"CVE-2015-8901 ImageMagick: denial of service flaw in MIFF file processing","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8901.json"},{"CVE":"CVE-2015-8902","severity":"low","public_date":"2015-02-19T00:00:00Z","advisories":[],"bugzilla":"1195269","bugzilla_description":"CVE-2015-8902 ImageMagick: denial of service flaw in PDB file processing","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8902.json"},{"CVE":"CVE-2015-8903","severity":"low","public_date":"2015-02-19T00:00:00Z","advisories":[],"bugzilla":"1195271","bugzilla_description":"CVE-2015-8903 ImageMagick: denial of service flaw in VICAR file processing","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8903.json"},{"CVE":"CVE-2015-8959","severity":"low","public_date":"2015-01-11T00:00:00Z","advisories":[],"bugzilla":"1378738","bugzilla_description":"CVE-2015-8959 ImageMagick: CPU usage DOS due to corrupted DDS files","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8959.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2015-8958","severity":"low","public_date":"2015-01-09T00:00:00Z","advisories":[],"bugzilla":"1378736","bugzilla_description":"CVE-2015-8958 ImageMagick: OOB read and possible crash when processing malformed SUN files","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8958.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2015-8957","severity":"low","public_date":"2015-01-05T00:00:00Z","advisories":[],"bugzilla":"1378735","bugzilla_description":"CVE-2015-8957 ImageMagick: OOB read and possible crash when handling malformed SUN files","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8957.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2014-9907","severity":"moderate","public_date":"2014-12-29T00:00:00Z","advisories":[],"bugzilla":"1378734","bugzilla_description":"CVE-2014-9907 ImageMagick: DOS due to corrupted DDS files","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-252","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9907.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2014-9804","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343459","bugzilla_description":"CVE-2014-9804 ImageMagick: infinite loop DoS in vision.c","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9804.json"},{"CVE":"CVE-2014-9805","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343460","bugzilla_description":"CVE-2014-9805 ImageMagick: crash on corrupted pnm file","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9805.json"},{"CVE":"CVE-2014-9806","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343462","bugzilla_description":"CVE-2014-9806 ImageMagick: fd leak due to corrupted file","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-203","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9806.json"},{"CVE":"CVE-2014-9807","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343463","bugzilla_description":"CVE-2014-9807 ImageMagick: double free in pdb coder","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9807.json"},{"CVE":"CVE-2014-9808","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343464","bugzilla_description":"CVE-2014-9808 ImageMagick: crash on corrupted dpc image","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9808.json"},{"CVE":"CVE-2014-9809","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343465","bugzilla_description":"CVE-2014-9809 ImageMagick: crash on corrupted xwd image","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9809.json"},{"CVE":"CVE-2014-9810","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343466","bugzilla_description":"CVE-2014-9810 ImageMagick: crash in dpx file handler","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9810.json"},{"CVE":"CVE-2014-9811","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343467","bugzilla_description":"CVE-2014-9811 ImageMagick: crash in xwd file handler","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9811.json"},{"CVE":"CVE-2014-9812","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343468","bugzilla_description":"CVE-2014-9812 ImageMagick: NULL pointer dereference in ps file handling","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9812.json"},{"CVE":"CVE-2014-9813","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343469","bugzilla_description":"CVE-2014-9813 ImageMagick: crash on corrupted viff file","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9813.json"},{"CVE":"CVE-2014-9814","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343470","bugzilla_description":"CVE-2014-9814 ImageMagick: NULL pointer dereference in wpg file handling","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9814.json"},{"CVE":"CVE-2014-9815","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343471","bugzilla_description":"CVE-2014-9815 ImageMagick: crash on corrupted wpg file","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9815.json"},{"CVE":"CVE-2014-9816","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343472","bugzilla_description":"CVE-2014-9816 ImageMagick: out of bound access in viff image","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9816.json"},{"CVE":"CVE-2014-9817","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343473","bugzilla_description":"CVE-2014-9817 ImageMagick: heap buffer overflow in pdb file handling","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9817.json"},{"CVE":"CVE-2014-9818","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343474","bugzilla_description":"CVE-2014-9818 ImageMagick: out of bound access on malformed sun file","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9818.json"},{"CVE":"CVE-2014-9819","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343475","bugzilla_description":"CVE-2014-9819 ImageMagick: heap overflow in palm files","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9819.json"},{"CVE":"CVE-2014-9820","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343476","bugzilla_description":"CVE-2014-9820 ImageMagick: heap overflow in xpm files","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9820.json"},{"CVE":"CVE-2014-9821","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343477","bugzilla_description":"CVE-2014-9821 ImageMagick: heap overflow in pnm files","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9821.json"},{"CVE":"CVE-2014-9822","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343478","bugzilla_description":"CVE-2014-9822 ImageMagick: heap overflow in quantum file","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9822.json"},{"CVE":"CVE-2014-9823","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343479","bugzilla_description":"CVE-2014-9823 ImageMagick: heap overflow in palm file","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9823.json"},{"CVE":"CVE-2014-9824","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343480","bugzilla_description":"CVE-2014-9824 ImageMagick: heap overflow in psd file","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9824.json"},{"CVE":"CVE-2014-9825","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343481","bugzilla_description":"CVE-2014-9825 ImageMagick: heap overflow in corrupted psd file","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9825.json"},{"CVE":"CVE-2014-9826","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343482","bugzilla_description":"CVE-2014-9826 ImageMagick: incorrect error handling in sun files","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9826.json"},{"CVE":"CVE-2014-9827","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343483","bugzilla_description":"CVE-2014-9827 ImageMagick: handling of corrupted of xpm file","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9827.json"},{"CVE":"CVE-2014-9828","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343484","bugzilla_description":"CVE-2014-9828 ImageMagick: corrupted (too many colors) psd file","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9828.json"},{"CVE":"CVE-2014-9829","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343485","bugzilla_description":"CVE-2014-9829 ImageMagick: out of bound access in sun file","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9829.json"},{"CVE":"CVE-2014-9830","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343486","bugzilla_description":"CVE-2014-9830 ImageMagick: handling of corrupted sun file","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9830.json"},{"CVE":"CVE-2014-9831","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343487","bugzilla_description":"CVE-2014-9831 ImageMagick: handling of corrupted wpg file","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9831.json"},{"CVE":"CVE-2014-9832","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343488","bugzilla_description":"CVE-2014-9832 ImageMagick: heap overflow in pcx file","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9832.json"},{"CVE":"CVE-2014-9833","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343489","bugzilla_description":"CVE-2014-9833 ImageMagick: heap overflow in psd file","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9833.json"},{"CVE":"CVE-2014-9834","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343490","bugzilla_description":"CVE-2014-9834 ImageMagick: heap overflow in pict file","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9834.json"},{"CVE":"CVE-2014-9835","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343491","bugzilla_description":"CVE-2014-9835 ImageMagick: heap overflow in wpf file","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9835.json"},{"CVE":"CVE-2014-9836","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343492","bugzilla_description":"CVE-2014-9836 ImageMagick: crash in xpm file handling","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9836.json"},{"CVE":"CVE-2014-9837","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343493","bugzilla_description":"CVE-2014-9837 ImageMagick: additional PNM sanity checks","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9837.json"},{"CVE":"CVE-2014-9838","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343495","bugzilla_description":"CVE-2014-9838 ImageMagick: out of memory crash in magick/cache.c","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9838.json"},{"CVE":"CVE-2014-9839","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343496","bugzilla_description":"CVE-2014-9839 ImageMagick: theoretical out of bound access in magick/colormap-private.h","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9839.json"},{"CVE":"CVE-2014-9840","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343498","bugzilla_description":"CVE-2014-9840 ImageMagick: out of bound access in palm file","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9840.json"},{"CVE":"CVE-2014-9841","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343499","bugzilla_description":"CVE-2014-9841 ImageMagick: throwing of exceptions in psd handling","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9841.json"},{"CVE":"CVE-2014-9842","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343500","bugzilla_description":"CVE-2014-9842 ImageMagick: memory leak in psd handling","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9842.json"},{"CVE":"CVE-2014-9843","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343501","bugzilla_description":"CVE-2014-9843 ImageMagick: incorrect boundary checks in DecodePSDPixels","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9843.json"},{"CVE":"CVE-2014-9844","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343502","bugzilla_description":"CVE-2014-9844 ImageMagick: out of bound issue in rle file","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9844.json"},{"CVE":"CVE-2014-9845","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343503","bugzilla_description":"CVE-2014-9845 ImageMagick: crash due to corrupted dib file","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9845.json"},{"CVE":"CVE-2014-9846","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343504","bugzilla_description":"CVE-2014-9846 ImageMagick: overflow in rle file","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9846.json"},{"CVE":"CVE-2014-9847","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343506","bugzilla_description":"CVE-2014-9847 ImageMagick: incorrect handling of \"previous\" image in the JNG decoder","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9847.json"},{"CVE":"CVE-2014-9848","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343507","bugzilla_description":"CVE-2014-9848 ImageMagick: memory leak in quantum management","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9848.json"},{"CVE":"CVE-2014-9849","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343509","bugzilla_description":"CVE-2014-9849 ImageMagick: crash in png coder","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9849.json"},{"CVE":"CVE-2014-9850","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343510","bugzilla_description":"CVE-2014-9850 ImageMagick: incorrect thread limit logic","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9850.json"},{"CVE":"CVE-2014-9851","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343511","bugzilla_description":"CVE-2014-9851 ImageMagick: crash when parsing resource block","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9851.json"},{"CVE":"CVE-2014-9852","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343512","bugzilla_description":"CVE-2014-9852 ImageMagick: incorrect usage of object after it has been destroyed","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9852.json"},{"CVE":"CVE-2014-9853","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343513","bugzilla_description":"CVE-2014-9853 ImageMagick: memory leak in rle file handling","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9853.json"},{"CVE":"CVE-2014-9854","severity":"moderate","public_date":"2014-12-24T00:00:00Z","advisories":[],"bugzilla":"1343514","bugzilla_description":"CVE-2014-9854 ImageMagick: filling memory during identification of image","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9854.json"},{"CVE":"CVE-2016-7513","severity":"low","public_date":"2014-12-16T00:00:00Z","advisories":[],"bugzilla":"1378733","bugzilla_description":"CVE-2016-7513 ImageMagick: Off-by-one error in cache.c","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-193","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7513.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2014-8716","severity":"low","public_date":"2014-11-13T00:00:00Z","advisories":[],"bugzilla":"1164248","bugzilla_description":"CVE-2014-8716 ImageMagick: out-of-bounds memory error in JPEG decoder","cvss_score":3.3,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8716.json"},{"CVE":"CVE-2014-9915","severity":"low","public_date":"2014-10-29T00:00:00Z","advisories":[],"bugzilla":"1410436","bugzilla_description":"CVE-2014-9915 ImageMagick: Off-by-one count when parsing an 8BIM profile","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-193","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9915.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2014-8354","severity":"low","public_date":"2014-10-27T00:00:00Z","advisories":[],"bugzilla":"1158518","bugzilla_description":"CVE-2014-8354 ImageMagick: out-of-bounds memory access in resize code","cvss_score":3.3,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8354.json"},{"CVE":"CVE-2014-8355","severity":"low","public_date":"2014-10-27T00:00:00Z","advisories":[],"bugzilla":"1158523","bugzilla_description":"CVE-2014-8355 ImageMagick: out-of-bounds memory access in PCX parser","cvss_score":3.3,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8355.json"},{"CVE":"CVE-2014-8562","severity":"low","public_date":"2014-10-27T00:00:00Z","advisories":[],"bugzilla":"1159362","bugzilla_description":"CVE-2014-8562 ImageMagick: out-of-bounds memory error in DCM decode","cvss_score":3.3,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8562.json"},{"CVE":"CVE-2014-1947","severity":"moderate","public_date":"2013-11-14T00:00:00Z","advisories":[],"bugzilla":"1064098","bugzilla_description":"CVE-2014-1947 ImageMagick: PSD writing layer name buffer overflow (\"L%02ld\")","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1947.json"},{"CVE":"CVE-2014-1958","severity":"moderate","public_date":"2013-11-14T00:00:00Z","advisories":[],"bugzilla":"1067276","bugzilla_description":"CVE-2014-1958 ImageMagick: buffer overflow flaw when handling PSD images that use RLE encoding","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1958.json"},{"CVE":"CVE-2014-2030","severity":"moderate","public_date":"2013-11-14T00:00:00Z","advisories":[],"bugzilla":"1083477","bugzilla_description":"CVE-2014-2030 ImageMagick: PSD writing layer name buffer overflow (\"L%06ld\")","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2030.json"},{"CVE":"CVE-2013-4298","severity":"important","public_date":"2013-08-29T00:00:00Z","advisories":[],"bugzilla":"1004648","bugzilla_description":"CVE-2013-4298 ImageMagick: One-byte heap-based buffer overflow when decoding certain GIF images","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4298.json"},{"CVE":"CVE-2012-3437","severity":"low","public_date":"2012-07-27T00:00:00Z","advisories":[],"bugzilla":"844101","bugzilla_description":"CVE-2012-3437 ImageMagick: Magick_png_malloc() size argument","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3437.json"},{"CVE":"CVE-2012-0259","severity":"low","public_date":"2012-03-28T00:00:00Z","advisories":["RHSA-2012:0544"],"bugzilla":"807993","bugzilla_description":"CVE-2012-0259 ImageMagick: Out-of heap-based buffer read by processing crafted JPEG EXIF header tag value","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["ImageMagick-0:6.5.4.7-6.el6_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0259.json"},{"CVE":"CVE-2012-0260","severity":"low","public_date":"2012-03-28T00:00:00Z","advisories":["RHSA-2012:0544","RHSA-2012:0545"],"bugzilla":"807994","bugzilla_description":"CVE-2012-0260 ImageMagick: excessive CPU use DoS by processing JPEG images with crafted restart markers","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["ImageMagick-0:6.2.8.0-15.el5_8","ImageMagick-0:6.5.4.7-6.el6_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0260.json"},{"CVE":"CVE-2012-1798","severity":"low","public_date":"2012-03-28T00:00:00Z","advisories":["RHSA-2012:0544"],"bugzilla":"807997","bugzilla_description":"CVE-2012-1798 ImageMagick: Out-of-bounds buffer read by copying image bytes for TIFF images with crafted TIFF EXIF IFD value","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["ImageMagick-0:6.5.4.7-6.el6_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1798.json"},{"CVE":"CVE-2012-1185","severity":"moderate","public_date":"2012-03-19T00:00:00Z","advisories":[],"bugzilla":"804588","bugzilla_description":"CVE-2012-1185: ImageMagick: Incorrect fix for CVE-2012-0247","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1185.json"},{"CVE":"CVE-2012-1186","severity":null,"public_date":"2012-03-19T00:00:00Z","advisories":[],"bugzilla":"804591","bugzilla_description":"CVE-2012-1186: ImageMagick: Incorrect fix for CVE-2012-0248","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1186.json"},{"CVE":"CVE-2012-0247","severity":"moderate","public_date":"2012-02-03T00:00:00Z","advisories":["RHSA-2012:0544","RHSA-2012:0545"],"bugzilla":"789443","bugzilla_description":"CVE-2012-0247 CVE-2012-0248 ImageMagick: invalid validation of images denial of service","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["ImageMagick-0:6.2.8.0-15.el5_8","ImageMagick-0:6.5.4.7-6.el6_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0247.json"},{"CVE":"CVE-2012-0248","severity":"moderate","public_date":"2012-02-03T00:00:00Z","advisories":["RHSA-2012:0544","RHSA-2012:0545"],"bugzilla":"789443","bugzilla_description":"CVE-2012-0247 CVE-2012-0248 ImageMagick: invalid validation of images denial of service","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["ImageMagick-0:6.2.8.0-15.el5_8","ImageMagick-0:6.5.4.7-6.el6_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0248.json"},{"CVE":"CVE-2010-4167","severity":"low","public_date":"2010-10-30T00:00:00Z","advisories":["RHSA-2012:0301","RHSA-2012:0544"],"bugzilla":"652860","bugzilla_description":"CVE-2010-4167 ImageMagick: configuration files read from $CWD may allow arbitrary code execution","cvss_score":2.6,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["ImageMagick-0:6.5.4.7-6.el6_2","ImageMagick-0:6.2.8.0-12.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4167.json"},{"CVE":"CVE-2009-1882","severity":"moderate","public_date":"2009-05-27T00:00:00Z","advisories":["RHSA-2010:0653","RHSA-2010:0652"],"bugzilla":"503017","bugzilla_description":"CVE-2009-1882 ImageMagick, GraphicsMagick: Integer overflow in the routine creating X11 images","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-190","affected_packages":["ImageMagick-0:6.2.8.0-4.el5_5.2","ImageMagick-0:6.0.7.1-20.el4_8.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1882.json"},{"CVE":"CVE-2007-4988","severity":"moderate","public_date":"2007-09-19T00:00:00Z","advisories":["RHSA-2008:0145"],"bugzilla":"310081","bugzilla_description":"CVE-2007-4988 Integer overflow in ImageMagick's DIB coder","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":["ImageMagick-0:6.2.8.0-4.el5_1.1","ImageMagick-0:6.0.7.1-17.el4_6.1","ImageMagick-0:5.5.6-28"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4988.json"},{"CVE":"CVE-2007-4985","severity":"low","public_date":"2007-09-19T00:00:00Z","advisories":["RHSA-2008:0145","RHSA-2008:0165"],"bugzilla":"310091","bugzilla_description":"CVE-2007-4985 Infinite loops in ImageMagick's XCF and DCM coders","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":["ImageMagick-0:6.2.8.0-4.el5_1.1","ImageMagick-0:6.0.7.1-17.el4_6.1","ImageMagick-0:5.3.8-21","ImageMagick-0:5.5.6-28"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4985.json"},{"CVE":"CVE-2007-4986","severity":"moderate","public_date":"2007-09-19T00:00:00Z","advisories":["RHSA-2008:0145","RHSA-2008:0165"],"bugzilla":"310121","bugzilla_description":"CVE-2007-4986 Multiple integer overflows in ImageMagick","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":["ImageMagick-0:6.2.8.0-4.el5_1.1","ImageMagick-0:6.0.7.1-17.el4_6.1","ImageMagick-0:5.3.8-21","ImageMagick-0:5.5.6-28"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4986.json"},{"CVE":"CVE-2007-1797","severity":"moderate","public_date":"2007-03-31T00:00:00Z","advisories":["RHSA-2008:0145","RHSA-2008:0165"],"bugzilla":"235071","bugzilla_description":"CVE-2007-1797 Heap overflow in ImageMagick's DCM and XWD coders","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["ImageMagick-0:6.2.8.0-4.el5_1.1","ImageMagick-0:6.0.7.1-17.el4_6.1","ImageMagick-0:5.3.8-21","ImageMagick-0:5.5.6-28"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1797.json"},{"CVE":"CVE-2008-1097","severity":"moderate","public_date":"2007-03-11T00:00:00Z","advisories":["RHSA-2008:0145","RHSA-2008:0165"],"bugzilla":"285861","bugzilla_description":"CVE-2008-1097 Memory corruption in ImageMagick's PCX coder","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["ImageMagick-0:6.2.8.0-4.el5_1.1","ImageMagick-0:6.0.7.1-17.el4_6.1","ImageMagick-0:5.3.8-21","ImageMagick-0:5.5.6-28"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1097.json"},{"CVE":"CVE-2008-1096","severity":"moderate","public_date":"2007-03-11T00:00:00Z","advisories":["RHSA-2008:0145"],"bugzilla":"286411","bugzilla_description":"CVE-2008-1096 Out of bound write in ImageMagick's XCF coder","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["ImageMagick-0:6.2.8.0-4.el5_1.1","ImageMagick-0:6.0.7.1-17.el4_6.1","ImageMagick-0:5.5.6-28"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1096.json"},{"CVE":"CVE-2006-5456","severity":"moderate","public_date":"2006-09-29T00:00:00Z","advisories":["RHSA-2007:0015"],"bugzilla":"210921","bugzilla_description":"CVE-2006-5456 Overflows in GraphicsMagick and ImageMagick's DCM and PALM handling routines","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["ImageMagick-0:5.3.8-18","ImageMagick-0:5.5.6-24","ImageMagick-0:6.0.7.1-16.0.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5456.json"},{"CVE":"CVE-2006-5868","severity":"moderate","public_date":"2006-09-29T00:00:00Z","advisories":["RHSA-2007:0015"],"bugzilla":"217560","bugzilla_description":"CVE-2006-5868 Insufficient boundary check in ImageMagick's SGIDecode()","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["ImageMagick-0:5.3.8-18","ImageMagick-0:5.5.6-24","ImageMagick-0:6.0.7.1-16.0.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5868.json"},{"CVE":"CVE-2006-3743","severity":"moderate","public_date":"2006-08-22T00:00:00Z","advisories":["RHSA-2006:0633"],"bugzilla":"1618158","bugzilla_description":"CVE-2006-3743 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["ImageMagick-0:5.5.6-20","ImageMagick-0:6.0.7.1-16"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3743.json"},{"CVE":"CVE-2006-3744","severity":"moderate","public_date":"2006-08-22T00:00:00Z","advisories":["RHSA-2006:0633"],"bugzilla":"1618159","bugzilla_description":"CVE-2006-3744 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["ImageMagick-0:5.5.6-20","ImageMagick-0:6.0.7.1-16"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3744.json"},{"CVE":"CVE-2006-4144","severity":"moderate","public_date":"2006-08-14T00:00:00Z","advisories":["RHSA-2006:0633"],"bugzilla":"1618176","bugzilla_description":"CVE-2006-4144 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["ImageMagick-0:5.5.6-20","ImageMagick-0:6.0.7.1-16"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4144.json"},{"CVE":"CVE-2006-0082","severity":"moderate","public_date":"2006-01-04T00:00:00Z","advisories":["RHSA-2006:0178"],"bugzilla":"1617873","bugzilla_description":"CVE-2006-0082 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["ImageMagick-0:6.0.7.1-14","ImageMagick-0:5.5.6-18"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-0082.json"},{"CVE":"CVE-2006-2440","severity":"low","public_date":"2006-01-02T00:00:00Z","advisories":["RHSA-2007:0015"],"bugzilla":"1618102","bugzilla_description":"CVE-2006-2440 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["ImageMagick-0:5.3.8-18","ImageMagick-0:5.5.6-24","ImageMagick-0:6.0.7.1-16.0.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2440.json"},{"CVE":"CVE-2005-4601","severity":"moderate","public_date":"2005-12-29T00:00:00Z","advisories":["RHSA-2006:0178"],"bugzilla":"1617859","bugzilla_description":"CVE-2005-4601 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["ImageMagick-0:6.0.7.1-14","ImageMagick-0:5.5.6-18"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-4601.json"},{"CVE":"CVE-2005-1739","severity":"moderate","public_date":"2005-04-25T00:00:00Z","advisories":["RHSA-2005:480"],"bugzilla":"1617662","bugzilla_description":"CVE-2005-1739 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["ImageMagick-0:6.0.7.1-12","ImageMagick-0:5.5.6-15"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1739.json"},{"CVE":"CVE-2005-1275","severity":"important","public_date":"2005-04-24T00:00:00Z","advisories":["RHSA-2005:413"],"bugzilla":"1617627","bugzilla_description":"CVE-2005-1275 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["ImageMagick-0:6.0.7.1-11","ImageMagick-0:5.5.6-14"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1275.json"},{"CVE":"CVE-2005-0397","severity":"moderate","public_date":"2005-02-02T00:00:00Z","advisories":["RHSA-2005:320","RHSA-2005:070"],"bugzilla":"1617515","bugzilla_description":"CVE-2005-0397 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["ImageMagick-0:6.0.7.1-10","ImageMagick-0:5.5.6-13"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0397.json"},{"CVE":"CVE-2005-0005","severity":"moderate","public_date":"2005-01-17T00:00:00Z","advisories":["RHSA-2005:070","RHSA-2005:071"],"bugzilla":"1617431","bugzilla_description":"CVE-2005-0005 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["ImageMagick-0:5.5.6-13","ImageMagick-0:6.0.7.1-6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0005.json"},{"CVE":"CVE-2004-0981","severity":null,"public_date":"2004-10-06T00:00:00Z","advisories":["RHSA-2004:636"],"bugzilla":"1617341","bugzilla_description":"CVE-2004-0981 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["ImageMagick-0:5.5.6-7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0981.json"},{"CVE":"CVE-2004-0827","severity":"important","public_date":"2004-08-24T00:00:00Z","advisories":["RHSA-2004:636","RHSA-2004:480","RHSA-2004:494"],"bugzilla":"1617306","bugzilla_description":"CVE-2004-0827 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["ImageMagick-0:5.5.6-7","ImageMagick-0:5.5.6-6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0827.json"},{"CVE":"CVE-2005-0761","severity":"low","public_date":"2004-06-09T00:00:00Z","advisories":["RHSA-2005:070"],"bugzilla":"1617576","bugzilla_description":"CVE-2005-0761 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["ImageMagick-0:5.5.6-13"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0761.json"},{"CVE":"CVE-2005-0762","severity":"moderate","public_date":"2004-06-09T00:00:00Z","advisories":["RHSA-2005:070"],"bugzilla":"1617577","bugzilla_description":"CVE-2005-0762 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["ImageMagick-0:5.5.6-13"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0762.json"},{"CVE":"CVE-2005-0759","severity":"low","public_date":"2004-03-11T00:00:00Z","advisories":["RHSA-2005:070"],"bugzilla":"1617574","bugzilla_description":"CVE-2005-0759 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["ImageMagick-0:5.5.6-13"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0759.json"},{"CVE":"CVE-2005-0760","severity":"low","public_date":"2004-03-11T00:00:00Z","advisories":["RHSA-2005:070"],"bugzilla":"1617575","bugzilla_description":"CVE-2005-0760 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["ImageMagick-0:5.5.6-13"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0760.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/LibRaw_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/LibRaw_security_api_results.json new file mode 100644 index 0000000..157d038 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/LibRaw_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2020-24889","severity":"moderate","public_date":"2020-08-20T00:00:00Z","advisories":[],"bugzilla":"1882339","bugzilla_description":"CVE-2020-24889 libraw: buffer overflow vulnerability in LibRaw::GetNormalizedModel in src/metadata/normalize_model.cpp may lead to context-dependent arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24889.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2020-24890","severity":"moderate","public_date":"2020-08-20T00:00:00Z","advisories":[],"bugzilla":"1882344","bugzilla_description":"CVE-2020-24890 libraw: null pointer dereference in parse_tiff_ifd in src/metadata/tiff.cpp","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24890.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2020-15503","severity":"moderate","public_date":"2020-06-22T00:00:00Z","advisories":[],"bugzilla":"1853477","bugzilla_description":"CVE-2020-15503 LibRaw: lack of thumbnail size range check can lead to buffer overflow","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15503.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-15365","severity":"moderate","public_date":"2020-06-15T00:00:00Z","advisories":[],"bugzilla":"1852093","bugzilla_description":"CVE-2020-15365 LibRaw: out-of-bounds write in parse_exif function in metadata/exif_gps.cpp","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15365.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-20364","severity":"low","public_date":"2018-12-21T00:00:00Z","advisories":[],"bugzilla":"1663961","bugzilla_description":"CVE-2018-20364 libraw: NULL pointer dereference in LibRaw::copy_bayer resulting in a denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20364.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-20365","severity":"moderate","public_date":"2018-12-21T00:00:00Z","advisories":[],"bugzilla":"1663964","bugzilla_description":"CVE-2018-20365 libraw: Heap-based buffer overflow in LibRaw::raw2image() resulting in a denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20365.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-20363","severity":"low","public_date":"2018-12-19T00:00:00Z","advisories":[],"bugzilla":"1663960","bugzilla_description":"CVE-2018-20363 libraw: NULL pointer dereference in LibRaw::raw2image resulting in a denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20363.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-20337","severity":"moderate","public_date":"2018-12-18T00:00:00Z","advisories":["RHBA-2020:3180","RHSA-2020:1766"],"bugzilla":"1661555","bugzilla_description":"CVE-2018-20337 LibRaw: stack-based buffer overflow in the parse_makernote function of dcraw_common.cpp","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":["LibRaw-0:0.19.5-1.el8","redhat-coreos-43.82.202007300301.0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20337.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-5819","severity":"low","public_date":"2018-12-13T00:00:00Z","advisories":["RHBA-2019:2044"],"bugzilla":"1661604","bugzilla_description":"CVE-2018-5819 LibRaw: DoS in parse_sinar_ia function in internal/dcraw_common.cpp","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["LibRaw-0:0.19.2-1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5819.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-5818","severity":"low","public_date":"2018-12-13T00:00:00Z","advisories":["RHBA-2019:2044"],"bugzilla":"1661608","bugzilla_description":"CVE-2018-5818 LibRaw: DoS in parse_rollei function in internal/dcraw_common.cpp","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":["LibRaw-0:0.19.2-1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5818.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-5817","severity":"low","public_date":"2018-12-13T00:00:00Z","advisories":[],"bugzilla":"1661612","bugzilla_description":"CVE-2018-5817 LibRaw: DoS in unpacked_load_raw function in internal/dcraw_common.cpp","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5817.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-5815","severity":"moderate","public_date":"2018-07-22T00:00:00Z","advisories":[],"bugzilla":"1610151","bugzilla_description":"CVE-2018-5815 LibRaw: Integer overflow in internal/dcraw_common.cpp:parse_qt() allows for denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190->CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5815.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"4.3"},{"CVE":"CVE-2018-5816","severity":"moderate","public_date":"2018-07-22T00:00:00Z","advisories":[],"bugzilla":"1610156","bugzilla_description":"CVE-2018-5816 LibRaw: Integer overflow in internal/dcraw_common.cpp:identify() allows for denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190->CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5816.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"4.3"},{"CVE":"CVE-2018-5813","severity":"low","public_date":"2018-07-19T00:00:00Z","advisories":[],"bugzilla":"1609954","bugzilla_description":"CVE-2018-5813 libRaw: infinite loop in the parse_minolta function in dcraw/dcraw.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5813.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-5807","severity":"low","public_date":"2018-05-30T00:00:00Z","advisories":[],"bugzilla":"1610469","bugzilla_description":"CVE-2018-5807 LibRaw: out-of-bounds read in samsung_load_raw in internal/dcraw_common.cpp","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5807.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L","cvss3_score":"4.4"},{"CVE":"CVE-2018-5810","severity":"moderate","public_date":"2018-05-30T00:00:00Z","advisories":[],"bugzilla":"1610479","bugzilla_description":"CVE-2018-5810 libRaw: heap-based buffer overflow in rollei_load_raw in internal/dcraw_common.cpp","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5810.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-5811","severity":"moderate","public_date":"2018-05-30T00:00:00Z","advisories":[],"bugzilla":"1610483","bugzilla_description":"CVE-2018-5811 LibRaw: out-of-bounds read in nikon_coolscan_load_raw in internal/dcraw_common.cpp","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5811.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L","cvss3_score":"4.4"},{"CVE":"CVE-2018-5812","severity":"moderate","public_date":"2018-05-30T00:00:00Z","advisories":[],"bugzilla":"1610486","bugzilla_description":"CVE-2018-5812 libRaw: NULL pointer dereference in nikon_coolscan_load_raw in internal/dcraw_common.cpp","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5812.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-5808","severity":"important","public_date":"2018-05-30T00:00:00Z","advisories":[],"bugzilla":"1661518","bugzilla_description":"CVE-2018-5808 LibRaw: stack-based buffer overflow in find_green() leads to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5808.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2018-5809","severity":"important","public_date":"2018-05-30T00:00:00Z","advisories":[],"bugzilla":"1661520","bugzilla_description":"CVE-2018-5809 LibRaw: stack-based buffer overflow in LibRaw::parse_exif() and subsequently execute arbitrary code","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5809.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2018-10528","severity":"moderate","public_date":"2018-04-27T00:00:00Z","advisories":[],"bugzilla":"1574313","bugzilla_description":"CVE-2018-10528 LibRaw: Stack-based buffer overflow in libraw_cxx.cpp:utf2char() allows for potential code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10528.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-10529","severity":"low","public_date":"2018-04-27T00:00:00Z","advisories":[],"bugzilla":"1574325","bugzilla_description":"CVE-2018-10529 LibRaw: Out-of-bounds read in X3F property table list functionality in libraw_x3f.cpp and libraw_cxx.cpp","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10529.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-5804","severity":"low","public_date":"2018-03-14T00:00:00Z","advisories":[],"bugzilla":"1591879","bugzilla_description":"CVE-2018-5804 LibRaw: type confusion error in identify() function in internal/dcraw_common.cpp","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-369","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5804.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-5805","severity":"moderate","public_date":"2018-03-14T00:00:00Z","advisories":["RHSA-2018:3065"],"bugzilla":"1591887","bugzilla_description":"CVE-2018-5805 LibRaw: Stack-based buffer overflow in quicktake_100_load_raw() function in internal/dcraw_common.cpp","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":["libkdcraw-0:4.10.5-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5805.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2018-5806","severity":"low","public_date":"2018-03-14T00:00:00Z","advisories":["RHSA-2018:3065"],"bugzilla":"1591897","bugzilla_description":"CVE-2018-5806 LibRaw: NULL pointer dereference in leaf_hdr_load_raw() function in internal/dcraw_common.cpp","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":["libkdcraw-0:4.10.5-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5806.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-5800","severity":"low","public_date":"2018-01-30T00:00:00Z","advisories":["RHSA-2018:3065"],"bugzilla":"1553332","bugzilla_description":"CVE-2018-5800 LibRaw: Heap-based buffer overflow in LibRaw::kodak_ycbcr_load_raw function in internal/dcraw_common.cpp","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":["libkdcraw-0:4.10.5-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5800.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-5801","severity":"low","public_date":"2018-01-30T00:00:00Z","advisories":["RHSA-2018:3065"],"bugzilla":"1553334","bugzilla_description":"CVE-2018-5801 LibRaw: NULL pointer dereference in LibRaw::unpack function src/libraw_cxx.cpp","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["libkdcraw-0:4.10.5-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5801.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-5802","severity":"low","public_date":"2018-01-30T00:00:00Z","advisories":["RHSA-2018:3065"],"bugzilla":"1553335","bugzilla_description":"CVE-2018-5802 LibRaw: Out-of-bounds read in kodak_radc_load_raw function internal/dcraw_common.cpp","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":["libkdcraw-0:4.10.5-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5802.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-16909","severity":"low","public_date":"2017-12-08T00:00:00Z","advisories":[],"bugzilla":"1524859","bugzilla_description":"CVE-2017-16909 libraw: Heap-buffer overflow in the LibRaw::panasonic_load_raw() function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16909.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-16910","severity":"low","public_date":"2017-12-08T00:00:00Z","advisories":[],"bugzilla":"1524860","bugzilla_description":"CVE-2017-16910 libraw: Invalid read memory access in the LibRaw::xtrans_interpolate() function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16910.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-14348","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":[],"bugzilla":"1492121","bugzilla_description":"CVE-2017-14348 libraw: Heap-based 1 byte buffer over-write in processCanonCameraInfo function in internal/dcraw_common.cpp","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14348.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-14608","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":[],"bugzilla":"1499687","bugzilla_description":"CVE-2017-14608 libraw: Out-of-bounds read in the kodak_65000_load_raw function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14608.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-14265","severity":"low","public_date":"2017-09-08T00:00:00Z","advisories":[],"bugzilla":"1494405","bugzilla_description":"CVE-2017-14265 libraw: Stack based buffer overflow in the xtrans_interpolate function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14265.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-13735","severity":"low","public_date":"2017-08-22T00:00:00Z","advisories":[],"bugzilla":"1488476","bugzilla_description":"CVE-2017-13735 libraw: Floating point exception in kodak_radc_load_raw function in internal/dcraw_common.cpp","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-682","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13735.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-6886","severity":"low","public_date":"2017-05-11T00:00:00Z","advisories":[],"bugzilla":"1451640","bugzilla_description":"CVE-2017-6886 libraw: Memory corruption in the parse_tiff_ifd()","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6886.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-6887","severity":"low","public_date":"2017-05-11T00:00:00Z","advisories":[],"bugzilla":"1451642","bugzilla_description":"CVE-2017-6887 libraw: Boundary error in the parse_tiff_ifd()","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6887.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2015-8366","severity":"moderate","public_date":"2015-11-30T00:00:00Z","advisories":[],"bugzilla":"1287056","bugzilla_description":"CVE-2015-8366 LibRaw: Index overflow in smal_decode_segment","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:P","CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8366.json"},{"CVE":"CVE-2015-8367","severity":"low","public_date":"2015-11-30T00:00:00Z","advisories":[],"bugzilla":"1287076","bugzilla_description":"CVE-2015-8367 LibRaw: Memory objects are not intialized properly","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:P","CWE":"CWE-665","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8367.json"},{"CVE":"CVE-2015-3885","severity":"low","public_date":"2015-05-11T00:00:00Z","advisories":[],"bugzilla":"1221249","bugzilla_description":"CVE-2015-3885 dcraw: input sanitization flaw leading to buffer overflow","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-20->CWE-190->CWE-120","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3885.json"},{"CVE":"CVE-2013-1438","severity":"low","public_date":"2013-08-28T00:00:00Z","advisories":[],"bugzilla":"1002714","bugzilla_description":"CVE-2013-1438 CVE-2013-1439 LibRaw: multiple denial of service flaws","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1438.json"},{"CVE":"CVE-2013-1439","severity":"low","public_date":"2013-08-28T00:00:00Z","advisories":[],"bugzilla":"1002714","bugzilla_description":"CVE-2013-1438 CVE-2013-1439 LibRaw: multiple denial of service flaws","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1439.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ModemManager-glib_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ModemManager-glib_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ModemManager-glib_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ModemManager_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ModemManager_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ModemManager_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/MySQL-python_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/MySQL-python_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/MySQL-python_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/NetworkManager-adsl_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/NetworkManager-adsl_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/NetworkManager-adsl_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/NetworkManager-bluetooth_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/NetworkManager-bluetooth_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/NetworkManager-bluetooth_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/NetworkManager-config-server_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/NetworkManager-config-server_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/NetworkManager-config-server_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/NetworkManager-glib_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/NetworkManager-glib_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/NetworkManager-glib_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/NetworkManager-libnm_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/NetworkManager-libnm_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/NetworkManager-libnm_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/NetworkManager-libreswan-gnome_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/NetworkManager-libreswan-gnome_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/NetworkManager-libreswan-gnome_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/NetworkManager-libreswan_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/NetworkManager-libreswan_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/NetworkManager-libreswan_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/NetworkManager-ppp_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/NetworkManager-ppp_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/NetworkManager-ppp_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/NetworkManager-team_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/NetworkManager-team_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/NetworkManager-team_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/NetworkManager-tui_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/NetworkManager-tui_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/NetworkManager-tui_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/NetworkManager-wifi_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/NetworkManager-wifi_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/NetworkManager-wifi_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/NetworkManager-wwan_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/NetworkManager-wwan_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/NetworkManager-wwan_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/NetworkManager_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/NetworkManager_security_api_results.json new file mode 100644 index 0000000..5b58c39 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/NetworkManager_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2020-10754","severity":"moderate","public_date":"2020-05-29T04:41:00Z","advisories":["RHBA-2020:3180","RHSA-2020:4003","RHSA-2020:3011"],"bugzilla":"1841041","bugzilla_description":"CVE-2020-10754 NetworkManager: user configuration not honoured leaving the connection unauthenticated via insecure defaults","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-287->CWE-306","affected_packages":["NetworkManager-1:1.18.8-1.el7","redhat-coreos-43.82.202007300301.0","NetworkManager-1:1.22.8-5.el8_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10754.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2018-15688","severity":"important","public_date":"2018-10-26T00:00:00Z","advisories":["RHSA-2019:0049","RHSA-2018:3665"],"bugzilla":"1639067","bugzilla_description":"CVE-2018-15688 systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-131->CWE-190->CWE-122","affected_packages":["NetworkManager-1:1.12.0-8.el7_6","systemd-0:219-62.el7_6.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-15688.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2018-1000135","severity":"moderate","public_date":"2018-03-20T00:00:00Z","advisories":[],"bugzilla":"1558238","bugzilla_description":"CVE-2018-1000135 NetworkManager: Information exposure in DNS resolver","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000135.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L","cvss3_score":"4.8"},{"CVE":"CVE-2016-0764","severity":"low","public_date":"2016-04-02T00:00:00Z","advisories":["RHSA-2016:2581"],"bugzilla":"1324025","bugzilla_description":"CVE-2016-0764 NetworkManager: Race condition allowing info leak","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":"CWE-362","affected_packages":["NetworkManager-1:1.4.0-12.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0764.json"},{"CVE":"CVE-2015-2924","severity":"low","public_date":"2015-04-02T00:00:00Z","advisories":["RHSA-2015:2315"],"bugzilla":"1209902","bugzilla_description":"CVE-2015-2924 NetworkManager: denial of service (DoS) attack against IPv6 network stacks due to improper handling of Router Advertisements","cvss_score":3.3,"cvss_scoring_vector":"AV:A/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-358","affected_packages":["NetworkManager-1:1.0.6-27.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2924.json"},{"CVE":"CVE-2015-0272","severity":"moderate","public_date":"2015-02-23T00:00:00Z","advisories":["RHSA-2015:2315"],"bugzilla":"1192132","bugzilla_description":"CVE-2015-0272 NetworkManager: remote DoS using IPv6 RA with bogus MTU","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-20","affected_packages":["NetworkManager-1:1.0.6-27.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0272.json"},{"CVE":"CVE-2012-1096","severity":"low","public_date":"2012-02-29T00:00:00Z","advisories":[],"bugzilla":"769807","bugzilla_description":"CVE-2012-1096 NetworkManager, wpa_supplicant: Improper x509v3 certificate and key file paths sanitization","cvss_score":4.7,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:C/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1096.json"},{"CVE":"CVE-2012-2736","severity":"low","public_date":"2012-01-15T00:00:00Z","advisories":[],"bugzilla":"782627","bugzilla_description":"CVE-2012-2736 NetworkManager: creating new WPA-secured wireless network results in insecure network being created instead","cvss_score":3.3,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2736.json"},{"CVE":"CVE-2011-3364","severity":"important","public_date":"2011-09-26T00:00:00Z","advisories":["RHSA-2011:1338"],"bugzilla":"737338","bugzilla_description":"CVE-2011-3364 NetworkManager: Console user can escalate to root via newlines in ifcfg-rh connection name","cvss_score":6.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":["NetworkManager-1:0.8.1-9.el6_1.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3364.json"},{"CVE":"CVE-2011-2176","severity":"moderate","public_date":"2011-06-08T00:00:00Z","advisories":["RHSA-2011:0930"],"bugzilla":"709662","bugzilla_description":"CVE-2011-2176 NetworkManager: Did not honour PolicyKit auth_admin action element by creation of Ad-Hoc wireless networks","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["NetworkManager-1:0.8.1-9.el6_1.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2176.json"},{"CVE":"CVE-2009-4145","severity":"moderate","public_date":"2009-12-10T00:00:00Z","advisories":["RHSA-2010:0108"],"bugzilla":"546117","bugzilla_description":"CVE-2009-4145 NetworkManager: information disclosure by nm-connection-editor","cvss_score":3.6,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["NetworkManager-1:0.7.0-9.el5_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4145.json"},{"CVE":"CVE-2009-4144","severity":"moderate","public_date":"2009-12-08T00:00:00Z","advisories":["RHSA-2010:0108"],"bugzilla":"546795","bugzilla_description":"CVE-2009-4144 NetworkManager: WPA enterprise network not verified when certificate is removed","cvss_score":1.8,"cvss_scoring_vector":"AV:A/AC:H/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["NetworkManager-1:0.7.0-9.el5_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4144.json"},{"CVE":"CVE-2009-0365","severity":"moderate","public_date":"2009-03-03T00:00:00Z","advisories":["RHSA-2009:0361","RHSA-2009:0362"],"bugzilla":"487722","bugzilla_description":"CVE-2009-0365 NetworkManager: GetSecrets disclosure","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["NetworkManager-0:0.3.1-5.el4","NetworkManager-1:0.7.0-4.el5_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0365.json"},{"CVE":"CVE-2009-0578","severity":"moderate","public_date":"2009-03-03T00:00:00Z","advisories":["RHSA-2009:0361"],"bugzilla":"487752","bugzilla_description":"CVE-2009-0578 NetworkManager: local users can modify the connection settings","cvss_score":3.6,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:P/A:P","CWE":null,"affected_packages":["NetworkManager-1:0.7.0-4.el5_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0578.json"},{"CVE":"CVE-2006-7246","severity":"moderate","public_date":"2006-05-10T00:00:00Z","advisories":[],"bugzilla":"756418","bugzilla_description":"CVE-2006-7246 NetworkManager, wpa_supplicant (WPA-Enterprise): Verify that the certificate is from trusted CA and matches the specified subject","cvss_score":4.0,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-7246.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ORBit2_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ORBit2_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ORBit2_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/OVMF_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/OVMF_security_api_results.json new file mode 100644 index 0000000..0db8c7b --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/OVMF_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2019-14584","severity":"moderate","public_date":"2020-10-16T00:00:00Z","advisories":[],"bugzilla":"1889486","bugzilla_description":"CVE-2019-14584 edk2: NULL pointer dereference in AuthenticodeVerify()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14584.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-1968","severity":"low","public_date":"2020-09-09T00:00:00Z","advisories":[],"bugzilla":"1877458","bugzilla_description":"CVE-2020-1968 openssl: Information exposure when DH secret are reused across multiple TLS connections","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-385->CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1968.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.9"},{"CVE":"CVE-2019-14560","severity":"moderate","public_date":"2020-07-01T00:00:00Z","advisories":[],"bugzilla":"1858038","bugzilla_description":"CVE-2019-14560 edk2: Function GetEfiGlobalVariable2() return value not checked in DxeImageVerificationHandler()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-252","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14560.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:L","cvss3_score":"6.1"},{"CVE":"CVE-2019-14586","severity":"moderate","public_date":"2020-02-16T00:00:00Z","advisories":[],"bugzilla":"1833340","bugzilla_description":"CVE-2019-14586 edk2: potential use-after-free due to the original configuration runtime memory is freed but it is still exposed to the OS runtime","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14586.json","cvss3_scoring_vector":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"4.6"},{"CVE":"CVE-2019-14558","severity":"moderate","public_date":"2020-02-16T00:00:00Z","advisories":[],"bugzilla":"1833347","bugzilla_description":"CVE-2019-14558 edk2: potentially leaking of secret information due to uncleared memory","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-226","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14558.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2019-14587","severity":"moderate","public_date":"2020-02-16T00:00:00Z","advisories":[],"bugzilla":"1833352","bugzilla_description":"CVE-2019-14587 edk2: double-unmap issue in SdMmcCreateTrb function in MdeModulePkg/Bus/Pci/SdMmcPciHcDxe/SdMmcPciHci.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14587.json","cvss3_scoring_vector":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L","cvss3_score":"4.2"},{"CVE":"CVE-2019-14575","severity":"moderate","public_date":"2020-02-05T00:00:00Z","advisories":[],"bugzilla":"1736862","bugzilla_description":"CVE-2019-14575 edk2: DxeImageVerificationHandler() fails open in case of dbx signature check","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-863","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14575.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-14559","severity":"moderate","public_date":"2020-02-05T00:00:00Z","advisories":[],"bugzilla":"1758601","bugzilla_description":"CVE-2019-14559 edk2: memory leak in ArpOnFrameRcvdDpc","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14559.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2019-14563","severity":"moderate","public_date":"2020-02-05T00:00:00Z","advisories":["RHSA-2020:1712"],"bugzilla":"1758620","bugzilla_description":"CVE-2019-14563 edk2: numeric truncation in MdeModulePkg/PiDxeS3BootScriptLib","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":["edk2-0:20190829git37eef91017ad-9.el8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14563.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:L","cvss3_score":"6.4"},{"CVE":"CVE-2019-14553","severity":"moderate","public_date":"2019-09-25T00:00:00Z","advisories":[],"bugzilla":"1758518","bugzilla_description":"CVE-2019-14553 edk2: invalid server certificate accepted in HTTPS-over-IPv6 boot","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-295","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14553.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-12183","severity":"moderate","public_date":"2019-03-29T00:00:00Z","advisories":[],"bugzilla":"1694077","bugzilla_description":"CVE-2018-12183 edk2: stack overflow in DxeCore leads to privilege escalation","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121->CWE-284","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12183.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.8"},{"CVE":"CVE-2018-12182","severity":"moderate","public_date":"2019-03-28T00:00:00Z","advisories":[],"bugzilla":"1694081","bugzilla_description":"CVE-2018-12182 edk2: insufficient memory write in SMM service leads to privilege escalation","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119->CWE-284","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12182.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-12179","severity":"moderate","public_date":"2019-03-27T00:00:00Z","advisories":[],"bugzilla":"1694072","bugzilla_description":"CVE-2018-12179 edk2: improper configuration insystem firmware leads to privilege escalation","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-284","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12179.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2018-12181","severity":"moderate","public_date":"2019-03-07T00:00:00Z","advisories":["RHSA-2019:3338","RHSA-2019:2125"],"bugzilla":"1686783","bugzilla_description":"CVE-2018-12181 edk2: Stack buffer overflow with corrupted BMP","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":["edk2-0:20190308git89910a39dcfd-6.el8","ovmf-0:20180508-6.gitee3198e672e2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12181.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2019-1543","severity":"low","public_date":"2019-03-06T00:00:00Z","advisories":["RHSA-2019:3700","RHBA-2019:3303"],"bugzilla":"1695954","bugzilla_description":"CVE-2019-1543 openssl: ChaCha20-Poly1305 with long nonces","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-323","affected_packages":["openssl-1:1.1.1c-2.el8","redhat-coreos-42.81.20191107.0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1543.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N","cvss3_score":"2.9"},{"CVE":"CVE-2018-12178","severity":"important","public_date":"2019-02-26T00:00:00Z","advisories":[],"bugzilla":"1683326","bugzilla_description":"CVE-2018-12178 edk2: improper DNS packet size check","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125->CWE-787","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12178.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L","cvss3_score":"7.2"},{"CVE":"CVE-2018-12180","severity":"important","public_date":"2019-02-26T00:00:00Z","advisories":["RHSA-2019:0809","RHSA-2019:1116","RHSA-2019:0968"],"bugzilla":"1683372","bugzilla_description":"CVE-2018-12180 edk2: Buffer Overflow in BlockIo service for RAM disk","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125->CWE-787","affected_packages":["ovmf-0:20180508-3.gitee3198e672e2.el7_6.1","redhat-virtualization-host-0:4.3-20190418.0.el7_6","edk2-0:20180508gitee3198e672e2-9.el8_0.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12180.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L","cvss3_score":"8.3"},{"CVE":"CVE-2019-1559","severity":"moderate","public_date":"2019-02-26T00:00:00Z","advisories":["RHSA-2019:3931","RHSA-2019:2304","RHSA-2019:2439","RHSA-2019:3929","RHSA-2019:2437","RHSA-2019:2471"],"bugzilla":"1683804","bugzilla_description":"CVE-2019-1559 openssl: 0-byte record padding oracle","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-325","affected_packages":["openssl-0:1.0.1e-58.el6_10","rhvm-appliance-0:4.3-20190722.0.el7","redhat-virtualization-host-0:4.3.5-20190722.0.el7_7","openssl-1:1.0.2k-19.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1559.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.9"},{"CVE":"CVE-2019-0160","severity":"moderate","public_date":"2019-02-26T00:00:00Z","advisories":["RHSA-2019:3338","RHSA-2019:2125"],"bugzilla":"1691640","bugzilla_description":"CVE-2019-0160 edk2: Buffer overflows in PartitionDxe and UdfDxe with long file names and invalid UDF media","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-122|CWE-121)","affected_packages":["edk2-0:20190308git89910a39dcfd-6.el8","ovmf-0:20180508-6.gitee3198e672e2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0160.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.9"},{"CVE":"CVE-2018-3630","severity":"moderate","public_date":"2019-01-26T00:00:00Z","advisories":[],"bugzilla":"1683653","bugzilla_description":"CVE-2018-3630 ovmf: Logic error in FV parsing in MdeModulePkg\\Core\\Pei\\FwVol\\FwVol.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-295","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-3630.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H","cvss3_score":"7.6"},{"CVE":"CVE-2018-5407","severity":"moderate","public_date":"2018-10-30T00:00:00Z","advisories":["RHSA-2019:3931","RHSA-2019:3932","RHSA-2019:0483","RHSA-2019:2125","RHSA-2019:3929","RHSA-2019:3933","RHSA-2019:3935"],"bugzilla":"1645695","bugzilla_description":"CVE-2018-5407 openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":["openssl-1:1.0.2k-16.el7_6.1","ovmf-0:20180508-6.gitee3198e672e2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5407.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N","cvss3_score":"4.8"},{"CVE":"CVE-2018-0735","severity":"low","public_date":"2018-10-25T00:00:00Z","advisories":["RHSA-2019:3700","RHBA-2019:3303"],"bugzilla":"1644356","bugzilla_description":"CVE-2018-0735 openssl: timing side channel attack in the ECDSA signature generation","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-385","affected_packages":["openssl-1:1.1.1c-2.el8","redhat-coreos-42.81.20191107.0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-0735.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.1"},{"CVE":"CVE-2018-3613","severity":"moderate","public_date":"2018-10-16T00:00:00Z","advisories":["RHSA-2019:2125"],"bugzilla":"1641433","bugzilla_description":"CVE-2018-3613 edk2: Logic error in MdeModulePkg in EDK II firmware allows for privilege escalation by authenticated users","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-287","affected_packages":["ovmf-0:20180508-6.gitee3198e672e2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-3613.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.7"},{"CVE":"CVE-2017-5731","severity":"moderate","public_date":"2018-10-16T00:00:00Z","advisories":["RHSA-2019:2125"],"bugzilla":"1641442","bugzilla_description":"CVE-2017-5731 edk2: Privilege escalation via processing of malformed files in TianoCompress.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-287","affected_packages":["ovmf-0:20180508-6.gitee3198e672e2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5731.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.7"},{"CVE":"CVE-2017-5732","severity":"moderate","public_date":"2018-10-16T00:00:00Z","advisories":["RHSA-2019:2125"],"bugzilla":"1641446","bugzilla_description":"CVE-2017-5732 edk2: Privilege escalation via processing of malformed files in BaseUefiDecompressLib.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-287","affected_packages":["ovmf-0:20180508-6.gitee3198e672e2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5732.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.7"},{"CVE":"CVE-2017-5733","severity":"moderate","public_date":"2018-10-16T00:00:00Z","advisories":["RHSA-2019:2125"],"bugzilla":"1641450","bugzilla_description":"CVE-2017-5733 edk2: Privilege escalation via heap-based buffer overflow in MakeTable() function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-287","affected_packages":["ovmf-0:20180508-6.gitee3198e672e2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5733.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.7"},{"CVE":"CVE-2017-5734","severity":"moderate","public_date":"2018-10-16T00:00:00Z","advisories":["RHSA-2019:2125"],"bugzilla":"1641458","bugzilla_description":"CVE-2017-5734 edk2: Privilege escalation via stack-based buffer overflow in MakeTable() function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-287","affected_packages":["ovmf-0:20180508-6.gitee3198e672e2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5734.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.7"},{"CVE":"CVE-2017-5735","severity":"moderate","public_date":"2018-10-16T00:00:00Z","advisories":["RHSA-2019:2125"],"bugzilla":"1641465","bugzilla_description":"CVE-2017-5735 edk2: Privilege escalation via heap-based buffer overflow in Decode() function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-287","affected_packages":["ovmf-0:20180508-6.gitee3198e672e2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5735.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.7"},{"CVE":"CVE-2018-0734","severity":"low","public_date":"2018-10-16T00:00:00Z","advisories":["RHSA-2019:3700","RHSA-2019:3932","RHSA-2019:2304","RHSA-2019:3933","RHSA-2019:3935","RHBA-2019:3303"],"bugzilla":"1644364","bugzilla_description":"CVE-2018-0734 openssl: timing side channel attack in the DSA signature algorithm","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-385","affected_packages":["openssl-1:1.1.1c-2.el8","redhat-coreos-42.81.20191107.0","openssl-1:1.0.2k-19.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-0734.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.1"},{"CVE":"CVE-2018-0495","severity":"moderate","public_date":"2018-06-13T00:00:00Z","advisories":["RHSA-2019:1297","RHSA-2020:1345","RHSA-2020:1267","RHSA-2019:1296","RHSA-2019:2237","RHSA-2019:1543","RHSA-2020:1461","RHSA-2018:3221"],"bugzilla":"1591163","bugzilla_description":"CVE-2018-0495 ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":["openssl-1:1.0.2k-16.el7","nss-softokn-0:3.36.0-6.el7_5","nss-softokn-0:3.36.0-6.el7_6","nss-softokn-0:3.28.3-9.el7_4","nss-0:3.44.0-4.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-0495.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.1"},{"CVE":"CVE-2018-0732","severity":"moderate","public_date":"2018-06-12T00:00:00Z","advisories":["RHSA-2019:1297","RHSA-2019:1296","RHSA-2019:1543","RHSA-2018:2553","RHSA-2018:2552","RHSA-2018:3221"],"bugzilla":"1591100","bugzilla_description":"CVE-2018-0732 openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-325","affected_packages":["openssl-1:1.0.2k-16.el7","rhoar-nodejs-1:8.11.4-2.el7","rhoar-nodejs-1:10.9.0-1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-0732.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"4.3"},{"CVE":"CVE-2019-0161","severity":"moderate","public_date":"2018-06-05T00:00:00Z","advisories":["RHSA-2019:2125","RHSA-2019:2437"],"bugzilla":"1694065","bugzilla_description":"CVE-2019-0161 edk2: stack overflow in XHCI causing denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121->CWE-400","affected_packages":["redhat-virtualization-host-0:4.3.5-20190722.0.el7_7","ovmf-0:20180508-6.gitee3198e672e2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0161.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.9"},{"CVE":"CVE-2018-0737","severity":"low","public_date":"2018-04-16T00:00:00Z","advisories":["RHSA-2019:3932","RHSA-2019:3933","RHSA-2018:3221","RHSA-2019:3935"],"bugzilla":"1568253","bugzilla_description":"CVE-2018-0737 openssl: RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-385","affected_packages":["openssl-1:1.0.2k-16.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-0737.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2018-0733","severity":"moderate","public_date":"2018-03-27T00:00:00Z","advisories":[],"bugzilla":"1561260","bugzilla_description":"CVE-2018-0733 openssl: Implementation bug in PA-RISC CRYPTO_memcmp function allows attackers to forge authenticated messages in a reduced number of attempts","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-325","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-0733.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N","cvss3_score":"4.8"},{"CVE":"CVE-2018-0739","severity":"moderate","public_date":"2018-03-27T00:00:00Z","advisories":["RHSA-2019:0367","RHSA-2019:0366","RHSA-2018:3090","RHSA-2019:1712","RHSA-2019:1711","RHSA-2018:3221"],"bugzilla":"1561266","bugzilla_description":"CVE-2018-0739 openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-674->CWE-400","affected_packages":["ovmf-0:20180508-3.gitee3198e672e2.el7","openssl-1:1.0.2k-16.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-0739.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-5715","severity":"important","public_date":"2018-01-03T22:00:00Z","advisories":["RHBA-2018:0042"],"bugzilla":"1519780","bugzilla_description":"CVE-2017-5715 hw: cpu: speculative execution branch target injection","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-226->CWE-385->CWE-200","affected_packages":["dracut-0:033-502.el7_4.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5715.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N","cvss3_score":"5.6"},{"CVE":"CVE-2017-3737","severity":"moderate","public_date":"2017-12-07T00:00:00Z","advisories":["RHSA-2018:2185","RHSA-2018:0998","RHSA-2018:2186","RHSA-2018:2187"],"bugzilla":"1523504","bugzilla_description":"CVE-2017-3737 openssl: Read/write after SSL object in error state","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-391","affected_packages":["openssl-1:1.0.2k-12.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3737.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.9"},{"CVE":"CVE-2017-3738","severity":"low","public_date":"2017-12-07T00:00:00Z","advisories":["RHSA-2018:2185","RHSA-2018:0998","RHSA-2018:2186","RHSA-2018:2187"],"bugzilla":"1523510","bugzilla_description":"CVE-2017-3738 openssl: rsaz_1024_mul_avx2 overflow bug on x86_64","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":["openssl-1:1.0.2k-12.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3738.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.9"},{"CVE":"CVE-2017-3736","severity":"moderate","public_date":"2017-11-02T00:00:00Z","advisories":["RHSA-2018:2185","RHSA-2018:0998","RHSA-2018:2713","RHSA-2018:2568","RHSA-2018:2575","RHSA-2018:2186","RHSA-2018:2187"],"bugzilla":"1509169","bugzilla_description":"CVE-2017-3736 openssl: bn_sqrx8x_internal carry bug on x86_64","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-682","affected_packages":["openssl-1:1.0.2k-12.el7","java-1.8.0-ibm-1:1.8.0.5.20-1jpp.1.el7","java-1.8.0-ibm-1:1.8.0.5.20-1jpp.1.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3736.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.9"},{"CVE":"CVE-2017-3735","severity":"low","public_date":"2017-08-28T00:00:00Z","advisories":["RHSA-2018:3221"],"bugzilla":"1486144","bugzilla_description":"CVE-2017-3735 openssl: Malformed X.509 IPAdressFamily could cause OOB read","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["openssl-1:1.0.2k-16.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3735.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2017-3733","severity":"important","public_date":"2017-02-16T00:00:00Z","advisories":[],"bugzilla":"1421695","bugzilla_description":"CVE-2017-3733 openssl: Encrypt-Then-Mac renegotiation crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3733.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-3731","severity":"moderate","public_date":"2017-01-26T00:00:00Z","advisories":["RHSA-2018:2185","RHSA-2017:0286","RHSA-2018:2186","RHSA-2018:2187"],"bugzilla":"1416852","bugzilla_description":"CVE-2017-3731 openssl: Truncated packet could crash via OOB read","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190->CWE-125","affected_packages":["openssl-0:1.0.1e-48.el6_8.4","openssl-1:1.0.1e-60.el7_3.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3731.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-3730","severity":"moderate","public_date":"2017-01-26T00:00:00Z","advisories":[],"bugzilla":"1416855","bugzilla_description":"CVE-2017-3730 openssl: Bad (EC)DHE parameters cause a client crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3730.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-3732","severity":"moderate","public_date":"2017-01-26T00:00:00Z","advisories":["RHSA-2018:2185","RHSA-2018:2713","RHSA-2018:2568","RHSA-2018:2575","RHSA-2018:2186","RHSA-2018:2187"],"bugzilla":"1416856","bugzilla_description":"CVE-2017-3732 openssl: BN_mod_exp may produce incorrect results on x86_64","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.8.0-ibm-1:1.8.0.5.20-1jpp.1.el7","java-1.8.0-ibm-1:1.8.0.5.20-1jpp.1.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3732.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.9"},{"CVE":"CVE-2016-7054","severity":"important","public_date":"2016-11-10T00:00:00Z","advisories":[],"bugzilla":"1393920","bugzilla_description":"CVE-2016-7054 openssl: Corrupting larger payloads when using ChaCha20/Poly1305 ciphersuites leads to DoS","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7054.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2016-7053","severity":"moderate","public_date":"2016-11-10T00:00:00Z","advisories":[],"bugzilla":"1393930","bugzilla_description":"CVE-2016-7053 openssl: CMS Null dereference vulnerability","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7053.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-7055","severity":"low","public_date":"2016-10-11T00:00:00Z","advisories":["RHSA-2018:2185","RHSA-2018:2186","RHSA-2018:2187"],"bugzilla":"1393929","bugzilla_description":"CVE-2016-7055 openssl: Carry propagating bug in Montgomery multiplication","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:N/A:P","CWE":"CWE-682","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7055.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.7"},{"CVE":"CVE-2016-6302","severity":"moderate","public_date":"2016-08-23T00:00:00Z","advisories":["RHSA-2018:2185","RHSA-2016:1940","RHSA-2018:2186","RHSA-2018:2187"],"bugzilla":"1369855","bugzilla_description":"CVE-2016-6302 openssl: Insufficient TLS session ticket HMAC length checks","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-190->CWE-125","affected_packages":["openssl-1:1.0.1e-51.el7_2.7","openssl-0:1.0.1e-48.el6_8.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6302.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-6303","severity":"moderate","public_date":"2016-08-20T00:00:00Z","advisories":[],"bugzilla":"1370146","bugzilla_description":"CVE-2016-6303 openssl: Integer overflow in MDC2_Update()","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:P","CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6303.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L","cvss3_score":"6.5"},{"CVE":"CVE-2014-8271","severity":"moderate","public_date":"2015-01-01T00:00:00Z","advisories":[],"bugzilla":"1162313","bugzilla_description":"CVE-2014-8271 uefi: INTEL-TA-201410-001 && INTEL-TA-201410-002","cvss_score":6.0,"cvss_scoring_vector":"AV:L/AC:H/Au:S/C:C/I:C/A:C","CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8271.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/OpenEXR-libs_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/OpenEXR-libs_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/OpenEXR-libs_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/OpenIPMI-libs_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/OpenIPMI-libs_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/OpenIPMI-libs_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/OpenIPMI-modalias_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/OpenIPMI-modalias_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/OpenIPMI-modalias_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/OpenIPMI-perl_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/OpenIPMI-perl_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/OpenIPMI-perl_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/OpenIPMI_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/OpenIPMI_security_api_results.json new file mode 100644 index 0000000..038cb32 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/OpenIPMI_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2013-4786","severity":"moderate","public_date":"2013-07-08T00:00:00Z","advisories":[],"bugzilla":"1326638","bugzilla_description":"CVE-2013-4786 OpenIPMI, freeipmi: Leakage of password hashes via RAKP authentication","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4786.json"},{"CVE":"CVE-2011-4339","severity":"moderate","public_date":"2011-12-13T00:00:00Z","advisories":["RHSA-2011:1814","RHSA-2013:0123"],"bugzilla":"742837","bugzilla_description":"CVE-2011-4339 OpenIPMI: IPMI event daemon creates PID file with world writeable permissions","cvss_score":4.7,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["OpenIPMI-0:2.0.16-16.el5","ipmitool-0:1.8.11-12.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4339.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/PackageKit-command-not-found_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/PackageKit-command-not-found_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/PackageKit-command-not-found_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/PackageKit-glib_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/PackageKit-glib_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/PackageKit-glib_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/PackageKit-gstreamer-plugin_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/PackageKit-gstreamer-plugin_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/PackageKit-gstreamer-plugin_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/PackageKit-gtk3-module_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/PackageKit-gtk3-module_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/PackageKit-gtk3-module_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/PackageKit-yum_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/PackageKit-yum_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/PackageKit-yum_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/PackageKit_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/PackageKit_security_api_results.json new file mode 100644 index 0000000..f02cb18 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/PackageKit_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2020-16121","severity":"low","public_date":"2020-09-24T00:00:00Z","advisories":[],"bugzilla":"1884560","bugzilla_description":"CVE-2020-16121 PackageKit: local attacker could use this issue to learn the MIME type of any file on the system","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-16121.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"2.5"},{"CVE":"CVE-2020-16122","severity":"moderate","public_date":"2020-09-24T00:00:00Z","advisories":[],"bugzilla":"1884562","bugzilla_description":"CVE-2020-16122 PackageKit: local user could possibly use this issue to install untrusted packages","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-16122.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N","cvss3_score":"4.7"},{"CVE":"CVE-2018-1106","severity":"moderate","public_date":"2018-04-23T14:00:00Z","advisories":["RHSA-2018:1224"],"bugzilla":"1565992","bugzilla_description":"CVE-2018-1106 PackageKit: authentication bypass allows to install signed packages without administrator privileges","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-287","affected_packages":["PackageKit-0:1.1.5-2.el7_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1106.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2013-1764","severity":"low","public_date":"2013-07-30T00:00:00Z","advisories":[],"bugzilla":"1090771","bugzilla_description":"CVE-2013-1764 PackageKit: downgrade packages when using the Zypper backend","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1764.json"},{"CVE":"CVE-2011-2515","severity":"low","public_date":"2011-07-01T00:00:00Z","advisories":[],"bugzilla":"717566","bugzilla_description":"CVE-2011-2515 PackageKit: installs unsigned RPM packages as though they were signed","cvss_score":1.5,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:N/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2515.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Package_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Package_security_api_results.json new file mode 100644 index 0000000..f02cb18 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Package_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2020-16121","severity":"low","public_date":"2020-09-24T00:00:00Z","advisories":[],"bugzilla":"1884560","bugzilla_description":"CVE-2020-16121 PackageKit: local attacker could use this issue to learn the MIME type of any file on the system","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-16121.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"2.5"},{"CVE":"CVE-2020-16122","severity":"moderate","public_date":"2020-09-24T00:00:00Z","advisories":[],"bugzilla":"1884562","bugzilla_description":"CVE-2020-16122 PackageKit: local user could possibly use this issue to install untrusted packages","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-16122.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N","cvss3_score":"4.7"},{"CVE":"CVE-2018-1106","severity":"moderate","public_date":"2018-04-23T14:00:00Z","advisories":["RHSA-2018:1224"],"bugzilla":"1565992","bugzilla_description":"CVE-2018-1106 PackageKit: authentication bypass allows to install signed packages without administrator privileges","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-287","affected_packages":["PackageKit-0:1.1.5-2.el7_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1106.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2013-1764","severity":"low","public_date":"2013-07-30T00:00:00Z","advisories":[],"bugzilla":"1090771","bugzilla_description":"CVE-2013-1764 PackageKit: downgrade packages when using the Zypper backend","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1764.json"},{"CVE":"CVE-2011-2515","severity":"low","public_date":"2011-07-01T00:00:00Z","advisories":[],"bugzilla":"717566","bugzilla_description":"CVE-2011-2515 PackageKit: installs unsigned RPM packages as though they were signed","cvss_score":1.5,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:N/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2515.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/PyGreSQL_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/PyGreSQL_security_api_results.json new file mode 100644 index 0000000..0ccb458 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/PyGreSQL_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2009-2940","severity":"moderate","public_date":"2009-10-14T00:00:00Z","advisories":[],"bugzilla":"1516701","bugzilla_description":"CVE-2009-2940 PyGreSQL: Missing a function to call PQescapeStringConn()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-79","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2940.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N","cvss3_score":"5.4"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/PyPAM_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/PyPAM_security_api_results.json new file mode 100644 index 0000000..ea6c007 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/PyPAM_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2012-1502","severity":"low","public_date":"2012-03-08T00:00:00Z","advisories":[],"bugzilla":"801116","bugzilla_description":"CVE-2012-1502 PyPAM: Double free by processing passwords containing NULL-bytes","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1502.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/PyQt4-devel_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/PyQt4-devel_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/PyQt4-devel_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/PyQt4_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/PyQt4_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/PyQt4_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/PyYAML_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/PyYAML_security_api_results.json new file mode 100644 index 0000000..6ab42e0 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/PyYAML_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2020-14343","severity":"moderate","public_date":"2020-07-22T00:00:00Z","advisories":[],"bugzilla":"1860466","bugzilla_description":"CVE-2020-14343 PyYAML: incomplete fix for CVE-2020-1747","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14343.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"9.8"},{"CVE":"CVE-2020-1747","severity":"moderate","public_date":"2020-03-02T00:00:00Z","advisories":[],"bugzilla":"1807367","bugzilla_description":"CVE-2020-1747 PyYAML: arbitrary command execution through python/object/new when FullLoader is used","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1747.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"9.8"},{"CVE":"CVE-2019-20477","severity":"moderate","public_date":"2019-11-18T00:00:00Z","advisories":[],"bugzilla":"1806005","bugzilla_description":"CVE-2019-20477 PyYAML: command execution through python/object/apply constructor in FullLoader","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-502","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20477.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"9.8"},{"CVE":"CVE-2017-18342","severity":"moderate","public_date":"2018-06-27T00:00:00Z","advisories":[],"bugzilla":"1595743","bugzilla_description":"CVE-2017-18342 PyYAML: yaml.load() API could execute arbitrary code","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18342.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-as-IN_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-as-IN_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-as-IN_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-bn-IN_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-bn-IN_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-bn-IN_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-de-DE_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-de-DE_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-de-DE_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-en-US_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-en-US_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-en-US_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-es-ES_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-es-ES_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-es-ES_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-fr-FR_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-fr-FR_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-fr-FR_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-gu-IN_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-gu-IN_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-gu-IN_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-hi-IN_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-hi-IN_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-hi-IN_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-it-IT_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-it-IT_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-it-IT_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-ja-JP_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-ja-JP_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-ja-JP_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-kn-IN_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-kn-IN_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-kn-IN_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-ko-KR_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-ko-KR_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-ko-KR_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-ml-IN_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-ml-IN_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-ml-IN_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-mr-IN_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-mr-IN_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-mr-IN_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-or-IN_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-or-IN_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-or-IN_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-pa-IN_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-pa-IN_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-pa-IN_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-pt-BR_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-pt-BR_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-pt-BR_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-ru-RU_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-ru-RU_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-ru-RU_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-ta-IN_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-ta-IN_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-ta-IN_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-te-IN_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-te-IN_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-te-IN_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-zh-CN_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-zh-CN_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-zh-CN_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-zh-TW_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-zh-TW_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/Red_Hat_Enterprise_Linux-Release_Notes-7-zh-TW_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/SDL-devel_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/SDL-devel_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/SDL-devel_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/SDL_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/SDL_security_api_results.json new file mode 100644 index 0000000..ad7c9f0 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/SDL_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2019-14906","severity":"important","public_date":"2019-11-25T00:00:00Z","advisories":["RHSA-2019:4024"],"bugzilla":"1777372","bugzilla_description":"CVE-2019-14906 SDL: CVE-2019-13616 not fixed in Red Hat Enterprise Linux 7 erratum RHSA-2019:3950","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-787|CWE-125)","affected_packages":["SDL-0:1.2.15-15.el7_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14906.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2019-13616","severity":"important","public_date":"2019-07-30T00:00:00Z","advisories":["RHSA-2019:3951","RHSA-2020:0293","RHSA-2019:3950"],"bugzilla":"1747237","bugzilla_description":"CVE-2019-13616 SDL: heap-based buffer overflow in SDL blit functions in video/SDL_blit*.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-787|CWE-125)","affected_packages":["SDL-0:1.2.15-14.el7_7","SDL-0:1.2.15-36.el8_1","SDL-0:1.2.15-33.el8_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13616.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2019-13626","severity":"moderate","public_date":"2019-07-17T00:00:00Z","advisories":[],"bugzilla":"1731101","bugzilla_description":"CVE-2019-13626 SDL: integer overflow in IMA_ADPCM_decode() in audio/SDL_wave.c leads to heap-based buffer over-read in Fill_IMA_ADPCM_block","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190->CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13626.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L","cvss3_score":"6.5"},{"CVE":"CVE-2019-12221","severity":"low","public_date":"2019-05-20T00:00:00Z","advisories":[],"bugzilla":"1732250","bugzilla_description":"CVE-2019-12221 SDL: null-pointer dereference in function SDL_free_REAL in stdlib/SDL_malloc.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12221.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2019-12216","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":[],"bugzilla":"1732252","bugzilla_description":"CVE-2019-12216 SDL: heap-based buffer overflow in function SDL2_image function IMG_LoadPCX_RW in IMG_pcx.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12216.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"7.3"},{"CVE":"CVE-2019-12217","severity":"low","public_date":"2019-05-20T00:00:00Z","advisories":[],"bugzilla":"1732254","bugzilla_description":"CVE-2019-12217 SDL: null-pointer dereference in function stdio_read in file/SDL_rwops.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12217.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"4.0"},{"CVE":"CVE-2019-12218","severity":"low","public_date":"2019-05-20T00:00:00Z","advisories":[],"bugzilla":"1732256","bugzilla_description":"CVE-2019-12218 SDL: null-pointer dereference in function IMG_LoadPCX_RW in IMG_pcx.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12218.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"4.0"},{"CVE":"CVE-2019-12219","severity":"low","public_date":"2019-05-20T00:00:00Z","advisories":[],"bugzilla":"1732258","bugzilla_description":"CVE-2019-12219 SDL: invalid free error in function SDL_SetError_REAL","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12219.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2019-12220","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":[],"bugzilla":"1732260","bugzilla_description":"CVE-2019-12220 SDL: out-of-bounds read in function SDL_FreePalette_REAL in video/SDL_pixels.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12220.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"7.3"},{"CVE":"CVE-2019-12222","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":[],"bugzilla":"1732262","bugzilla_description":"CVE-2019-12222 SDL: out-of-bounds read in function SDL_InvalidateMap in video/SDL_pixels.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12222.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L","cvss3_score":"5.1"},{"CVE":"CVE-2019-7638","severity":"moderate","public_date":"2019-02-08T00:00:00Z","advisories":["RHSA-2020:3868"],"bugzilla":"1677143","bugzilla_description":"CVE-2019-7638 SDL: heap-based buffer over-read in Map1toN in video/SDL_pixels.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":["SDL-0:1.2.15-17.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7638.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.4"},{"CVE":"CVE-2019-7574","severity":"low","public_date":"2019-02-07T00:00:00Z","advisories":["RHSA-2020:3868"],"bugzilla":"1676749","bugzilla_description":"CVE-2019-7574 SDL: heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":["SDL-0:1.2.15-17.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7574.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L","cvss3_score":"5.1"},{"CVE":"CVE-2019-7637","severity":"moderate","public_date":"2019-02-07T00:00:00Z","advisories":["RHSA-2020:3868"],"bugzilla":"1677151","bugzilla_description":"CVE-2019-7637 SDL: heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["SDL-0:1.2.15-17.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7637.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.4"},{"CVE":"CVE-2019-7636","severity":"moderate","public_date":"2019-02-07T00:00:00Z","advisories":["RHSA-2020:3868"],"bugzilla":"1677156","bugzilla_description":"CVE-2019-7636 SDL: heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":["SDL-0:1.2.15-17.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7636.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.4"},{"CVE":"CVE-2019-7635","severity":"low","public_date":"2019-02-07T00:00:00Z","advisories":["RHSA-2020:3868"],"bugzilla":"1677158","bugzilla_description":"CVE-2019-7635 SDL: heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":["SDL-0:1.2.15-17.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7635.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L","cvss3_score":"5.1"},{"CVE":"CVE-2019-7577","severity":"low","public_date":"2019-02-06T00:00:00Z","advisories":["RHSA-2020:3868"],"bugzilla":"1676509","bugzilla_description":"CVE-2019-7577 SDL: buffer over-read in SDL_LoadWAV_RW in audio/SDL_wave.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["SDL-0:1.2.15-17.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7577.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H","cvss3_score":"6.8"},{"CVE":"CVE-2019-7575","severity":"moderate","public_date":"2019-02-06T00:00:00Z","advisories":["RHSA-2020:3868"],"bugzilla":"1676743","bugzilla_description":"CVE-2019-7575 SDL: heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":["SDL-0:1.2.15-17.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7575.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H","cvss3_score":"6.8"},{"CVE":"CVE-2019-7573","severity":"low","public_date":"2019-02-06T00:00:00Z","advisories":["RHSA-2020:3868"],"bugzilla":"1676751","bugzilla_description":"CVE-2019-7573 SDL: heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":["SDL-0:1.2.15-17.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7573.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L","cvss3_score":"5.1"},{"CVE":"CVE-2019-7572","severity":"moderate","public_date":"2019-02-06T00:00:00Z","advisories":["RHSA-2020:3868"],"bugzilla":"1676753","bugzilla_description":"CVE-2019-7572 SDL: buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["SDL-0:1.2.15-17.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7572.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2019-7578","severity":"low","public_date":"2019-02-06T00:00:00Z","advisories":["RHSA-2020:3868"],"bugzilla":"1676781","bugzilla_description":"CVE-2019-7578 SDL: heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":["SDL-0:1.2.15-17.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7578.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L","cvss3_score":"5.1"},{"CVE":"CVE-2019-7576","severity":"low","public_date":"2019-02-05T00:00:00Z","advisories":["RHSA-2020:3868"],"bugzilla":"1676755","bugzilla_description":"CVE-2019-7576 SDL: heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":["SDL-0:1.2.15-17.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7576.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L","cvss3_score":"5.1"},{"CVE":"CVE-2017-2888","severity":"important","public_date":"2017-10-10T00:00:00Z","advisories":[],"bugzilla":"1500623","bugzilla_description":"CVE-2017-2888 SDL: Integer overflow while creating a new RGB surface","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2888.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.8"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/SLOF_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/SLOF_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/SLOF_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abattis-cantarell-fonts_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abattis-cantarell-fonts_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abattis-cantarell-fonts_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-addon-ccpp_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-addon-ccpp_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-addon-ccpp_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-addon-kerneloops_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-addon-kerneloops_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-addon-kerneloops_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-addon-pstoreoops_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-addon-pstoreoops_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-addon-pstoreoops_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-addon-python_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-addon-python_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-addon-python_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-addon-vmcore_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-addon-vmcore_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-addon-vmcore_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-addon-xorg_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-addon-xorg_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-addon-xorg_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-cli_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-cli_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-cli_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-console-notification_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-console-notification_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-console-notification_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-dbus_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-dbus_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-dbus_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-desktop_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-desktop_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-desktop_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-gui-libs_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-gui-libs_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-gui-libs_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-gui_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-gui_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-gui_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-java-connector_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-java-connector_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-java-connector_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-libs_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-libs_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-libs_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-python_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-python_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-python_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-tui_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-tui_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt-tui_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt_security_api_results.json new file mode 100644 index 0000000..b4c3da5 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/abrt_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2015-5273","severity":"moderate","public_date":"2015-11-23T00:00:00Z","advisories":["RHSA-2015:2505"],"bugzilla":"1262252","bugzilla_description":"CVE-2015-5273 abrt: Insecure temporary directory usage in abrt-action-install-debuginfo-to-abrt-cache","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-377","affected_packages":["abrt-0:2.1.11-35.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5273.json"},{"CVE":"CVE-2015-5287","severity":"moderate","public_date":"2015-11-23T00:00:00Z","advisories":["RHSA-2015:2505"],"bugzilla":"1266837","bugzilla_description":"CVE-2015-5287 abrt: incorrect permissions on /var/spool/abrt","cvss_score":6.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":["abrt-0:2.1.11-35.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5287.json"},{"CVE":"CVE-2015-3159","severity":"important","public_date":"2015-04-29T00:00:00Z","advisories":["RHSA-2015:1210","RHSA-2015:1083"],"bugzilla":"1216962","bugzilla_description":"CVE-2015-3159 abrt: missing process environment sanitizaton in abrt-action-install-debuginfo-to-abrt-cache","cvss_score":6.6,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:C/I:C/A:N","CWE":"CWE-20","affected_packages":["abrt-0:2.0.8-26.el6_6.1","abrt-0:2.1.11-22.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3159.json"},{"CVE":"CVE-2015-3151","severity":"important","public_date":"2015-04-22T00:00:00Z","advisories":["RHSA-2015:1083"],"bugzilla":"1214451","bugzilla_description":"CVE-2015-3151 abrt: directory traversals in several D-Bus methods implemented by abrt-dbus","cvss_score":6.6,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:C/I:C/A:N","CWE":"CWE-22","affected_packages":["abrt-0:2.1.11-22.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3151.json"},{"CVE":"CVE-2015-3150","severity":"important","public_date":"2015-04-22T00:00:00Z","advisories":["RHSA-2015:1083"],"bugzilla":"1214457","bugzilla_description":"CVE-2015-3150 abrt: abrt-dbus does not guard against crafted problem directory path arguments","cvss_score":6.6,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:C/I:C/A:N","CWE":"CWE-20","affected_packages":["abrt-0:2.1.11-22.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3150.json"},{"CVE":"CVE-2015-3142","severity":"low","public_date":"2015-04-17T00:00:00Z","advisories":["RHSA-2015:1210","RHSA-2015:1083"],"bugzilla":"1212818","bugzilla_description":"CVE-2015-3142 abrt: abrt-hook-ccpp writes core dumps to existing files owned by others","cvss_score":1.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:N/A:N","CWE":"CWE-282->CWE-200","affected_packages":["abrt-0:2.0.8-26.el6_6.1","abrt-0:2.1.11-22.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3142.json"},{"CVE":"CVE-2015-1869","severity":"important","public_date":"2015-04-17T00:00:00Z","advisories":["RHSA-2015:1210","RHSA-2015:1083"],"bugzilla":"1212861","bugzilla_description":"CVE-2015-1869 abrt: default event scripts follow symbolic links","cvss_score":7.2,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","CWE":"CWE-59","affected_packages":["abrt-0:2.0.8-26.el6_6.1","abrt-0:2.1.11-22.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1869.json"},{"CVE":"CVE-2015-1870","severity":"low","public_date":"2015-04-17T00:00:00Z","advisories":["RHSA-2015:1210","RHSA-2015:1083"],"bugzilla":"1212868","bugzilla_description":"CVE-2015-1870 abrt: default abrt event scripts lead to information disclosure","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":"CWE-200","affected_packages":["abrt-0:2.0.8-26.el6_6.1","abrt-0:2.1.11-22.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1870.json"},{"CVE":"CVE-2015-3147","severity":"low","public_date":"2015-04-17T00:00:00Z","advisories":["RHSA-2015:1210","RHSA-2015:1083"],"bugzilla":"1212953","bugzilla_description":"CVE-2015-3147 abrt: does not validate contents of uploaded problem reports","cvss_score":3.6,"cvss_scoring_vector":"AV:N/AC:H/Au:S/C:N/I:P/A:P","CWE":"CWE-283","affected_packages":["abrt-0:2.0.8-26.el6_6.1","abrt-0:2.1.11-22.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3147.json"},{"CVE":"CVE-2015-1862","severity":"important","public_date":"2015-04-14T00:00:00Z","advisories":[],"bugzilla":"1211223","bugzilla_description":"CVE-2015-1862 abrt: local privilege escalation through kernel.core_pattern","cvss_score":7.2,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1862.json"},{"CVE":"CVE-2015-3315","severity":"important","public_date":"2015-04-14T00:00:00Z","advisories":["RHSA-2015:1210","RHSA-2015:1083"],"bugzilla":"1211835","bugzilla_description":"CVE-2015-3315 abrt: Various race-conditions and symlink issues found in abrt","cvss_score":7.2,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","CWE":"CWE-362->CWE-59","affected_packages":["abrt-0:2.0.8-26.el6_6.1","abrt-0:2.1.11-22.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3315.json"},{"CVE":"CVE-2013-4209","severity":"low","public_date":"2013-09-06T00:00:00Z","advisories":[],"bugzilla":"991604","bugzilla_description":"CVE-2013-4209 ABRT: (substantially) limited leak of unauthorized information","cvss_score":1.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:N/A:N","CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4209.json"},{"CVE":"CVE-2012-5659","severity":"important","public_date":"2013-01-30T00:00:00Z","advisories":["RHSA-2013:0215"],"bugzilla":"854011","bugzilla_description":"CVE-2012-5659 abrt: Arbitrary Python code execution due improper sanitization of the PYTHONPATH environment variable by installing debuginfo packages into cache","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["abrt-0:2.0.8-6.el6_3.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5659.json"},{"CVE":"CVE-2012-5660","severity":"moderate","public_date":"2013-01-30T00:00:00Z","advisories":["RHSA-2013:0215"],"bugzilla":"887866","bugzilla_description":"CVE-2012-5660 abrt: Race condition in abrt-action-install-debuginfo","cvss_score":6.6,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:C/I:C/A:C","CWE":"CWE-426","affected_packages":["abrt-0:2.0.8-6.el6_3.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5660.json"},{"CVE":"CVE-2012-1106","severity":"low","public_date":"2012-02-06T00:00:00Z","advisories":["RHSA-2012:0841"],"bugzilla":"785163","bugzilla_description":"CVE-2012-1106 abrt: Setuid process core dump archived with unsafe GID permissions","cvss_score":1.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["abrt-0:2.0.8-6.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1106.json"},{"CVE":"CVE-2011-4088","severity":"low","public_date":"2011-11-18T00:00:00Z","advisories":["RHSA-2012:0841"],"bugzilla":"749854","bugzilla_description":"CVE-2011-4088 abrt: may leak some personal information to bugzilla with some certain applications","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["abrt-0:2.0.8-6.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4088.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/accountsservice-libs_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/accountsservice-libs_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/accountsservice-libs_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/accountsservice_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/accountsservice_security_api_results.json new file mode 100644 index 0000000..7052de9 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/accountsservice_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2018-14036","severity":"moderate","public_date":"2018-07-13T00:00:00Z","advisories":[],"bugzilla":"1601019","bugzilla_description":"CVE-2018-14036 accountsservice: insufficient path check in user_change_icon_file_authorized_cb() in user.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-22","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14036.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"5.0"},{"CVE":"CVE-2012-6655","severity":"low","public_date":"2012-09-17T00:00:00Z","advisories":[],"bugzilla":"1130538","bugzilla_description":"CVE-2012-6655 accountsservice: local encrypted password disclosure when changing password","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6655.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/acl_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/acl_security_api_results.json new file mode 100644 index 0000000..fe98cef --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/acl_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2018-3183","severity":"critical","public_date":"2018-10-16T00:00:00Z","advisories":["RHSA-2018:2943","RHSA-2018:2942","RHSA-2018:3534","RHSA-2018:3533","RHSA-2018:3852","RHSA-2018:3521","RHSA-2018:3003","RHSA-2018:3002"],"bugzilla":"1639268","bugzilla_description":"CVE-2018-3183 OpenJDK: Unrestricted access to scripting engine (Scripting, 8202936)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-284","affected_packages":["java-1.8.0-openjdk-1:1.8.0.191.b12-0.el6_10","java-1.8.0-openjdk-1:1.8.0.191.b12-0.el7_5","java-1.8.0-ibm-1:1.8.0.5.25-1jpp.1.el7","java-1.8.0-ibm-1:1.8.0.5.25-1jpp.1.el6_10","java-1.8.0-oracle-1:1.8.0.191-1jpp.1.el7","java-1.8.0-oracle-1:1.8.0.191-1jpp.1.el6","java-11-openjdk-1:11.0.1.13-3.el7_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-3183.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2018-3169","severity":"critical","public_date":"2018-10-16T00:00:00Z","advisories":["RHSA-2018:3409","RHSA-2018:2943","RHSA-2018:3779","RHSA-2018:2942","RHSA-2018:3350","RHSA-2018:3534","RHSA-2018:3533","RHSA-2018:3852","RHSA-2018:3521","RHSA-2018:3003","RHSA-2018:3002","RHSA-2018:3001","RHSA-2018:3672","RHSA-2018:3000","RHSA-2018:3671"],"bugzilla":"1639293","bugzilla_description":"CVE-2018-3169 OpenJDK: Improper field access checks (Hotspot, 8199226)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-284","affected_packages":["java-1.7.0-openjdk-1:1.7.0.201-2.6.16.0.el6_10","java-1.8.0-openjdk-1:1.8.0.191.b12-0.el6_10","java-1.8.0-openjdk-1:1.8.0.191.b12-0.el7_5","java-1.8.0-ibm-1:1.8.0.5.25-1jpp.1.el7","java-1.8.0-ibm-1:1.8.0.5.25-1jpp.1.el6_10","java-1.7.1-ibm-1:1.7.1.4.35-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.201-1jpp.1.el6","java-1.7.0-oracle-1:1.7.0.201-1jpp.1.el7","java-1.8.0-oracle-1:1.8.0.191-1jpp.1.el7","java-1.8.0-oracle-1:1.8.0.191-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.35-1jpp.1.el6_10","java-11-openjdk-1:11.0.1.13-3.el7_6","java-1.7.0-openjdk-1:1.7.0.201-2.6.16.1.el7_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-3169.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-3214","severity":"moderate","public_date":"2018-10-16T00:00:00Z","advisories":["RHSA-2018:3409","RHSA-2018:2943","RHSA-2018:3779","RHSA-2018:3008","RHSA-2018:2942","RHSA-2018:3350","RHSA-2018:3007","RHSA-2018:3534","RHSA-2018:3533","RHSA-2018:3852","RHSA-2018:3003","RHSA-2018:3002","RHSA-2018:3001","RHSA-2018:3672","RHSA-2018:3000","RHSA-2018:3671"],"bugzilla":"1639301","bugzilla_description":"CVE-2018-3214 OpenJDK: Infinite loop in RIFF format reader (Sound, 8205361)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":["java-1.7.0-openjdk-1:1.7.0.201-2.6.16.0.el6_10","java-1.8.0-openjdk-1:1.8.0.191.b12-0.el6_10","java-1.8.0-openjdk-1:1.8.0.191.b12-0.el7_5","java-1.8.0-ibm-1:1.8.0.5.25-1jpp.1.el7","java-1.8.0-ibm-1:1.8.0.5.25-1jpp.1.el6_10","java-1.6.0-sun-1:1.6.0.211-1jpp.1.el6","java-1.6.0-sun-1:1.6.0.211-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.4.35-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.201-1jpp.1.el6","java-1.7.0-oracle-1:1.7.0.201-1jpp.1.el7","java-1.8.0-oracle-1:1.8.0.191-1jpp.1.el7","java-1.8.0-oracle-1:1.8.0.191-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.35-1jpp.1.el6_10","java-1.7.0-openjdk-1:1.7.0.201-2.6.16.1.el7_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-3214.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-3139","severity":"moderate","public_date":"2018-10-16T00:00:00Z","advisories":["RHSA-2018:3409","RHSA-2018:2943","RHSA-2018:3779","RHSA-2018:3008","RHSA-2018:2942","RHSA-2018:3350","RHSA-2018:3007","RHSA-2018:3534","RHSA-2018:3533","RHSA-2018:3852","RHSA-2018:3521","RHSA-2018:3003","RHSA-2018:3002","RHSA-2018:3001","RHSA-2018:3672","RHSA-2018:3000","RHSA-2018:3671"],"bugzilla":"1639442","bugzilla_description":"CVE-2018-3139 OpenJDK: Leak of sensitive header data via HTTP redirect (Networking, 8196902)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-201","affected_packages":["java-1.7.0-openjdk-1:1.7.0.201-2.6.16.0.el6_10","java-1.8.0-openjdk-1:1.8.0.191.b12-0.el6_10","java-1.8.0-openjdk-1:1.8.0.191.b12-0.el7_5","java-1.8.0-ibm-1:1.8.0.5.25-1jpp.1.el7","java-1.8.0-ibm-1:1.8.0.5.25-1jpp.1.el6_10","java-1.6.0-sun-1:1.6.0.211-1jpp.1.el6","java-1.6.0-sun-1:1.6.0.211-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.4.35-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.201-1jpp.1.el6","java-1.7.0-oracle-1:1.7.0.201-1jpp.1.el7","java-1.8.0-oracle-1:1.8.0.191-1jpp.1.el7","java-1.8.0-oracle-1:1.8.0.191-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.35-1jpp.1.el6_10","java-11-openjdk-1:11.0.1.13-3.el7_6","java-1.7.0-openjdk-1:1.7.0.201-2.6.16.1.el7_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-3139.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N","cvss3_score":"3.1"},{"CVE":"CVE-2018-3180","severity":"moderate","public_date":"2018-10-16T00:00:00Z","advisories":["RHSA-2018:3409","RHSA-2018:2943","RHSA-2018:3779","RHSA-2018:3008","RHSA-2018:2942","RHSA-2018:3350","RHSA-2018:3007","RHSA-2018:3534","RHSA-2018:3533","RHSA-2018:3852","RHSA-2018:3521","RHSA-2018:3003","RHSA-2018:3002","RHSA-2018:3001","RHSA-2018:3672","RHSA-2018:3000","RHSA-2018:3671"],"bugzilla":"1639484","bugzilla_description":"CVE-2018-3180 OpenJDK: Missing endpoint identification algorithm check during TLS session resumption (JSSE, 8202613)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-295","affected_packages":["java-1.7.0-openjdk-1:1.7.0.201-2.6.16.0.el6_10","java-1.8.0-openjdk-1:1.8.0.191.b12-0.el6_10","java-1.8.0-openjdk-1:1.8.0.191.b12-0.el7_5","java-1.8.0-ibm-1:1.8.0.5.25-1jpp.1.el7","java-1.8.0-ibm-1:1.8.0.5.25-1jpp.1.el6_10","java-1.6.0-sun-1:1.6.0.211-1jpp.1.el6","java-1.6.0-sun-1:1.6.0.211-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.4.35-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.201-1jpp.1.el6","java-1.7.0-oracle-1:1.7.0.201-1jpp.1.el7","java-1.8.0-oracle-1:1.8.0.191-1jpp.1.el7","java-1.8.0-oracle-1:1.8.0.191-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.35-1jpp.1.el6_10","java-11-openjdk-1:11.0.1.13-3.el7_6","java-1.7.0-openjdk-1:1.7.0.201-2.6.16.1.el7_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-3180.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N","cvss3_score":"4.8"},{"CVE":"CVE-2018-3136","severity":"moderate","public_date":"2018-10-16T00:00:00Z","advisories":["RHSA-2018:3409","RHSA-2018:2943","RHSA-2018:3779","RHSA-2018:3008","RHSA-2018:2942","RHSA-2018:3350","RHSA-2018:3007","RHSA-2018:3534","RHSA-2018:3533","RHSA-2018:3852","RHSA-2018:3521","RHSA-2018:3003","RHSA-2018:3002","RHSA-2018:3001","RHSA-2018:3672","RHSA-2018:3000","RHSA-2018:3671"],"bugzilla":"1639755","bugzilla_description":"CVE-2018-3136 OpenJDK: Incorrect handling of unsigned attributes in signed Jar manifests (Security, 8194534)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-347","affected_packages":["java-1.7.0-openjdk-1:1.7.0.201-2.6.16.0.el6_10","java-1.8.0-openjdk-1:1.8.0.191.b12-0.el6_10","java-1.8.0-openjdk-1:1.8.0.191.b12-0.el7_5","java-1.8.0-ibm-1:1.8.0.5.25-1jpp.1.el7","java-1.8.0-ibm-1:1.8.0.5.25-1jpp.1.el6_10","java-1.6.0-sun-1:1.6.0.211-1jpp.1.el6","java-1.6.0-sun-1:1.6.0.211-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.4.35-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.201-1jpp.1.el6","java-1.7.0-oracle-1:1.7.0.201-1jpp.1.el7","java-1.8.0-oracle-1:1.8.0.191-1jpp.1.el7","java-1.8.0-oracle-1:1.8.0.191-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.35-1jpp.1.el6_10","java-11-openjdk-1:11.0.1.13-3.el7_6","java-1.7.0-openjdk-1:1.7.0.201-2.6.16.1.el7_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-3136.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N","cvss3_score":"3.1"},{"CVE":"CVE-2018-3149","severity":"important","public_date":"2018-10-16T00:00:00Z","advisories":["RHSA-2018:3409","RHSA-2018:2943","RHSA-2018:3779","RHSA-2018:3008","RHSA-2018:2942","RHSA-2018:3350","RHSA-2018:3007","RHSA-2018:3534","RHSA-2018:3533","RHSA-2018:3852","RHSA-2018:3521","RHSA-2018:3003","RHSA-2018:3002","RHSA-2018:3001","RHSA-2018:3672","RHSA-2018:3000","RHSA-2018:3671"],"bugzilla":"1639834","bugzilla_description":"CVE-2018-3149 OpenJDK: Incomplete enforcement of the trustURLCodebase restriction (JNDI, 8199177)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-426","affected_packages":["java-1.7.0-openjdk-1:1.7.0.201-2.6.16.0.el6_10","java-1.8.0-openjdk-1:1.8.0.191.b12-0.el6_10","java-1.8.0-openjdk-1:1.8.0.191.b12-0.el7_5","java-1.8.0-ibm-1:1.8.0.5.25-1jpp.1.el7","java-1.8.0-ibm-1:1.8.0.5.25-1jpp.1.el6_10","java-1.6.0-sun-1:1.6.0.211-1jpp.1.el6","java-1.6.0-sun-1:1.6.0.211-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.4.35-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.201-1jpp.1.el6","java-1.7.0-oracle-1:1.7.0.201-1jpp.1.el7","java-1.8.0-oracle-1:1.8.0.191-1jpp.1.el7","java-1.8.0-oracle-1:1.8.0.191-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.35-1jpp.1.el6_10","java-11-openjdk-1:11.0.1.13-3.el7_6","java-1.7.0-openjdk-1:1.7.0.201-2.6.16.1.el7_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-3149.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-3209","severity":"critical","public_date":"2018-10-16T00:00:00Z","advisories":["RHSA-2018:3003","RHSA-2018:3002"],"bugzilla":"1639904","bugzilla_description":"CVE-2018-3209 Oracle JDK: unspecified vulnerability fixed in 8u191 (JavaFX)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.191-1jpp.1.el7","java-1.8.0-oracle-1:1.8.0.191-1jpp.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-3209.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-3211","severity":"moderate","public_date":"2018-10-16T00:00:00Z","advisories":["RHSA-2018:3003","RHSA-2018:3002"],"bugzilla":"1639906","bugzilla_description":"CVE-2018-3211 Oracle JDK: unspecified vulnerability fixed in 8u191 and 11.0.1 (Serviceability)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.191-1jpp.1.el7","java-1.8.0-oracle-1:1.8.0.191-1jpp.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-3211.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N","cvss3_score":"6.6"},{"CVE":"CVE-2018-2952","severity":"moderate","public_date":"2018-07-17T00:00:00Z","advisories":["RHSA-2018:2713","RHSA-2018:2568","RHSA-2018:2712","RHSA-2018:3008","RHSA-2018:2569","RHSA-2018:2283","RHSA-2018:3007","RHSA-2018:2256","RHSA-2018:2575","RHSA-2018:2576","RHSA-2018:2254","RHSA-2018:2255","RHSA-2018:2241","RHSA-2018:2253","RHSA-2018:2242","RHSA-2018:2286"],"bugzilla":"1600925","bugzilla_description":"CVE-2018-2952 OpenJDK: insufficient index validation in PatternSyntaxException getMessage() (Concurrency, 8199547)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-770","affected_packages":["java-1.7.0-oracle-1:1.7.0.191-1jpp.1.el6","java-1.7.0-openjdk-1:1.7.0.191-2.6.15.4.el6_10","java-1.7.1-ibm-1:1.7.1.4.30-1jpp.2.el6_10","java-1.8.0-ibm-1:1.8.0.5.20-1jpp.1.el7","java-1.8.0-ibm-1:1.8.0.5.20-1jpp.1.el6_10","java-1.8.0-oracle-1:1.8.0.181-1jpp.2.el6","java-1.6.0-sun-1:1.6.0.211-1jpp.1.el6","java-1.7.0-oracle-1:1.7.0.191-1jpp.2.el7","java-1.8.0-oracle-1:1.8.0.181-1jpp.2.el7","java-1.6.0-sun-1:1.6.0.211-1jpp.1.el7","java-1.7.0-openjdk-1:1.7.0.191-2.6.15.4.el7_5","java-1.8.0-openjdk-1:1.8.0.181-3.b13.el6_10","java-1.7.1-ibm-1:1.7.1.4.30-1jpp.1.el7","java-1.8.0-openjdk-1:1.8.0.181-3.b13.el7_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2952.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-2938","severity":"important","public_date":"2018-07-17T00:00:00Z","advisories":[],"bugzilla":"1602141","bugzilla_description":"CVE-2018-2938 Oracle JDK: unspecified vulnerability fixed in 6u201, 7u191, and 8u181 (Java DB)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2938.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H","cvss3_score":"9.0"},{"CVE":"CVE-2018-2964","severity":"critical","public_date":"2018-07-17T00:00:00Z","advisories":["RHSA-2018:2256","RHSA-2018:2253"],"bugzilla":"1602142","bugzilla_description":"CVE-2018-2964 Oracle JDK: unspecified vulnerability fixed in 8u181 and 10.0.2 (Deployment)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.181-1jpp.2.el6","java-1.8.0-oracle-1:1.8.0.181-1jpp.2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2964.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-2941","severity":"critical","public_date":"2018-07-17T00:00:00Z","advisories":["RHSA-2018:2256","RHSA-2018:2254","RHSA-2018:2255","RHSA-2018:2253"],"bugzilla":"1602143","bugzilla_description":"CVE-2018-2941 Oracle JDK: unspecified vulnerability fixed in 7u191, 8u181, and 10.0.2 (JavaFX)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.191-1jpp.1.el6","java-1.8.0-oracle-1:1.8.0.181-1jpp.2.el6","java-1.7.0-oracle-1:1.7.0.191-1jpp.2.el7","java-1.8.0-oracle-1:1.8.0.181-1jpp.2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2941.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-2942","severity":"critical","public_date":"2018-07-17T00:00:00Z","advisories":[],"bugzilla":"1602144","bugzilla_description":"CVE-2018-2942 Oracle JDK: unspecified vulnerability fixed in 7u191 and 8u181 (Windows DLL)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2942.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-2973","severity":"moderate","public_date":"2018-07-17T00:00:00Z","advisories":["RHSA-2018:2713","RHSA-2018:2568","RHSA-2018:2712","RHSA-2018:3008","RHSA-2018:2569","RHSA-2018:3007","RHSA-2018:2256","RHSA-2018:2575","RHSA-2018:2576","RHSA-2018:2254","RHSA-2018:2255","RHSA-2018:2253"],"bugzilla":"1602145","bugzilla_description":"CVE-2018-2973 Oracle JDK: unspecified vulnerability fixed in 6u201, 7u191, 8u181, and 10.0.2 (JSSE)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.191-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.30-1jpp.2.el6_10","java-1.8.0-ibm-1:1.8.0.5.20-1jpp.1.el7","java-1.8.0-ibm-1:1.8.0.5.20-1jpp.1.el6_10","java-1.8.0-oracle-1:1.8.0.181-1jpp.2.el6","java-1.6.0-sun-1:1.6.0.211-1jpp.1.el6","java-1.7.0-oracle-1:1.7.0.191-1jpp.2.el7","java-1.8.0-oracle-1:1.8.0.181-1jpp.2.el7","java-1.7.1-ibm-1:1.7.1.4.30-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.211-1jpp.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2973.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N","cvss3_score":"5.9"},{"CVE":"CVE-2018-2940","severity":"moderate","public_date":"2018-07-17T00:00:00Z","advisories":["RHSA-2018:2713","RHSA-2018:2568","RHSA-2018:2712","RHSA-2018:3008","RHSA-2018:2569","RHSA-2018:3007","RHSA-2018:2256","RHSA-2018:2575","RHSA-2018:2576","RHSA-2018:2254","RHSA-2018:2255","RHSA-2018:2253"],"bugzilla":"1602146","bugzilla_description":"CVE-2018-2940 Oracle JDK: unspecified vulnerability fixed in 6u201, 7u191, 8u181, and 10.0.2 (Libraries)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.191-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.30-1jpp.2.el6_10","java-1.8.0-ibm-1:1.8.0.5.20-1jpp.1.el7","java-1.8.0-ibm-1:1.8.0.5.20-1jpp.1.el6_10","java-1.8.0-oracle-1:1.8.0.181-1jpp.2.el6","java-1.6.0-sun-1:1.6.0.211-1jpp.1.el6","java-1.7.0-oracle-1:1.7.0.191-1jpp.2.el7","java-1.8.0-oracle-1:1.8.0.181-1jpp.2.el7","java-1.7.1-ibm-1:1.7.1.4.30-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.211-1jpp.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2940.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2018-2814","severity":"critical","public_date":"2018-04-17T00:00:00Z","advisories":["RHSA-2018:1270","RHSA-2018:1206","RHSA-2018:1191","RHSA-2018:1204","RHSA-2018:1205","RHSA-2018:1202","RHSA-2018:1203","RHSA-2018:1201","RHSA-2018:1278","RHSA-2018:1188"],"bugzilla":"1567121","bugzilla_description":"CVE-2018-2814 OpenJDK: incorrect handling of Reference clones can lead to sandbox bypass (Hotspot, 8192025)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.181-2.6.14.1.el6_9","java-1.8.0-oracle-1:1.8.0.171-1jpp.2.el6","java-1.7.0-oracle-1:1.7.0.181-1jpp.1.el7","java-1.8.0-openjdk-1:1.8.0.171-7.b10.el7","java-1.7.0-oracle-1:1.7.0.181-1jpp.1.el6","java-1.7.0-openjdk-1:1.7.0.181-2.6.14.5.el7","java-1.8.0-oracle-1:1.8.0.171-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.191-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.191-1jpp.2.el6","java-1.8.0-openjdk-1:1.8.0.171-3.b10.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2814.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-2794","severity":"important","public_date":"2018-04-17T00:00:00Z","advisories":["RHSA-2018:1206","RHSA-2018:1723","RHSA-2018:1724","RHSA-2018:1204","RHSA-2018:1721","RHSA-2018:1974","RHSA-2018:1205","RHSA-2018:1722","RHSA-2018:1975","RHSA-2018:1270","RHSA-2018:1191","RHSA-2018:1202","RHSA-2018:1203","RHSA-2018:1201","RHSA-2018:1278","RHSA-2018:1188"],"bugzilla":"1567126","bugzilla_description":"CVE-2018-2794 OpenJDK: unrestricted deserialization of data from JCEKS key stores (Security, 8189997)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-502","affected_packages":["java-1.7.0-oracle-1:1.7.0.181-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.181-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.5.15-1jpp.2.el6_9","java-1.6.0-sun-1:1.6.0.191-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.4.25-1jpp.3.el7","java-1.7.1-ibm-1:1.7.1.4.25-1jpp.3.el6","java-1.8.0-openjdk-1:1.8.0.171-3.b10.el6_9","java-1.8.0-ibm-1:1.8.0.5.15-1jpp.2.el6","java-1.7.0-openjdk-1:1.7.0.181-2.6.14.1.el6_9","java-1.8.0-oracle-1:1.8.0.171-1jpp.2.el6","java-1.8.0-openjdk-1:1.8.0.171-7.b10.el7","java-1.8.0-ibm-1:1.8.0.5.15-1jpp.5.el7","java-1.7.0-openjdk-1:1.7.0.181-2.6.14.5.el7","java-1.8.0-oracle-1:1.8.0.171-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.191-1jpp.2.el6","java-1.7.1-ibm-1:1.7.1.4.25-1jpp.2.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2794.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2018-2795","severity":"moderate","public_date":"2018-04-17T00:00:00Z","advisories":["RHSA-2018:1206","RHSA-2018:1723","RHSA-2018:1724","RHSA-2018:1204","RHSA-2018:1721","RHSA-2018:1974","RHSA-2018:1205","RHSA-2018:1722","RHSA-2018:1975","RHSA-2018:1270","RHSA-2018:1191","RHSA-2018:1202","RHSA-2018:1203","RHSA-2018:1201","RHSA-2018:1278","RHSA-2018:1188"],"bugzilla":"1567351","bugzilla_description":"CVE-2018-2795 OpenJDK: insufficient consistency checks in deserialization of multiple classes (Security, 8189977)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-770","affected_packages":["java-1.7.0-oracle-1:1.7.0.181-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.181-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.5.15-1jpp.2.el6_9","java-1.6.0-sun-1:1.6.0.191-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.4.25-1jpp.3.el7","java-1.7.1-ibm-1:1.7.1.4.25-1jpp.3.el6","java-1.8.0-openjdk-1:1.8.0.171-3.b10.el6_9","java-1.8.0-ibm-1:1.8.0.5.15-1jpp.2.el6","java-1.7.0-openjdk-1:1.7.0.181-2.6.14.1.el6_9","java-1.8.0-oracle-1:1.8.0.171-1jpp.2.el6","java-1.8.0-openjdk-1:1.8.0.171-7.b10.el7","java-1.8.0-ibm-1:1.8.0.5.15-1jpp.5.el7","java-1.7.0-openjdk-1:1.7.0.181-2.6.14.5.el7","java-1.8.0-oracle-1:1.8.0.171-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.191-1jpp.2.el6","java-1.7.1-ibm-1:1.7.1.4.25-1jpp.2.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2795.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-2815","severity":"moderate","public_date":"2018-04-17T00:00:00Z","advisories":["RHSA-2018:1270","RHSA-2018:1206","RHSA-2018:1191","RHSA-2018:1204","RHSA-2018:1205","RHSA-2018:1202","RHSA-2018:1203","RHSA-2018:1201","RHSA-2018:1278","RHSA-2018:1188"],"bugzilla":"1567537","bugzilla_description":"CVE-2018-2815 OpenJDK: unbounded memory allocation during deserialization in StubIORImpl (Serialization, 8192757)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-770","affected_packages":["java-1.7.0-openjdk-1:1.7.0.181-2.6.14.1.el6_9","java-1.8.0-oracle-1:1.8.0.171-1jpp.2.el6","java-1.7.0-oracle-1:1.7.0.181-1jpp.1.el7","java-1.8.0-openjdk-1:1.8.0.171-7.b10.el7","java-1.7.0-oracle-1:1.7.0.181-1jpp.1.el6","java-1.7.0-openjdk-1:1.7.0.181-2.6.14.5.el7","java-1.8.0-oracle-1:1.8.0.171-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.191-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.191-1jpp.2.el6","java-1.8.0-openjdk-1:1.8.0.171-3.b10.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2815.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-2799","severity":"moderate","public_date":"2018-04-17T00:00:00Z","advisories":["RHSA-2018:1206","RHSA-2018:1723","RHSA-2018:1724","RHSA-2018:1204","RHSA-2018:1721","RHSA-2018:1974","RHSA-2018:1722","RHSA-2018:1975","RHSA-2018:1270","RHSA-2018:1191","RHSA-2018:1202","RHSA-2018:1201","RHSA-2018:1278","RHSA-2018:1188"],"bugzilla":"1567542","bugzilla_description":"CVE-2018-2799 OpenJDK: unbounded memory allocation during deserialization in NamedNodeMapImpl (JAXP, 8189993)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-770","affected_packages":["java-1.7.0-oracle-1:1.7.0.181-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.181-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.5.15-1jpp.2.el6_9","java-1.7.1-ibm-1:1.7.1.4.25-1jpp.3.el7","java-1.7.1-ibm-1:1.7.1.4.25-1jpp.3.el6","java-1.8.0-openjdk-1:1.8.0.171-3.b10.el6_9","java-1.8.0-ibm-1:1.8.0.5.15-1jpp.2.el6","java-1.7.0-openjdk-1:1.7.0.181-2.6.14.1.el6_9","java-1.8.0-oracle-1:1.8.0.171-1jpp.2.el6","java-1.8.0-openjdk-1:1.8.0.171-7.b10.el7","java-1.8.0-ibm-1:1.8.0.5.15-1jpp.5.el7","java-1.7.0-openjdk-1:1.7.0.181-2.6.14.5.el7","java-1.8.0-oracle-1:1.8.0.171-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.4.25-1jpp.2.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2799.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-2798","severity":"moderate","public_date":"2018-04-17T00:00:00Z","advisories":["RHSA-2018:1206","RHSA-2018:1723","RHSA-2018:1724","RHSA-2018:1204","RHSA-2018:1721","RHSA-2018:1974","RHSA-2018:1205","RHSA-2018:1722","RHSA-2018:1975","RHSA-2018:1270","RHSA-2018:1191","RHSA-2018:1202","RHSA-2018:1203","RHSA-2018:1201","RHSA-2018:1278","RHSA-2018:1188"],"bugzilla":"1567543","bugzilla_description":"CVE-2018-2798 OpenJDK: unbounded memory allocation during deserialization in Container (AWT, 8189989)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-770","affected_packages":["java-1.7.0-oracle-1:1.7.0.181-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.181-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.5.15-1jpp.2.el6_9","java-1.6.0-sun-1:1.6.0.191-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.4.25-1jpp.3.el7","java-1.7.1-ibm-1:1.7.1.4.25-1jpp.3.el6","java-1.8.0-openjdk-1:1.8.0.171-3.b10.el6_9","java-1.8.0-ibm-1:1.8.0.5.15-1jpp.2.el6","java-1.7.0-openjdk-1:1.7.0.181-2.6.14.1.el6_9","java-1.8.0-oracle-1:1.8.0.171-1jpp.2.el6","java-1.8.0-openjdk-1:1.8.0.171-7.b10.el7","java-1.8.0-ibm-1:1.8.0.5.15-1jpp.5.el7","java-1.7.0-openjdk-1:1.7.0.181-2.6.14.5.el7","java-1.8.0-oracle-1:1.8.0.171-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.191-1jpp.2.el6","java-1.7.1-ibm-1:1.7.1.4.25-1jpp.2.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2798.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-2797","severity":"moderate","public_date":"2018-04-17T00:00:00Z","advisories":["RHSA-2018:1206","RHSA-2018:1723","RHSA-2018:1724","RHSA-2018:1204","RHSA-2018:1721","RHSA-2018:1974","RHSA-2018:1205","RHSA-2018:1722","RHSA-2018:1975","RHSA-2018:1270","RHSA-2018:1191","RHSA-2018:1202","RHSA-2018:1203","RHSA-2018:1201","RHSA-2018:1278","RHSA-2018:1188"],"bugzilla":"1567545","bugzilla_description":"CVE-2018-2797 OpenJDK: unbounded memory allocation during deserialization in TabularDataSupport (JMX, 8189985)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-770","affected_packages":["java-1.7.0-oracle-1:1.7.0.181-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.181-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.5.15-1jpp.2.el6_9","java-1.6.0-sun-1:1.6.0.191-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.4.25-1jpp.3.el7","java-1.7.1-ibm-1:1.7.1.4.25-1jpp.3.el6","java-1.8.0-openjdk-1:1.8.0.171-3.b10.el6_9","java-1.8.0-ibm-1:1.8.0.5.15-1jpp.2.el6","java-1.7.0-openjdk-1:1.7.0.181-2.6.14.1.el6_9","java-1.8.0-oracle-1:1.8.0.171-1jpp.2.el6","java-1.8.0-openjdk-1:1.8.0.171-7.b10.el7","java-1.8.0-ibm-1:1.8.0.5.15-1jpp.5.el7","java-1.7.0-openjdk-1:1.7.0.181-2.6.14.5.el7","java-1.8.0-oracle-1:1.8.0.171-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.191-1jpp.2.el6","java-1.7.1-ibm-1:1.7.1.4.25-1jpp.2.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2797.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-2796","severity":"moderate","public_date":"2018-04-17T00:00:00Z","advisories":["RHSA-2018:1206","RHSA-2018:1723","RHSA-2018:1724","RHSA-2018:1204","RHSA-2018:1721","RHSA-2018:1974","RHSA-2018:1722","RHSA-2018:1975","RHSA-2018:1270","RHSA-2018:1191","RHSA-2018:1202","RHSA-2018:1201","RHSA-2018:1278","RHSA-2018:1188"],"bugzilla":"1567546","bugzilla_description":"CVE-2018-2796 OpenJDK: unbounded memory allocation during deserialization in PriorityBlockingQueue (Concurrency, 8189981)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-770","affected_packages":["java-1.7.0-oracle-1:1.7.0.181-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.181-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.5.15-1jpp.2.el6_9","java-1.7.1-ibm-1:1.7.1.4.25-1jpp.3.el7","java-1.7.1-ibm-1:1.7.1.4.25-1jpp.3.el6","java-1.8.0-openjdk-1:1.8.0.171-3.b10.el6_9","java-1.8.0-ibm-1:1.8.0.5.15-1jpp.2.el6","java-1.7.0-openjdk-1:1.7.0.181-2.6.14.1.el6_9","java-1.8.0-oracle-1:1.8.0.171-1jpp.2.el6","java-1.8.0-openjdk-1:1.8.0.171-7.b10.el7","java-1.8.0-ibm-1:1.8.0.5.15-1jpp.5.el7","java-1.7.0-openjdk-1:1.7.0.181-2.6.14.5.el7","java-1.8.0-oracle-1:1.8.0.171-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.4.25-1jpp.2.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2796.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-2800","severity":"moderate","public_date":"2018-04-17T00:00:00Z","advisories":["RHSA-2018:1206","RHSA-2018:1723","RHSA-2018:1724","RHSA-2018:1204","RHSA-2018:1721","RHSA-2018:1974","RHSA-2018:1205","RHSA-2018:1722","RHSA-2018:1975","RHSA-2018:1270","RHSA-2018:1191","RHSA-2018:1202","RHSA-2018:1203","RHSA-2018:1201","RHSA-2018:1278","RHSA-2018:1188"],"bugzilla":"1568163","bugzilla_description":"CVE-2018-2800 OpenJDK: RMI HTTP transport enabled by default (RMI, 8193833)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.181-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.181-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.5.15-1jpp.2.el6_9","java-1.6.0-sun-1:1.6.0.191-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.4.25-1jpp.3.el7","java-1.7.1-ibm-1:1.7.1.4.25-1jpp.3.el6","java-1.8.0-openjdk-1:1.8.0.171-3.b10.el6_9","java-1.8.0-ibm-1:1.8.0.5.15-1jpp.2.el6","java-1.7.0-openjdk-1:1.7.0.181-2.6.14.1.el6_9","java-1.8.0-oracle-1:1.8.0.171-1jpp.2.el6","java-1.8.0-openjdk-1:1.8.0.171-7.b10.el7","java-1.8.0-ibm-1:1.8.0.5.15-1jpp.5.el7","java-1.7.0-openjdk-1:1.7.0.181-2.6.14.5.el7","java-1.8.0-oracle-1:1.8.0.171-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.191-1jpp.2.el6","java-1.7.1-ibm-1:1.7.1.4.25-1jpp.2.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2800.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N","cvss3_score":"4.2"},{"CVE":"CVE-2018-2790","severity":"low","public_date":"2018-04-17T00:00:00Z","advisories":["RHSA-2018:1206","RHSA-2018:1723","RHSA-2018:1724","RHSA-2018:1204","RHSA-2018:1721","RHSA-2018:1974","RHSA-2018:1205","RHSA-2018:1722","RHSA-2018:1975","RHSA-2018:1270","RHSA-2018:1191","RHSA-2018:1202","RHSA-2018:1203","RHSA-2018:1201","RHSA-2018:1278","RHSA-2018:1188"],"bugzilla":"1568515","bugzilla_description":"CVE-2018-2790 OpenJDK: incorrect merging of sections in the JAR manifest (Security, 8189969)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-347","affected_packages":["java-1.7.0-oracle-1:1.7.0.181-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.181-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.5.15-1jpp.2.el6_9","java-1.6.0-sun-1:1.6.0.191-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.4.25-1jpp.3.el7","java-1.7.1-ibm-1:1.7.1.4.25-1jpp.3.el6","java-1.8.0-openjdk-1:1.8.0.171-3.b10.el6_9","java-1.8.0-ibm-1:1.8.0.5.15-1jpp.2.el6","java-1.7.0-openjdk-1:1.7.0.181-2.6.14.1.el6_9","java-1.8.0-oracle-1:1.8.0.171-1jpp.2.el6","java-1.8.0-openjdk-1:1.8.0.171-7.b10.el7","java-1.8.0-ibm-1:1.8.0.5.15-1jpp.5.el7","java-1.7.0-openjdk-1:1.7.0.181-2.6.14.5.el7","java-1.8.0-oracle-1:1.8.0.171-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.191-1jpp.2.el6","java-1.7.1-ibm-1:1.7.1.4.25-1jpp.2.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2790.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N","cvss3_score":"3.1"},{"CVE":"CVE-2018-2811","severity":"important","public_date":"2018-04-17T00:00:00Z","advisories":["RHSA-2018:1204","RHSA-2018:1202"],"bugzilla":"1569203","bugzilla_description":"CVE-2018-2811 Oracle JDK: unspecified vulnerability fixed in 8u171 and 10.0.1 (Install)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.171-1jpp.2.el6","java-1.8.0-oracle-1:1.8.0.171-1jpp.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2811.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2018-2783","severity":"moderate","public_date":"2018-04-17T00:00:00Z","advisories":["RHSA-2018:1723","RHSA-2018:1724","RHSA-2018:1721","RHSA-2018:1974","RHSA-2018:1205","RHSA-2018:1722","RHSA-2018:1975","RHSA-2018:1203","RHSA-2018:0100","RHSA-2018:0099"],"bugzilla":"1569204","bugzilla_description":"CVE-2018-2783 Oracle JDK: unspecified vulnerability fixed in 6u191, 7u171, and 8u161 (Security)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.161-1jpp.2.el7","java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7","java-1.8.0-oracle-1:1.8.0.161-1jpp.1.el6_9","java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9","java-1.8.0-ibm-1:1.8.0.5.15-1jpp.5.el7","java-1.8.0-ibm-1:1.8.0.5.15-1jpp.2.el6_9","java-1.6.0-sun-1:1.6.0.191-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.4.25-1jpp.3.el7","java-1.7.1-ibm-1:1.7.1.4.25-1jpp.3.el6","java-1.6.0-sun-1:1.6.0.191-1jpp.2.el6","java-1.7.1-ibm-1:1.7.1.4.25-1jpp.2.el6_9","java-1.8.0-ibm-1:1.8.0.5.15-1jpp.2.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2783.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"7.4"},{"CVE":"CVE-2018-13785","severity":"low","public_date":"2018-04-05T00:00:00Z","advisories":["RHSA-2018:3779","RHSA-2018:3008","RHSA-2018:3007","RHSA-2018:3534","RHSA-2018:3533","RHSA-2018:3852","RHSA-2018:3003","RHSA-2018:3002","RHSA-2018:3001","RHSA-2018:3672","RHSA-2018:3000","RHSA-2018:3671"],"bugzilla":"1599943","bugzilla_description":"CVE-2018-13785 libpng: Integer overflow and resultant divide-by-zero in pngrutil.c:png_check_chunk_length() allows for denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190->CWE-369","affected_packages":["java-1.7.1-ibm-1:1.7.1.4.35-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.201-1jpp.1.el6","java-1.7.0-oracle-1:1.7.0.201-1jpp.1.el7","java-1.8.0-ibm-1:1.8.0.5.25-1jpp.1.el7","java-1.8.0-ibm-1:1.8.0.5.25-1jpp.1.el6_10","java-1.8.0-oracle-1:1.8.0.191-1jpp.1.el7","java-1.8.0-oracle-1:1.8.0.191-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.35-1jpp.1.el6_10","java-1.6.0-sun-1:1.6.0.211-1jpp.1.el6","java-1.6.0-sun-1:1.6.0.211-1jpp.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-13785.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"4.3"},{"CVE":"CVE-2018-2678","severity":"moderate","public_date":"2018-01-16T00:00:00Z","advisories":["RHSA-2018:0095","RHSA-2018:0458","RHSA-2018:0349","RHSA-2018:1812","RHSA-2018:0115","RHSA-2018:0521","RHSA-2018:0100","RHSA-2018:0351","RHSA-2018:0352","RHSA-2018:1463","RHSA-2018:0099"],"bugzilla":"1534263","bugzilla_description":"CVE-2018-2678 OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-770","affected_packages":["java-1.7.0-openjdk-1:1.7.0.171-2.6.13.0.el6_9","java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9","java-1.8.0-oracle-1:1.8.0.161-1jpp.1.el6_9","java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9","java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9","java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el7","java-1.8.0-openjdk-1:1.8.0.161-3.b14.el6_9","java-1.8.0-oracle-1:1.8.0.161-1jpp.2.el7","java-1.8.0-openjdk-1:1.8.0.161-0.b14.el7_4","java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7","java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7","java-1.7.0-openjdk-1:1.7.0.171-2.6.13.0.el7_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2678.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-2677","severity":"moderate","public_date":"2018-01-16T00:00:00Z","advisories":["RHSA-2018:0095","RHSA-2018:0458","RHSA-2018:0349","RHSA-2018:1812","RHSA-2018:0115","RHSA-2018:0521","RHSA-2018:0100","RHSA-2018:0351","RHSA-2018:0352","RHSA-2018:1463","RHSA-2018:0099"],"bugzilla":"1534288","bugzilla_description":"CVE-2018-2677 OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-770","affected_packages":["java-1.7.0-openjdk-1:1.7.0.171-2.6.13.0.el6_9","java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9","java-1.8.0-oracle-1:1.8.0.161-1jpp.1.el6_9","java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9","java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9","java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el7","java-1.8.0-openjdk-1:1.8.0.161-3.b14.el6_9","java-1.8.0-oracle-1:1.8.0.161-1jpp.2.el7","java-1.8.0-openjdk-1:1.8.0.161-0.b14.el7_4","java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7","java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7","java-1.7.0-openjdk-1:1.7.0.171-2.6.13.0.el7_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2677.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-2663","severity":"moderate","public_date":"2018-01-16T00:00:00Z","advisories":["RHSA-2018:0095","RHSA-2018:0458","RHSA-2018:0349","RHSA-2018:1812","RHSA-2018:0115","RHSA-2018:0521","RHSA-2018:0100","RHSA-2018:0351","RHSA-2018:0352","RHSA-2018:1463","RHSA-2018:0099"],"bugzilla":"1534296","bugzilla_description":"CVE-2018-2663 OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["java-1.7.0-openjdk-1:1.7.0.171-2.6.13.0.el6_9","java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9","java-1.8.0-oracle-1:1.8.0.161-1jpp.1.el6_9","java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9","java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9","java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el7","java-1.8.0-openjdk-1:1.8.0.161-3.b14.el6_9","java-1.8.0-oracle-1:1.8.0.161-1jpp.2.el7","java-1.8.0-openjdk-1:1.8.0.161-0.b14.el7_4","java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7","java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7","java-1.7.0-openjdk-1:1.7.0.171-2.6.13.0.el7_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2663.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2018-2579","severity":"low","public_date":"2018-01-16T00:00:00Z","advisories":["RHSA-2018:0095","RHSA-2018:0458","RHSA-2018:0349","RHSA-2018:1812","RHSA-2018:0115","RHSA-2018:0521","RHSA-2018:0100","RHSA-2018:0351","RHSA-2018:0352","RHSA-2018:1463","RHSA-2018:0099"],"bugzilla":"1534298","bugzilla_description":"CVE-2018-2579 OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-567","affected_packages":["java-1.7.0-openjdk-1:1.7.0.171-2.6.13.0.el6_9","java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9","java-1.8.0-oracle-1:1.8.0.161-1jpp.1.el6_9","java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9","java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9","java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el7","java-1.8.0-openjdk-1:1.8.0.161-3.b14.el6_9","java-1.8.0-oracle-1:1.8.0.161-1jpp.2.el7","java-1.8.0-openjdk-1:1.8.0.161-0.b14.el7_4","java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7","java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7","java-1.7.0-openjdk-1:1.7.0.171-2.6.13.0.el7_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2579.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"3.7"},{"CVE":"CVE-2018-2588","severity":"moderate","public_date":"2018-01-16T00:00:00Z","advisories":["RHSA-2018:0095","RHSA-2018:0458","RHSA-2018:0349","RHSA-2018:1812","RHSA-2018:0115","RHSA-2018:0521","RHSA-2018:0100","RHSA-2018:0351","RHSA-2018:0352","RHSA-2018:1463","RHSA-2018:0099"],"bugzilla":"1534299","bugzilla_description":"CVE-2018-2588 OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-90","affected_packages":["java-1.7.0-openjdk-1:1.7.0.171-2.6.13.0.el6_9","java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9","java-1.8.0-oracle-1:1.8.0.161-1jpp.1.el6_9","java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9","java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9","java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el7","java-1.8.0-openjdk-1:1.8.0.161-3.b14.el6_9","java-1.8.0-oracle-1:1.8.0.161-1jpp.2.el7","java-1.8.0-openjdk-1:1.8.0.161-0.b14.el7_4","java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7","java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7","java-1.7.0-openjdk-1:1.7.0.171-2.6.13.0.el7_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2588.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2018-2602","severity":"moderate","public_date":"2018-01-16T00:00:00Z","advisories":["RHSA-2018:0095","RHSA-2018:0458","RHSA-2018:0349","RHSA-2018:1812","RHSA-2018:0115","RHSA-2018:0521","RHSA-2018:0100","RHSA-2018:0351","RHSA-2018:0352","RHSA-2018:1463","RHSA-2018:0099"],"bugzilla":"1534525","bugzilla_description":"CVE-2018-2602 OpenJDK: loading of classes from untrusted locations (I18n, 8182601)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-426","affected_packages":["java-1.7.0-openjdk-1:1.7.0.171-2.6.13.0.el6_9","java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9","java-1.8.0-oracle-1:1.8.0.161-1jpp.1.el6_9","java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9","java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9","java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el7","java-1.8.0-openjdk-1:1.8.0.161-3.b14.el6_9","java-1.8.0-oracle-1:1.8.0.161-1jpp.2.el7","java-1.8.0-openjdk-1:1.8.0.161-0.b14.el7_4","java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7","java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7","java-1.7.0-openjdk-1:1.7.0.171-2.6.13.0.el7_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2602.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"4.5"},{"CVE":"CVE-2018-2599","severity":"moderate","public_date":"2018-01-16T00:00:00Z","advisories":["RHSA-2018:0095","RHSA-2018:0458","RHSA-2018:0349","RHSA-2018:1812","RHSA-2018:0115","RHSA-2018:0521","RHSA-2018:0100","RHSA-2018:0351","RHSA-2018:0352","RHSA-2018:1463","RHSA-2018:0099"],"bugzilla":"1534543","bugzilla_description":"CVE-2018-2599 OpenJDK: DnsClient missing source port randomization (JNDI, 8182125)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-330","affected_packages":["java-1.7.0-openjdk-1:1.7.0.171-2.6.13.0.el6_9","java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9","java-1.8.0-oracle-1:1.8.0.161-1jpp.1.el6_9","java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9","java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9","java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el7","java-1.8.0-openjdk-1:1.8.0.161-3.b14.el6_9","java-1.8.0-oracle-1:1.8.0.161-1jpp.2.el7","java-1.8.0-openjdk-1:1.8.0.161-0.b14.el7_4","java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7","java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7","java-1.7.0-openjdk-1:1.7.0.171-2.6.13.0.el7_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2599.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N","cvss3_score":"3.7"},{"CVE":"CVE-2018-2603","severity":"moderate","public_date":"2018-01-16T00:00:00Z","advisories":["RHSA-2018:0095","RHSA-2018:0458","RHSA-2018:0349","RHSA-2018:1812","RHSA-2018:0115","RHSA-2018:0521","RHSA-2018:0100","RHSA-2018:0351","RHSA-2018:0352","RHSA-2018:1463","RHSA-2018:0099"],"bugzilla":"1534553","bugzilla_description":"CVE-2018-2603 OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-770","affected_packages":["java-1.7.0-openjdk-1:1.7.0.171-2.6.13.0.el6_9","java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9","java-1.8.0-oracle-1:1.8.0.161-1jpp.1.el6_9","java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9","java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9","java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el7","java-1.8.0-openjdk-1:1.8.0.161-3.b14.el6_9","java-1.8.0-oracle-1:1.8.0.161-1jpp.2.el7","java-1.8.0-openjdk-1:1.8.0.161-0.b14.el7_4","java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7","java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7","java-1.7.0-openjdk-1:1.7.0.171-2.6.13.0.el7_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2603.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-2629","severity":"moderate","public_date":"2018-01-16T00:00:00Z","advisories":["RHSA-2018:0095","RHSA-2018:0349","RHSA-2018:1812","RHSA-2018:0115","RHSA-2018:0100","RHSA-2018:1463","RHSA-2018:0099"],"bugzilla":"1534625","bugzilla_description":"CVE-2018-2629 OpenJDK: GSS context use-after-free (JGSS, 8186212)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["java-1.8.0-oracle-1:1.8.0.161-1jpp.2.el7","java-1.7.0-openjdk-1:1.7.0.171-2.6.13.0.el6_9","java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9","java-1.8.0-oracle-1:1.8.0.161-1jpp.1.el6_9","java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9","java-1.8.0-openjdk-1:1.8.0.161-0.b14.el7_4","java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7","java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9","java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6","java-1.7.0-openjdk-1:1.7.0.171-2.6.13.0.el7_4","java-1.8.0-openjdk-1:1.8.0.161-3.b14.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2629.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2018-2618","severity":"moderate","public_date":"2018-01-16T00:00:00Z","advisories":["RHSA-2018:0095","RHSA-2018:0458","RHSA-2018:0349","RHSA-2018:1812","RHSA-2018:0115","RHSA-2018:0521","RHSA-2018:0100","RHSA-2018:0351","RHSA-2018:0352","RHSA-2018:1463","RHSA-2018:0099"],"bugzilla":"1534762","bugzilla_description":"CVE-2018-2618 OpenJDK: insufficient strength of key agreement (JCE, 8185292)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-327","affected_packages":["java-1.7.0-openjdk-1:1.7.0.171-2.6.13.0.el6_9","java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9","java-1.8.0-oracle-1:1.8.0.161-1jpp.1.el6_9","java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9","java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9","java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el7","java-1.8.0-openjdk-1:1.8.0.161-3.b14.el6_9","java-1.8.0-oracle-1:1.8.0.161-1jpp.2.el7","java-1.8.0-openjdk-1:1.8.0.161-0.b14.el7_4","java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7","java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7","java-1.7.0-openjdk-1:1.7.0.171-2.6.13.0.el7_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2618.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.9"},{"CVE":"CVE-2018-2641","severity":"important","public_date":"2018-01-16T00:00:00Z","advisories":["RHSA-2018:0095","RHSA-2018:0458","RHSA-2018:0349","RHSA-2018:1812","RHSA-2018:0115","RHSA-2018:0521","RHSA-2018:0100","RHSA-2018:0351","RHSA-2018:0352","RHSA-2018:1463","RHSA-2018:0099"],"bugzilla":"1534766","bugzilla_description":"CVE-2018-2641 OpenJDK: GTK library loading use-after-free (AWT, 8185325)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["java-1.7.0-openjdk-1:1.7.0.171-2.6.13.0.el6_9","java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9","java-1.8.0-oracle-1:1.8.0.161-1jpp.1.el6_9","java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9","java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9","java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el7","java-1.8.0-openjdk-1:1.8.0.161-3.b14.el6_9","java-1.8.0-oracle-1:1.8.0.161-1jpp.2.el7","java-1.8.0-openjdk-1:1.8.0.161-0.b14.el7_4","java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7","java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7","java-1.7.0-openjdk-1:1.7.0.171-2.6.13.0.el7_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2641.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2018-2582","severity":"important","public_date":"2018-01-16T00:00:00Z","advisories":["RHSA-2018:0095","RHSA-2018:0458","RHSA-2018:0521","RHSA-2018:0351","RHSA-2018:0352","RHSA-2018:1463","RHSA-2018:0099"],"bugzilla":"1534768","bugzilla_description":"CVE-2018-2582 OpenJDK: insufficient validation of the invokeinterface instruction (Hotspot, 8174962)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.161-1jpp.2.el7","java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9","java-1.8.0-oracle-1:1.8.0.161-1jpp.1.el6_9","java-1.8.0-openjdk-1:1.8.0.161-0.b14.el7_4","java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9","java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7","java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el7","java-1.8.0-openjdk-1:1.8.0.161-3.b14.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2582.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2018-2634","severity":"important","public_date":"2018-01-16T00:00:00Z","advisories":["RHSA-2018:0095","RHSA-2018:0458","RHSA-2018:0349","RHSA-2018:1812","RHSA-2018:0521","RHSA-2018:0100","RHSA-2018:0351","RHSA-2018:0352","RHSA-2018:1463","RHSA-2018:0099"],"bugzilla":"1534943","bugzilla_description":"CVE-2018-2634 OpenJDK: use of global credentials for HTTP/SPNEGO (JGSS, 8186600)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-284","affected_packages":["java-1.8.0-oracle-1:1.8.0.161-1jpp.2.el7","java-1.7.0-openjdk-1:1.7.0.171-2.6.13.0.el6_9","java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9","java-1.8.0-oracle-1:1.8.0.161-1jpp.1.el6_9","java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9","java-1.8.0-openjdk-1:1.8.0.161-0.b14.el7_4","java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9","java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7","java-1.7.0-openjdk-1:1.7.0.171-2.6.13.0.el7_4","java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el7","java-1.8.0-openjdk-1:1.8.0.161-3.b14.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2634.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N","cvss3_score":"6.8"},{"CVE":"CVE-2018-2637","severity":"important","public_date":"2018-01-16T00:00:00Z","advisories":["RHSA-2018:0095","RHSA-2018:0458","RHSA-2018:0349","RHSA-2018:1812","RHSA-2018:0115","RHSA-2018:0521","RHSA-2018:0100","RHSA-2018:0351","RHSA-2018:0352","RHSA-2018:1463","RHSA-2018:0099"],"bugzilla":"1534970","bugzilla_description":"CVE-2018-2637 OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-502","affected_packages":["java-1.7.0-openjdk-1:1.7.0.171-2.6.13.0.el6_9","java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9","java-1.8.0-oracle-1:1.8.0.161-1jpp.1.el6_9","java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9","java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9","java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el7","java-1.8.0-openjdk-1:1.8.0.161-3.b14.el6_9","java-1.8.0-oracle-1:1.8.0.161-1jpp.2.el7","java-1.8.0-openjdk-1:1.8.0.161-0.b14.el7_4","java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7","java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7","java-1.7.0-openjdk-1:1.7.0.171-2.6.13.0.el7_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2637.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"7.4"},{"CVE":"CVE-2018-2633","severity":"important","public_date":"2018-01-16T00:00:00Z","advisories":["RHSA-2018:0095","RHSA-2018:0458","RHSA-2018:0349","RHSA-2018:1812","RHSA-2018:0115","RHSA-2018:0521","RHSA-2018:0100","RHSA-2018:0351","RHSA-2018:0352","RHSA-2018:1463","RHSA-2018:0099"],"bugzilla":"1535036","bugzilla_description":"CVE-2018-2633 OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["java-1.7.0-openjdk-1:1.7.0.171-2.6.13.0.el6_9","java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9","java-1.8.0-oracle-1:1.8.0.161-1jpp.1.el6_9","java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9","java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9","java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el7","java-1.8.0-openjdk-1:1.8.0.161-3.b14.el6_9","java-1.8.0-oracle-1:1.8.0.161-1jpp.2.el7","java-1.8.0-openjdk-1:1.8.0.161-0.b14.el7_4","java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7","java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7","java-1.7.0-openjdk-1:1.7.0.171-2.6.13.0.el7_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2633.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H","cvss3_score":"8.3"},{"CVE":"CVE-2018-2638","severity":"critical","public_date":"2018-01-16T00:00:00Z","advisories":["RHSA-2018:0351","RHSA-2018:0352","RHSA-2018:1463","RHSA-2018:0099"],"bugzilla":"1535350","bugzilla_description":"CVE-2018-2638 Oracle JDK: unspecified vulnerability fixed in 8u161 and 9.0.4 (Deployment)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.161-1jpp.2.el7","java-1.8.0-oracle-1:1.8.0.161-1jpp.1.el6_9","java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9","java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2638.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-2639","severity":"critical","public_date":"2018-01-16T00:00:00Z","advisories":["RHSA-2018:0351","RHSA-2018:0352","RHSA-2018:1463","RHSA-2018:0099"],"bugzilla":"1535351","bugzilla_description":"CVE-2018-2639 Oracle JDK: unspecified vulnerability fixed in 8u161 and 9.0.4 (Deployment)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.161-1jpp.2.el7","java-1.8.0-oracle-1:1.8.0.161-1jpp.1.el6_9","java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9","java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2639.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-2627","severity":"important","public_date":"2018-01-16T00:00:00Z","advisories":["RHSA-2018:1463","RHSA-2018:0099"],"bugzilla":"1535352","bugzilla_description":"CVE-2018-2627 Oracle JDK: unspecified vulnerability fixed in 8u161 and 9.0.4 (Installer)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.161-1jpp.2.el7","java-1.8.0-oracle-1:1.8.0.161-1jpp.1.el6_9","java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2627.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-2657","severity":"moderate","public_date":"2018-01-16T00:00:00Z","advisories":["RHSA-2018:0458","RHSA-2018:1812","RHSA-2018:0115","RHSA-2018:0521","RHSA-2018:0100","RHSA-2018:1463"],"bugzilla":"1535353","bugzilla_description":"CVE-2018-2657 Oracle JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9","java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9","java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7","java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9","java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2657.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-2581","severity":"moderate","public_date":"2018-01-16T00:00:00Z","advisories":["RHSA-2018:1812","RHSA-2018:0100","RHSA-2018:1463","RHSA-2018:0099"],"bugzilla":"1535354","bugzilla_description":"CVE-2018-2581 Oracle JDK: unspecified vulnerability fixed in 7u171, 8u161, and 9.0.4 (JavaFX)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.161-1jpp.2.el7","java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9","java-1.8.0-oracle-1:1.8.0.161-1jpp.1.el6_9","java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9","java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2581.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2017-10285","severity":"critical","public_date":"2017-10-17T00:00:00Z","advisories":["RHSA-2017:2998","RHSA-2017:2999","RHSA-2017:3392","RHSA-2017:3046","RHSA-2017:3453","RHSA-2017:3264","RHSA-2017:3047","RHSA-2017:3267","RHSA-2017:3268"],"bugzilla":"1501868","bugzilla_description":"CVE-2017-10285 OpenJDK: incorrect privilege use when handling unreferenced objects (RMI, 8174966)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6","java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7","java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.15-1jpp.2.el7","java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7","java-1.7.1-ibm-1:1.7.1.4.15-1jpp.3.el6_9","java-1.7.0-openjdk-1:1.7.0.161-2.6.12.0.el7_4","java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6","java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7","java-1.7.0-openjdk-1:1.7.0.161-2.6.12.0.el6_9","java-1.8.0-openjdk-1:1.8.0.151-1.b12.el6_9","java-1.8.0-openjdk-1:1.8.0.151-1.b12.el7_4","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10285.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2017-10346","severity":"critical","public_date":"2017-10-17T00:00:00Z","advisories":["RHSA-2017:2998","RHSA-2017:2999","RHSA-2017:3392","RHSA-2017:3046","RHSA-2017:3453","RHSA-2017:3264","RHSA-2017:3047","RHSA-2017:3267","RHSA-2017:3268"],"bugzilla":"1501873","bugzilla_description":"CVE-2017-10346 OpenJDK: insufficient loader constraints checks for invokespecial (Hotspot, 8180711)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6","java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7","java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.15-1jpp.2.el7","java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7","java-1.7.1-ibm-1:1.7.1.4.15-1jpp.3.el6_9","java-1.7.0-openjdk-1:1.7.0.161-2.6.12.0.el7_4","java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6","java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7","java-1.7.0-openjdk-1:1.7.0.161-2.6.12.0.el6_9","java-1.8.0-openjdk-1:1.8.0.151-1.b12.el6_9","java-1.8.0-openjdk-1:1.8.0.151-1.b12.el7_4","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10346.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2017-10388","severity":"important","public_date":"2017-10-17T00:00:00Z","advisories":["RHSA-2017:2998","RHSA-2017:2999","RHSA-2017:3392","RHSA-2017:3046","RHSA-2017:3453","RHSA-2017:3264","RHSA-2017:3047","RHSA-2017:3267","RHSA-2017:3268"],"bugzilla":"1502038","bugzilla_description":"CVE-2017-10388 OpenJDK: use of unprotected sname in Kerberos client (Libraries, 8178794)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-345","affected_packages":["java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6","java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7","java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.15-1jpp.2.el7","java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7","java-1.7.1-ibm-1:1.7.1.4.15-1jpp.3.el6_9","java-1.7.0-openjdk-1:1.7.0.161-2.6.12.0.el7_4","java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6","java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7","java-1.7.0-openjdk-1:1.7.0.161-2.6.12.0.el6_9","java-1.8.0-openjdk-1:1.8.0.151-1.b12.el6_9","java-1.8.0-openjdk-1:1.8.0.151-1.b12.el7_4","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10388.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N","cvss3_score":"6.8"},{"CVE":"CVE-2017-10274","severity":"important","public_date":"2017-10-17T00:00:00Z","advisories":["RHSA-2017:2998","RHSA-2017:2999","RHSA-2017:3392","RHSA-2017:3046","RHSA-2017:3047"],"bugzilla":"1502053","bugzilla_description":"CVE-2017-10274 OpenJDK: CardImpl incorrect state handling (Smart Card IO, 8169026)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6","java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7","java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6","java-1.8.0-openjdk-1:1.8.0.151-1.b12.el6_9","java-1.8.0-openjdk-1:1.8.0.151-1.b12.el7_4","java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7","java-1.7.0-openjdk-1:1.7.0.161-2.6.12.0.el7_4","java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6","java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7","java-1.7.0-openjdk-1:1.7.0.161-2.6.12.0.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10274.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N","cvss3_score":"6.8"},{"CVE":"CVE-2017-10349","severity":"moderate","public_date":"2017-10-17T00:00:00Z","advisories":["RHSA-2017:2998","RHSA-2017:2999","RHSA-2017:3392","RHSA-2017:3046","RHSA-2017:3453","RHSA-2017:3264","RHSA-2017:3047","RHSA-2017:3267","RHSA-2017:3268"],"bugzilla":"1502611","bugzilla_description":"CVE-2017-10349 OpenJDK: unbounded memory allocation in PredicatedNodeTest deserialization (JAXP, 8181327)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-770","affected_packages":["java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6","java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7","java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.15-1jpp.2.el7","java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7","java-1.7.1-ibm-1:1.7.1.4.15-1jpp.3.el6_9","java-1.7.0-openjdk-1:1.7.0.161-2.6.12.0.el7_4","java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6","java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7","java-1.7.0-openjdk-1:1.7.0.161-2.6.12.0.el6_9","java-1.8.0-openjdk-1:1.8.0.151-1.b12.el6_9","java-1.8.0-openjdk-1:1.8.0.151-1.b12.el7_4","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10349.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2017-10357","severity":"moderate","public_date":"2017-10-17T00:00:00Z","advisories":["RHSA-2017:2998","RHSA-2017:2999","RHSA-2017:3392","RHSA-2017:3046","RHSA-2017:3453","RHSA-2017:3264","RHSA-2017:3047","RHSA-2017:3267","RHSA-2017:3268"],"bugzilla":"1502614","bugzilla_description":"CVE-2017-10357 OpenJDK: unbounded memory allocation in ObjectInputStream deserialization (Serialization, 8181597)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-770","affected_packages":["java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6","java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7","java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.15-1jpp.2.el7","java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7","java-1.7.1-ibm-1:1.7.1.4.15-1jpp.3.el6_9","java-1.7.0-openjdk-1:1.7.0.161-2.6.12.0.el7_4","java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6","java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7","java-1.7.0-openjdk-1:1.7.0.161-2.6.12.0.el6_9","java-1.8.0-openjdk-1:1.8.0.151-1.b12.el6_9","java-1.8.0-openjdk-1:1.8.0.151-1.b12.el7_4","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10357.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2017-10348","severity":"moderate","public_date":"2017-10-17T00:00:00Z","advisories":["RHSA-2017:2998","RHSA-2017:2999","RHSA-2017:3392","RHSA-2017:3046","RHSA-2017:3453","RHSA-2017:3264","RHSA-2017:3047","RHSA-2017:3267","RHSA-2017:3268"],"bugzilla":"1502629","bugzilla_description":"CVE-2017-10348 OpenJDK: multiple unbounded memory allocations in deserialization (Libraries, 8181432)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-770","affected_packages":["java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6","java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7","java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.15-1jpp.2.el7","java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7","java-1.7.1-ibm-1:1.7.1.4.15-1jpp.3.el6_9","java-1.7.0-openjdk-1:1.7.0.161-2.6.12.0.el7_4","java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6","java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7","java-1.7.0-openjdk-1:1.7.0.161-2.6.12.0.el6_9","java-1.8.0-openjdk-1:1.8.0.151-1.b12.el6_9","java-1.8.0-openjdk-1:1.8.0.151-1.b12.el7_4","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10348.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2017-10347","severity":"moderate","public_date":"2017-10-17T00:00:00Z","advisories":["RHSA-2017:2998","RHSA-2017:2999","RHSA-2017:3392","RHSA-2017:3046","RHSA-2017:3453","RHSA-2017:3264","RHSA-2017:3047","RHSA-2017:3267","RHSA-2017:3268"],"bugzilla":"1502632","bugzilla_description":"CVE-2017-10347 OpenJDK: unbounded memory allocation in SimpleTimeZone deserialization (Serialization, 8181323)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-770","affected_packages":["java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6","java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7","java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.15-1jpp.2.el7","java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7","java-1.7.1-ibm-1:1.7.1.4.15-1jpp.3.el6_9","java-1.7.0-openjdk-1:1.7.0.161-2.6.12.0.el7_4","java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6","java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7","java-1.7.0-openjdk-1:1.7.0.161-2.6.12.0.el6_9","java-1.8.0-openjdk-1:1.8.0.151-1.b12.el6_9","java-1.8.0-openjdk-1:1.8.0.151-1.b12.el7_4","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10347.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2017-10350","severity":"moderate","public_date":"2017-10-17T00:00:00Z","advisories":["RHSA-2017:2998","RHSA-2017:2999","RHSA-2017:3392","RHSA-2017:3046","RHSA-2017:3453","RHSA-2017:3264","RHSA-2017:3267","RHSA-2017:3268"],"bugzilla":"1502640","bugzilla_description":"CVE-2017-10350 OpenJDK: unbounded memory allocation in JAXWSExceptionBase deserialization (JAX-WS, 8181100)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-770","affected_packages":["java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7","java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6","java-1.8.0-openjdk-1:1.8.0.151-1.b12.el6_9","java-1.7.1-ibm-1:1.7.1.4.15-1jpp.2.el7","java-1.8.0-openjdk-1:1.8.0.151-1.b12.el7_4","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7","java-1.7.1-ibm-1:1.7.1.4.15-1jpp.3.el6_9","java-1.7.0-openjdk-1:1.7.0.161-2.6.12.0.el7_4","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9","java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6","java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7","java-1.7.0-openjdk-1:1.7.0.161-2.6.12.0.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10350.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2017-10281","severity":"moderate","public_date":"2017-10-17T00:00:00Z","advisories":["RHSA-2017:2998","RHSA-2017:2999","RHSA-2017:3392","RHSA-2017:3046","RHSA-2017:3453","RHSA-2017:3264","RHSA-2017:3047","RHSA-2017:3267","RHSA-2017:3268"],"bugzilla":"1502649","bugzilla_description":"CVE-2017-10281 OpenJDK: multiple unbounded memory allocations in deserialization (Serialization, 8174109)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-770","affected_packages":["java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6","java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7","java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.15-1jpp.2.el7","java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7","java-1.7.1-ibm-1:1.7.1.4.15-1jpp.3.el6_9","java-1.7.0-openjdk-1:1.7.0.161-2.6.12.0.el7_4","java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6","java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7","java-1.7.0-openjdk-1:1.7.0.161-2.6.12.0.el6_9","java-1.8.0-openjdk-1:1.8.0.151-1.b12.el6_9","java-1.8.0-openjdk-1:1.8.0.151-1.b12.el7_4","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10281.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2017-10295","severity":"moderate","public_date":"2017-10-17T00:00:00Z","advisories":["RHSA-2017:2998","RHSA-2017:2999","RHSA-2017:3392","RHSA-2017:3046","RHSA-2017:3453","RHSA-2017:3264","RHSA-2017:3047","RHSA-2017:3267","RHSA-2017:3268"],"bugzilla":"1502687","bugzilla_description":"CVE-2017-10295 OpenJDK: HTTP client insufficient check for newline in URLs (Networking, 8176751)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-113","affected_packages":["java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6","java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7","java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.15-1jpp.2.el7","java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7","java-1.7.1-ibm-1:1.7.1.4.15-1jpp.3.el6_9","java-1.7.0-openjdk-1:1.7.0.161-2.6.12.0.el7_4","java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6","java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7","java-1.7.0-openjdk-1:1.7.0.161-2.6.12.0.el6_9","java-1.8.0-openjdk-1:1.8.0.151-1.b12.el6_9","java-1.8.0-openjdk-1:1.8.0.151-1.b12.el7_4","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10295.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N","cvss3_score":"3.7"},{"CVE":"CVE-2017-10345","severity":"low","public_date":"2017-10-17T00:00:00Z","advisories":["RHSA-2017:2998","RHSA-2017:2999","RHSA-2017:3392","RHSA-2017:3046","RHSA-2017:3453","RHSA-2017:3264","RHSA-2017:3047","RHSA-2017:3267","RHSA-2017:3268"],"bugzilla":"1502858","bugzilla_description":"CVE-2017-10345 OpenJDK: unbounded resource use in JceKeyStore deserialization (Serialization, 8181370)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-770","affected_packages":["java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6","java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7","java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.15-1jpp.2.el7","java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7","java-1.7.1-ibm-1:1.7.1.4.15-1jpp.3.el6_9","java-1.7.0-openjdk-1:1.7.0.161-2.6.12.0.el7_4","java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6","java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7","java-1.7.0-openjdk-1:1.7.0.161-2.6.12.0.el6_9","java-1.8.0-openjdk-1:1.8.0.151-1.b12.el6_9","java-1.8.0-openjdk-1:1.8.0.151-1.b12.el7_4","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10345.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.1"},{"CVE":"CVE-2017-10355","severity":"moderate","public_date":"2017-10-17T00:00:00Z","advisories":["RHSA-2017:2998","RHSA-2017:2999","RHSA-2017:3392","RHSA-2017:3046","RHSA-2017:3453","RHSA-2017:3264","RHSA-2017:3047","RHSA-2017:3267","RHSA-2017:3268"],"bugzilla":"1502869","bugzilla_description":"CVE-2017-10355 OpenJDK: no default network operations timeouts in FtpClient (Networking, 8181612)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6","java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7","java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.15-1jpp.2.el7","java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7","java-1.7.1-ibm-1:1.7.1.4.15-1jpp.3.el6_9","java-1.7.0-openjdk-1:1.7.0.161-2.6.12.0.el7_4","java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6","java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7","java-1.7.0-openjdk-1:1.7.0.161-2.6.12.0.el6_9","java-1.8.0-openjdk-1:1.8.0.151-1.b12.el6_9","java-1.8.0-openjdk-1:1.8.0.151-1.b12.el7_4","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10355.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2017-10356","severity":"moderate","public_date":"2017-10-17T00:00:00Z","advisories":["RHSA-2017:2998","RHSA-2017:2999","RHSA-2017:3392","RHSA-2017:3046","RHSA-2017:3453","RHSA-2017:3264","RHSA-2017:3047","RHSA-2017:3267","RHSA-2017:3268"],"bugzilla":"1503169","bugzilla_description":"CVE-2017-10356 OpenJDK: weak protection of key stores against brute forcing (Security, 8181692)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-327","affected_packages":["java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6","java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7","java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.15-1jpp.2.el7","java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7","java-1.7.1-ibm-1:1.7.1.4.15-1jpp.3.el6_9","java-1.7.0-openjdk-1:1.7.0.161-2.6.12.0.el7_4","java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6","java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7","java-1.7.0-openjdk-1:1.7.0.161-2.6.12.0.el6_9","java-1.8.0-openjdk-1:1.8.0.151-1.b12.el6_9","java-1.8.0-openjdk-1:1.8.0.151-1.b12.el7_4","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10356.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"6.2"},{"CVE":"CVE-2017-10309","severity":"important","public_date":"2017-10-17T00:00:00Z","advisories":["RHSA-2017:2999","RHSA-2017:3453","RHSA-2017:3264","RHSA-2017:3267"],"bugzilla":"1503319","bugzilla_description":"CVE-2017-10309 Oracle JDK: unspecified vulnerability fixed in 8u151 and 9.0.1 (Deployment)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9","java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10309.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L","cvss3_score":"7.1"},{"CVE":"CVE-2017-10293","severity":"moderate","public_date":"2017-10-17T00:00:00Z","advisories":["RHSA-2017:2999","RHSA-2017:3046","RHSA-2017:3047"],"bugzilla":"1503320","bugzilla_description":"CVE-2017-10293 Oracle JDK: unspecified vulnerability fixed in 6u171, 7u161, 8u151, and 9.0.1 (Javadoc)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6","java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7","java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6","java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7","java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6","java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10293.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2017-10107","severity":"critical","public_date":"2017-07-18T00:00:00Z","advisories":["RHSA-2017:1789","RHSA-2017:2424","RHSA-2017:2469","RHSA-2017:2481","RHSA-2017:1790","RHSA-2017:3453","RHSA-2017:1792","RHSA-2017:1791","RHSA-2017:2530"],"bugzilla":"1471266","bugzilla_description":"CVE-2017-10107 OpenJDK: insufficient access control checks in ActivationID (RMI, 8173697)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el6","java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el7_3","java-1.8.0-openjdk-1:1.8.0.141-1.b16.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.10-1jpp.2.el6_9","java-1.8.0-ibm-1:1.8.0.4.10-1jpp.3.el7","java-1.6.0-ibm-1:1.6.0.16.50-1jpp.1.el6_9","java-1.7.0-openjdk-1:1.7.0.151-2.6.11.1.el7_4","java-1.8.0-ibm-1:1.8.0.4.10-1jpp.1.el6_9","java-1.7.1-ibm-1:1.7.1.4.10-1jpp.3.el7","java-1.6.0-sun-1:1.6.0.161-1jpp.3.el7_3","java-1.8.0-openjdk-1:1.8.0.141-2.b16.el6_9","java-1.6.0-sun-1:1.6.0.161-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9","java-1.7.0-openjdk-1:1.7.0.151-2.6.11.0.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10107.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2017-10089","severity":"critical","public_date":"2017-07-18T00:00:00Z","advisories":["RHSA-2017:1789","RHSA-2017:2424","RHSA-2017:2469","RHSA-2017:2481","RHSA-2017:1790","RHSA-2017:3453","RHSA-2017:1792","RHSA-2017:1791","RHSA-2017:2530"],"bugzilla":"1471270","bugzilla_description":"CVE-2017-10089 OpenJDK: insufficient access control checks in ServiceRegistry (ImageIO, 8172461)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el6","java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el7_3","java-1.8.0-openjdk-1:1.8.0.141-1.b16.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.10-1jpp.2.el6_9","java-1.8.0-ibm-1:1.8.0.4.10-1jpp.3.el7","java-1.6.0-ibm-1:1.6.0.16.50-1jpp.1.el6_9","java-1.7.0-openjdk-1:1.7.0.151-2.6.11.1.el7_4","java-1.8.0-ibm-1:1.8.0.4.10-1jpp.1.el6_9","java-1.7.1-ibm-1:1.7.1.4.10-1jpp.3.el7","java-1.6.0-sun-1:1.6.0.161-1jpp.3.el7_3","java-1.8.0-openjdk-1:1.8.0.141-2.b16.el6_9","java-1.6.0-sun-1:1.6.0.161-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9","java-1.7.0-openjdk-1:1.7.0.151-2.6.11.0.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10089.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2017-10090","severity":"critical","public_date":"2017-07-18T00:00:00Z","advisories":["RHSA-2017:1789","RHSA-2017:2424","RHSA-2017:2469","RHSA-2017:2481","RHSA-2017:1790","RHSA-2017:3453","RHSA-2017:1791"],"bugzilla":"1471517","bugzilla_description":"CVE-2017-10090 OpenJDK: insufficient access control checks in AsynchronousChannelGroupImpl (8172465, Libraries)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el6","java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el7_3","java-1.8.0-openjdk-1:1.8.0.141-1.b16.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.10-1jpp.2.el6_9","java-1.8.0-ibm-1:1.8.0.4.10-1jpp.3.el7","java-1.7.0-openjdk-1:1.7.0.151-2.6.11.1.el7_4","java-1.8.0-ibm-1:1.8.0.4.10-1jpp.1.el6_9","java-1.7.1-ibm-1:1.7.1.4.10-1jpp.3.el7","java-1.8.0-openjdk-1:1.8.0.141-2.b16.el6_9","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9","java-1.7.0-openjdk-1:1.7.0.151-2.6.11.0.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10090.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2017-10087","severity":"critical","public_date":"2017-07-18T00:00:00Z","advisories":["RHSA-2017:1789","RHSA-2017:2424","RHSA-2017:2469","RHSA-2017:2481","RHSA-2017:1790","RHSA-2017:3453","RHSA-2017:1792","RHSA-2017:1791","RHSA-2017:2530"],"bugzilla":"1471521","bugzilla_description":"CVE-2017-10087 OpenJDK: insufficient access control checks in ThreadPoolExecutor (Libraries, 8172204)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el6","java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el7_3","java-1.8.0-openjdk-1:1.8.0.141-1.b16.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.10-1jpp.2.el6_9","java-1.8.0-ibm-1:1.8.0.4.10-1jpp.3.el7","java-1.6.0-ibm-1:1.6.0.16.50-1jpp.1.el6_9","java-1.7.0-openjdk-1:1.7.0.151-2.6.11.1.el7_4","java-1.8.0-ibm-1:1.8.0.4.10-1jpp.1.el6_9","java-1.7.1-ibm-1:1.7.1.4.10-1jpp.3.el7","java-1.6.0-sun-1:1.6.0.161-1jpp.3.el7_3","java-1.8.0-openjdk-1:1.8.0.141-2.b16.el6_9","java-1.6.0-sun-1:1.6.0.161-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9","java-1.7.0-openjdk-1:1.7.0.151-2.6.11.0.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10087.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2017-10110","severity":"critical","public_date":"2017-07-18T00:00:00Z","advisories":["RHSA-2017:1789","RHSA-2017:2424","RHSA-2017:2469","RHSA-2017:2481","RHSA-2017:1790","RHSA-2017:3453","RHSA-2017:1792","RHSA-2017:1791","RHSA-2017:2530"],"bugzilla":"1471523","bugzilla_description":"CVE-2017-10110 OpenJDK: insufficient access control checks in ImageWatched (AWT, 8174098)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el6","java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el7_3","java-1.8.0-openjdk-1:1.8.0.141-1.b16.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.10-1jpp.2.el6_9","java-1.8.0-ibm-1:1.8.0.4.10-1jpp.3.el7","java-1.6.0-ibm-1:1.6.0.16.50-1jpp.1.el6_9","java-1.7.0-openjdk-1:1.7.0.151-2.6.11.1.el7_4","java-1.8.0-ibm-1:1.8.0.4.10-1jpp.1.el6_9","java-1.7.1-ibm-1:1.7.1.4.10-1jpp.3.el7","java-1.6.0-sun-1:1.6.0.161-1jpp.3.el7_3","java-1.8.0-openjdk-1:1.8.0.141-2.b16.el6_9","java-1.6.0-sun-1:1.6.0.161-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9","java-1.7.0-openjdk-1:1.7.0.151-2.6.11.0.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10110.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2017-10111","severity":"critical","public_date":"2017-07-18T00:00:00Z","advisories":["RHSA-2017:1789","RHSA-2017:1790"],"bugzilla":"1471526","bugzilla_description":"CVE-2017-10111 OpenJDK: incorrect range checks in LambdaFormEditor (Libraries, 8184185)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el6","java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el7_3","java-1.8.0-openjdk-1:1.8.0.141-2.b16.el6_9","java-1.8.0-openjdk-1:1.8.0.141-1.b16.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10111.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2017-10101","severity":"critical","public_date":"2017-07-18T00:00:00Z","advisories":["RHSA-2017:1789","RHSA-2017:2424","RHSA-2017:2469","RHSA-2017:2481","RHSA-2017:1790","RHSA-2017:3453","RHSA-2017:1792","RHSA-2017:1791","RHSA-2017:2530"],"bugzilla":"1471527","bugzilla_description":"CVE-2017-10101 OpenJDK: unrestricted access to com.sun.org.apache.xml.internal.resolver (JAXP, 8173286)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el6","java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el7_3","java-1.8.0-openjdk-1:1.8.0.141-1.b16.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.10-1jpp.2.el6_9","java-1.8.0-ibm-1:1.8.0.4.10-1jpp.3.el7","java-1.6.0-ibm-1:1.6.0.16.50-1jpp.1.el6_9","java-1.7.0-openjdk-1:1.7.0.151-2.6.11.1.el7_4","java-1.8.0-ibm-1:1.8.0.4.10-1jpp.1.el6_9","java-1.7.1-ibm-1:1.7.1.4.10-1jpp.3.el7","java-1.6.0-sun-1:1.6.0.161-1jpp.3.el7_3","java-1.8.0-openjdk-1:1.8.0.141-2.b16.el6_9","java-1.6.0-sun-1:1.6.0.161-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9","java-1.7.0-openjdk-1:1.7.0.151-2.6.11.0.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10101.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2017-10096","severity":"critical","public_date":"2017-07-18T00:00:00Z","advisories":["RHSA-2017:1789","RHSA-2017:2424","RHSA-2017:2469","RHSA-2017:2481","RHSA-2017:1790","RHSA-2017:3453","RHSA-2017:1792","RHSA-2017:1791","RHSA-2017:2530"],"bugzilla":"1471528","bugzilla_description":"CVE-2017-10096 OpenJDK: insufficient access control checks in XML transformations (JAXP, 8172469)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el6","java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el7_3","java-1.8.0-openjdk-1:1.8.0.141-1.b16.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.10-1jpp.2.el6_9","java-1.8.0-ibm-1:1.8.0.4.10-1jpp.3.el7","java-1.6.0-ibm-1:1.6.0.16.50-1jpp.1.el6_9","java-1.7.0-openjdk-1:1.7.0.151-2.6.11.1.el7_4","java-1.8.0-ibm-1:1.8.0.4.10-1jpp.1.el6_9","java-1.7.1-ibm-1:1.7.1.4.10-1jpp.3.el7","java-1.6.0-sun-1:1.6.0.161-1jpp.3.el7_3","java-1.8.0-openjdk-1:1.8.0.141-2.b16.el6_9","java-1.6.0-sun-1:1.6.0.161-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9","java-1.7.0-openjdk-1:1.7.0.151-2.6.11.0.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10096.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2017-10074","severity":"critical","public_date":"2017-07-18T00:00:00Z","advisories":["RHSA-2017:1789","RHSA-2017:2424","RHSA-2017:1790","RHSA-2017:1792","RHSA-2017:1791"],"bugzilla":"1471534","bugzilla_description":"CVE-2017-10074 OpenJDK: integer overflows in range check loop predicates (Hotspot, 8173770)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":["java-1.7.0-openjdk-1:1.7.0.151-2.6.11.1.el7_4","java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el6","java-1.6.0-sun-1:1.6.0.161-1jpp.3.el7_3","java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el7_3","java-1.8.0-openjdk-1:1.8.0.141-2.b16.el6_9","java-1.6.0-sun-1:1.6.0.161-1jpp.1.el6","java-1.8.0-openjdk-1:1.8.0.141-1.b16.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el6","java-1.7.0-openjdk-1:1.7.0.151-2.6.11.0.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10074.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-10067","severity":"important","public_date":"2017-07-18T00:00:00Z","advisories":["RHSA-2017:1789","RHSA-2017:2424","RHSA-2017:2469","RHSA-2017:2481","RHSA-2017:1790","RHSA-2017:3453","RHSA-2017:1792","RHSA-2017:1791","RHSA-2017:2530"],"bugzilla":"1471535","bugzilla_description":"CVE-2017-10067 OpenJDK: JAR verifier incorrect handling of missing digest (Security, 8169392)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el6","java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el7_3","java-1.8.0-openjdk-1:1.8.0.141-1.b16.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.10-1jpp.2.el6_9","java-1.8.0-ibm-1:1.8.0.4.10-1jpp.3.el7","java-1.6.0-ibm-1:1.6.0.16.50-1jpp.1.el6_9","java-1.7.0-openjdk-1:1.7.0.151-2.6.11.1.el7_4","java-1.8.0-ibm-1:1.8.0.4.10-1jpp.1.el6_9","java-1.7.1-ibm-1:1.7.1.4.10-1jpp.3.el7","java-1.6.0-sun-1:1.6.0.161-1jpp.3.el7_3","java-1.8.0-openjdk-1:1.8.0.141-2.b16.el6_9","java-1.6.0-sun-1:1.6.0.161-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9","java-1.7.0-openjdk-1:1.7.0.151-2.6.11.0.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10067.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-10109","severity":"moderate","public_date":"2017-07-18T00:00:00Z","advisories":["RHSA-2017:1789","RHSA-2017:2424","RHSA-2017:2469","RHSA-2017:2481","RHSA-2017:1790","RHSA-2017:3453","RHSA-2017:1792","RHSA-2017:1791","RHSA-2017:2530"],"bugzilla":"1471670","bugzilla_description":"CVE-2017-10109 OpenJDK: unbounded memory allocation in CodeSource deserialization (Serialization, 8174113)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-770","affected_packages":["java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el6","java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el7_3","java-1.8.0-openjdk-1:1.8.0.141-1.b16.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.10-1jpp.2.el6_9","java-1.8.0-ibm-1:1.8.0.4.10-1jpp.3.el7","java-1.6.0-ibm-1:1.6.0.16.50-1jpp.1.el6_9","java-1.7.0-openjdk-1:1.7.0.151-2.6.11.1.el7_4","java-1.8.0-ibm-1:1.8.0.4.10-1jpp.1.el6_9","java-1.7.1-ibm-1:1.7.1.4.10-1jpp.3.el7","java-1.6.0-sun-1:1.6.0.161-1jpp.3.el7_3","java-1.8.0-openjdk-1:1.8.0.141-2.b16.el6_9","java-1.6.0-sun-1:1.6.0.161-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9","java-1.7.0-openjdk-1:1.7.0.151-2.6.11.0.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10109.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"4.3"},{"CVE":"CVE-2017-10081","severity":"moderate","public_date":"2017-07-18T00:00:00Z","advisories":["RHSA-2017:1789","RHSA-2017:2424","RHSA-2017:1790","RHSA-2017:1792","RHSA-2017:1791"],"bugzilla":"1471711","bugzilla_description":"CVE-2017-10081 OpenJDK: incorrect bracket processing in function signature handling (Hotspot, 8170966)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.151-2.6.11.1.el7_4","java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el6","java-1.6.0-sun-1:1.6.0.161-1jpp.3.el7_3","java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el7_3","java-1.8.0-openjdk-1:1.8.0.141-2.b16.el6_9","java-1.6.0-sun-1:1.6.0.161-1jpp.1.el6","java-1.8.0-openjdk-1:1.8.0.141-1.b16.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el6","java-1.7.0-openjdk-1:1.7.0.151-2.6.11.0.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10081.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2017-10193","severity":"low","public_date":"2017-07-18T00:00:00Z","advisories":["RHSA-2017:1789","RHSA-2017:3392","RHSA-2017:1790","RHSA-2017:1792","RHSA-2017:1791"],"bugzilla":"1471715","bugzilla_description":"CVE-2017-10193 OpenJDK: incorrect key size constraint check (Security, 8179101)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el6","java-1.6.0-sun-1:1.6.0.161-1jpp.3.el7_3","java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el7_3","java-1.8.0-openjdk-1:1.8.0.141-2.b16.el6_9","java-1.6.0-sun-1:1.6.0.161-1jpp.1.el6","java-1.7.0-openjdk-1:1.7.0.161-2.6.12.0.el7_4","java-1.8.0-openjdk-1:1.8.0.141-1.b16.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el6","java-1.7.0-openjdk-1:1.7.0.161-2.6.12.0.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10193.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N","cvss3_score":"3.1"},{"CVE":"CVE-2017-10116","severity":"important","public_date":"2017-07-18T00:00:00Z","advisories":["RHSA-2017:1789","RHSA-2017:2424","RHSA-2017:2469","RHSA-2017:2481","RHSA-2017:1790","RHSA-2017:3453","RHSA-2017:1792","RHSA-2017:1791","RHSA-2017:2530"],"bugzilla":"1471738","bugzilla_description":"CVE-2017-10116 OpenJDK: LDAPCertStore following referrals to non-LDAP URLs (Security, 8176067)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el6","java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el7_3","java-1.8.0-openjdk-1:1.8.0.141-1.b16.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.10-1jpp.2.el6_9","java-1.8.0-ibm-1:1.8.0.4.10-1jpp.3.el7","java-1.6.0-ibm-1:1.6.0.16.50-1jpp.1.el6_9","java-1.7.0-openjdk-1:1.7.0.151-2.6.11.1.el7_4","java-1.8.0-ibm-1:1.8.0.4.10-1jpp.1.el6_9","java-1.7.1-ibm-1:1.7.1.4.10-1jpp.3.el7","java-1.6.0-sun-1:1.6.0.161-1jpp.3.el7_3","java-1.8.0-openjdk-1:1.8.0.141-2.b16.el6_9","java-1.6.0-sun-1:1.6.0.161-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9","java-1.7.0-openjdk-1:1.7.0.151-2.6.11.0.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10116.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H","cvss3_score":"8.3"},{"CVE":"CVE-2017-10115","severity":"moderate","public_date":"2017-07-18T00:00:00Z","advisories":["RHSA-2017:1789","RHSA-2017:2424","RHSA-2017:2469","RHSA-2017:2481","RHSA-2017:1790","RHSA-2017:3453","RHSA-2017:1792","RHSA-2017:1791","RHSA-2017:2530"],"bugzilla":"1471851","bugzilla_description":"CVE-2017-10115 OpenJDK: DSA implementation timing attack (JCE, 8175106)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-385","affected_packages":["java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el6","java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el7_3","java-1.8.0-openjdk-1:1.8.0.141-1.b16.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.10-1jpp.2.el6_9","java-1.8.0-ibm-1:1.8.0.4.10-1jpp.3.el7","java-1.6.0-ibm-1:1.6.0.16.50-1jpp.1.el6_9","java-1.7.0-openjdk-1:1.7.0.151-2.6.11.1.el7_4","java-1.8.0-ibm-1:1.8.0.4.10-1jpp.1.el6_9","java-1.7.1-ibm-1:1.7.1.4.10-1jpp.3.el7","java-1.6.0-sun-1:1.6.0.161-1jpp.3.el7_3","java-1.8.0-openjdk-1:1.8.0.141-2.b16.el6_9","java-1.6.0-sun-1:1.6.0.161-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9","java-1.7.0-openjdk-1:1.7.0.151-2.6.11.0.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10115.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2017-10135","severity":"low","public_date":"2017-07-18T00:00:00Z","advisories":["RHSA-2017:1789","RHSA-2017:2424","RHSA-2017:1790","RHSA-2017:1792","RHSA-2017:1791"],"bugzilla":"1471871","bugzilla_description":"CVE-2017-10135 OpenJDK: PKCS#8 implementation timing attack (JCE, 8176760)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-385","affected_packages":["java-1.7.0-openjdk-1:1.7.0.151-2.6.11.1.el7_4","java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el6","java-1.6.0-sun-1:1.6.0.161-1jpp.3.el7_3","java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el7_3","java-1.8.0-openjdk-1:1.8.0.141-2.b16.el6_9","java-1.6.0-sun-1:1.6.0.161-1jpp.1.el6","java-1.8.0-openjdk-1:1.8.0.141-1.b16.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el6","java-1.7.0-openjdk-1:1.7.0.151-2.6.11.0.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10135.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2017-10108","severity":"moderate","public_date":"2017-07-18T00:00:00Z","advisories":["RHSA-2017:1789","RHSA-2017:2424","RHSA-2017:2469","RHSA-2017:2481","RHSA-2017:1790","RHSA-2017:3453","RHSA-2017:1792","RHSA-2017:1791","RHSA-2017:2530"],"bugzilla":"1471888","bugzilla_description":"CVE-2017-10108 OpenJDK: unbounded memory allocation in BasicAttribute deserialization (Serialization, 8174105)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-770","affected_packages":["java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el6","java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el7_3","java-1.8.0-openjdk-1:1.8.0.141-1.b16.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.10-1jpp.2.el6_9","java-1.8.0-ibm-1:1.8.0.4.10-1jpp.3.el7","java-1.6.0-ibm-1:1.6.0.16.50-1jpp.1.el6_9","java-1.7.0-openjdk-1:1.7.0.151-2.6.11.1.el7_4","java-1.8.0-ibm-1:1.8.0.4.10-1jpp.1.el6_9","java-1.7.1-ibm-1:1.7.1.4.10-1jpp.3.el7","java-1.6.0-sun-1:1.6.0.161-1jpp.3.el7_3","java-1.8.0-openjdk-1:1.8.0.141-2.b16.el6_9","java-1.6.0-sun-1:1.6.0.161-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9","java-1.7.0-openjdk-1:1.7.0.151-2.6.11.0.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10108.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"4.3"},{"CVE":"CVE-2017-10053","severity":"low","public_date":"2017-07-18T00:00:00Z","advisories":["RHSA-2017:1789","RHSA-2017:2424","RHSA-2017:2469","RHSA-2017:2481","RHSA-2017:1790","RHSA-2017:3453","RHSA-2017:1792","RHSA-2017:1791","RHSA-2017:2530"],"bugzilla":"1471889","bugzilla_description":"CVE-2017-10053 OpenJDK: reading of unprocessed image data in JPEGImageReader (2D, 8169209)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-770","affected_packages":["java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el6","java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el7_3","java-1.8.0-openjdk-1:1.8.0.141-1.b16.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.10-1jpp.2.el6_9","java-1.8.0-ibm-1:1.8.0.4.10-1jpp.3.el7","java-1.6.0-ibm-1:1.6.0.16.50-1jpp.1.el6_9","java-1.7.0-openjdk-1:1.7.0.151-2.6.11.1.el7_4","java-1.8.0-ibm-1:1.8.0.4.10-1jpp.1.el6_9","java-1.7.1-ibm-1:1.7.1.4.10-1jpp.3.el7","java-1.6.0-sun-1:1.6.0.161-1jpp.3.el7_3","java-1.8.0-openjdk-1:1.8.0.141-2.b16.el6_9","java-1.6.0-sun-1:1.6.0.161-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9","java-1.7.0-openjdk-1:1.7.0.151-2.6.11.0.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10053.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2017-10078","severity":"important","public_date":"2017-07-18T00:00:00Z","advisories":["RHSA-2017:1789","RHSA-2017:2469","RHSA-2017:1790","RHSA-2017:3453"],"bugzilla":"1471898","bugzilla_description":"CVE-2017-10078 OpenJDK: Nashorn incompletely blocking access to Java APIs (Scripting, 8171539)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.4.10-1jpp.1.el6_9","java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el7_3","java-1.8.0-openjdk-1:1.8.0.141-2.b16.el6_9","java-1.8.0-openjdk-1:1.8.0.141-1.b16.el7_3","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9","java-1.8.0-ibm-1:1.8.0.4.10-1jpp.3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10078.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"8.1"},{"CVE":"CVE-2017-10198","severity":"moderate","public_date":"2017-07-18T00:00:00Z","advisories":["RHSA-2017:1789","RHSA-2017:3392","RHSA-2017:1790","RHSA-2017:1792","RHSA-2017:1791"],"bugzilla":"1472320","bugzilla_description":"CVE-2017-10198 OpenJDK: incorrect enforcement of certificate path restrictions (Security, 8179998)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el6","java-1.6.0-sun-1:1.6.0.161-1jpp.3.el7_3","java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el7_3","java-1.8.0-openjdk-1:1.8.0.141-2.b16.el6_9","java-1.6.0-sun-1:1.6.0.161-1jpp.1.el6","java-1.7.0-openjdk-1:1.7.0.161-2.6.12.0.el7_4","java-1.8.0-openjdk-1:1.8.0.141-1.b16.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el6","java-1.7.0-openjdk-1:1.7.0.161-2.6.12.0.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10198.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N","cvss3_score":"5.9"},{"CVE":"CVE-2017-10102","severity":"critical","public_date":"2017-07-18T00:00:00Z","advisories":["RHSA-2017:1789","RHSA-2017:2424","RHSA-2017:2469","RHSA-2017:2481","RHSA-2017:1790","RHSA-2017:3453","RHSA-2017:1792","RHSA-2017:1791","RHSA-2017:2530"],"bugzilla":"1472345","bugzilla_description":"CVE-2017-10102 OpenJDK: incorrect handling of references in DGC (RMI, 8163958)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el6","java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el7_3","java-1.8.0-openjdk-1:1.8.0.141-1.b16.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.10-1jpp.2.el6_9","java-1.8.0-ibm-1:1.8.0.4.10-1jpp.3.el7","java-1.6.0-ibm-1:1.6.0.16.50-1jpp.1.el6_9","java-1.7.0-openjdk-1:1.7.0.151-2.6.11.1.el7_4","java-1.8.0-ibm-1:1.8.0.4.10-1jpp.1.el6_9","java-1.7.1-ibm-1:1.7.1.4.10-1jpp.3.el7","java-1.6.0-sun-1:1.6.0.161-1jpp.3.el7_3","java-1.8.0-openjdk-1:1.8.0.141-2.b16.el6_9","java-1.6.0-sun-1:1.6.0.161-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9","java-1.7.0-openjdk-1:1.7.0.151-2.6.11.0.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10102.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2017-10118","severity":"moderate","public_date":"2017-07-18T00:00:00Z","advisories":["RHSA-2017:1790","RHSA-2017:1791"],"bugzilla":"1472470","bugzilla_description":"CVE-2017-10118 OpenJDK: ECDSA implementation timing attack (JCE, 8175110)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-385","affected_packages":["java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el6","java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10118.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2017-10176","severity":"moderate","public_date":"2017-07-18T00:00:00Z","advisories":["RHSA-2017:1790","RHSA-2017:1791"],"bugzilla":"1472476","bugzilla_description":"CVE-2017-10176 OpenJDK: incorrect handling of certain EC points (Security, 8178135)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el6","java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10176.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2017-10086","severity":"critical","public_date":"2017-07-18T00:00:00Z","advisories":["RHSA-2017:1790","RHSA-2017:1791"],"bugzilla":"1472657","bugzilla_description":"CVE-2017-10086 Oracle JDK: unspecified vulnerability fixed in 7u151 and 8u141 (JavaFX)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el6","java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10086.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2017-10114","severity":"critical","public_date":"2017-07-18T00:00:00Z","advisories":["RHSA-2017:1790","RHSA-2017:1791"],"bugzilla":"1472662","bugzilla_description":"CVE-2017-10114 Oracle JDK: unspecified vulnerability fixed in 7u151 and 8u141 (JavaFX)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el6","java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10114.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-10125","severity":"important","public_date":"2017-07-18T00:00:00Z","advisories":[],"bugzilla":"1472664","bugzilla_description":"CVE-2017-10125 Oracle JDK: unspecified vulnerability fixed in 7u151 and 8u141 (Deployment)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10125.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.4"},{"CVE":"CVE-2017-10243","severity":"moderate","public_date":"2017-07-18T00:00:00Z","advisories":["RHSA-2017:1789","RHSA-2017:2424","RHSA-2017:2469","RHSA-2017:2481","RHSA-2017:1790","RHSA-2017:3453","RHSA-2017:1792","RHSA-2017:1791","RHSA-2017:2530"],"bugzilla":"1472666","bugzilla_description":"CVE-2017-10243 OpenJDK: insecure XML parsing in wsdlimport (JAX-WS, 8182054)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el6","java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el7_3","java-1.8.0-openjdk-1:1.8.0.141-1.b16.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.10-1jpp.2.el6_9","java-1.8.0-ibm-1:1.8.0.4.10-1jpp.3.el7","java-1.6.0-ibm-1:1.6.0.16.50-1jpp.1.el6_9","java-1.7.0-openjdk-1:1.7.0.151-2.6.11.1.el7_4","java-1.8.0-ibm-1:1.8.0.4.10-1jpp.1.el6_9","java-1.7.1-ibm-1:1.7.1.4.10-1jpp.3.el7","java-1.6.0-sun-1:1.6.0.161-1jpp.3.el7_3","java-1.8.0-openjdk-1:1.8.0.141-2.b16.el6_9","java-1.6.0-sun-1:1.6.0.161-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9","java-1.7.0-openjdk-1:1.7.0.151-2.6.11.0.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10243.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L","cvss3_score":"6.5"},{"CVE":"CVE-2017-10105","severity":"moderate","public_date":"2017-07-18T00:00:00Z","advisories":["RHSA-2017:2469","RHSA-2017:2481","RHSA-2017:1790","RHSA-2017:3453","RHSA-2017:1792","RHSA-2017:1791","RHSA-2017:2530"],"bugzilla":"1472667","bugzilla_description":"CVE-2017-10105 Oracle JDK: unspecified vulnerability fixed in 6u161, 7u151, and 8u141 (Deployment)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.6.0-ibm-1:1.6.0.16.50-1jpp.1.el6_9","java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.4.10-1jpp.1.el6_9","java-1.7.1-ibm-1:1.7.1.4.10-1jpp.3.el7","java-1.6.0-sun-1:1.6.0.161-1jpp.3.el7_3","java-1.8.0-oracle-1:1.8.0.141-1jpp.1.el7_3","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el7_3","java-1.6.0-sun-1:1.6.0.161-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9","java-1.7.0-oracle-1:1.7.0.151-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.10-1jpp.2.el6_9","java-1.8.0-ibm-1:1.8.0.4.10-1jpp.3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10105.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2017-3511","severity":"moderate","public_date":"2017-04-18T00:00:00Z","advisories":["RHSA-2017:1204","RHSA-2017:1118","RHSA-2017:1117","RHSA-2017:1109","RHSA-2017:1108","RHSA-2017:3453","RHSA-2017:1220","RHSA-2017:1221"],"bugzilla":"1443007","bugzilla_description":"CVE-2017-3511 OpenJDK: untrusted extension directories search path in Launcher (JCE, 8163528)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-426","affected_packages":["java-1.7.0-oracle-1:1.7.0.141-1jpp.1.el7_3","java-1.8.0-oracle-1:1.8.0.131-1jpp.1.el7_3","java-1.7.0-openjdk-1:1.7.0.141-2.6.10.1.el6_9","java-1.8.0-openjdk-1:1.8.0.131-0.b11.el6_9","java-1.8.0-ibm-1:1.8.0.4.5-1jpp.1.el6_9","java-1.7.0-openjdk-1:1.7.0.141-2.6.10.1.el7_3","java-1.8.0-ibm-1:1.8.0.4.5-1jpp.1.el7_3","java-1.8.0-oracle-1:1.8.0.131-1jpp.1.el6","java-1.8.0-openjdk-1:1.8.0.131-2.b11.el7_3","java-1.7.0-oracle-1:1.7.0.141-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.5-1jpp.2.el6_9","java-1.7.1-ibm-1:1.7.1.4.5-1jpp.1.el7_3","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3511.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2017-3509","severity":"moderate","public_date":"2017-04-18T00:00:00Z","advisories":["RHSA-2017:1204","RHSA-2017:1118","RHSA-2017:1117","RHSA-2017:1109","RHSA-2017:1119","RHSA-2017:1108","RHSA-2017:3453","RHSA-2017:1220","RHSA-2017:1222","RHSA-2017:1221"],"bugzilla":"1443052","bugzilla_description":"CVE-2017-3509 OpenJDK: improper re-use of NTLM authenticated connections (Networking, 8163520)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-287","affected_packages":["java-1.7.0-oracle-1:1.7.0.141-1jpp.1.el7_3","java-1.8.0-oracle-1:1.8.0.131-1jpp.1.el7_3","java-1.7.0-openjdk-1:1.7.0.141-2.6.10.1.el6_9","java-1.8.0-openjdk-1:1.8.0.131-0.b11.el6_9","java-1.8.0-ibm-1:1.8.0.4.5-1jpp.1.el6_9","java-1.7.0-openjdk-1:1.7.0.141-2.6.10.1.el7_3","java-1.8.0-ibm-1:1.8.0.4.5-1jpp.1.el7_3","java-1.8.0-oracle-1:1.8.0.131-1jpp.1.el6","java-1.6.0-ibm-1:1.6.0.16.45-1jpp.1.el6_9","java-1.8.0-openjdk-1:1.8.0.131-2.b11.el7_3","java-1.7.0-oracle-1:1.7.0.141-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.5-1jpp.2.el6_9","java-1.7.1-ibm-1:1.7.1.4.5-1jpp.1.el7_3","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9","java-1.6.0-sun-1:1.6.0.151-1jpp.1.el6","java-1.6.0-sun-1:1.6.0.151-1jpp.1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3509.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N","cvss3_score":"4.2"},{"CVE":"CVE-2017-3544","severity":"low","public_date":"2017-04-18T00:00:00Z","advisories":["RHSA-2017:1204","RHSA-2017:1118","RHSA-2017:1117","RHSA-2017:1109","RHSA-2017:1119","RHSA-2017:1108","RHSA-2017:3453","RHSA-2017:1220","RHSA-2017:1222","RHSA-2017:1221"],"bugzilla":"1443068","bugzilla_description":"CVE-2017-3544 OpenJDK: newline injection in the SMTP client (Networking, 8171533)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["java-1.7.0-oracle-1:1.7.0.141-1jpp.1.el7_3","java-1.8.0-oracle-1:1.8.0.131-1jpp.1.el7_3","java-1.7.0-openjdk-1:1.7.0.141-2.6.10.1.el6_9","java-1.8.0-openjdk-1:1.8.0.131-0.b11.el6_9","java-1.8.0-ibm-1:1.8.0.4.5-1jpp.1.el6_9","java-1.7.0-openjdk-1:1.7.0.141-2.6.10.1.el7_3","java-1.8.0-ibm-1:1.8.0.4.5-1jpp.1.el7_3","java-1.8.0-oracle-1:1.8.0.131-1jpp.1.el6","java-1.6.0-ibm-1:1.6.0.16.45-1jpp.1.el6_9","java-1.8.0-openjdk-1:1.8.0.131-2.b11.el7_3","java-1.7.0-oracle-1:1.7.0.141-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.5-1jpp.2.el6_9","java-1.7.1-ibm-1:1.7.1.4.5-1jpp.1.el7_3","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9","java-1.6.0-sun-1:1.6.0.151-1jpp.1.el6","java-1.6.0-sun-1:1.6.0.151-1jpp.1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3544.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N","cvss3_score":"3.7"},{"CVE":"CVE-2017-3539","severity":"moderate","public_date":"2017-04-18T00:00:00Z","advisories":["RHSA-2017:1204","RHSA-2017:1118","RHSA-2017:1117","RHSA-2017:1109","RHSA-2017:1119","RHSA-2017:1108","RHSA-2017:3453","RHSA-2017:1220","RHSA-2017:1222","RHSA-2017:1221"],"bugzilla":"1443097","bugzilla_description":"CVE-2017-3539 OpenJDK: MD5 allowed for jar verification (Security, 8171121)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-327","affected_packages":["java-1.7.0-oracle-1:1.7.0.141-1jpp.1.el7_3","java-1.8.0-oracle-1:1.8.0.131-1jpp.1.el7_3","java-1.7.0-openjdk-1:1.7.0.141-2.6.10.1.el6_9","java-1.8.0-openjdk-1:1.8.0.131-0.b11.el6_9","java-1.8.0-ibm-1:1.8.0.4.5-1jpp.1.el6_9","java-1.7.0-openjdk-1:1.7.0.141-2.6.10.1.el7_3","java-1.8.0-ibm-1:1.8.0.4.5-1jpp.1.el7_3","java-1.8.0-oracle-1:1.8.0.131-1jpp.1.el6","java-1.6.0-ibm-1:1.6.0.16.45-1jpp.1.el6_9","java-1.8.0-openjdk-1:1.8.0.131-2.b11.el7_3","java-1.7.0-oracle-1:1.7.0.141-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.5-1jpp.2.el6_9","java-1.7.1-ibm-1:1.7.1.4.5-1jpp.1.el7_3","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9","java-1.6.0-sun-1:1.6.0.151-1jpp.1.el6","java-1.6.0-sun-1:1.6.0.151-1jpp.1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3539.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N","cvss3_score":"3.1"},{"CVE":"CVE-2017-3526","severity":"moderate","public_date":"2017-04-18T00:00:00Z","advisories":["RHSA-2017:1204","RHSA-2017:1118","RHSA-2017:1117","RHSA-2017:1109","RHSA-2017:1119","RHSA-2017:1108"],"bugzilla":"1443252","bugzilla_description":"CVE-2017-3526 OpenJDK: incomplete XML parse tree size enforcement (JAXP, 8169011)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-770","affected_packages":["java-1.7.0-oracle-1:1.7.0.141-1jpp.1.el7_3","java-1.8.0-openjdk-1:1.8.0.131-2.b11.el7_3","java-1.8.0-oracle-1:1.8.0.131-1jpp.1.el7_3","java-1.7.0-oracle-1:1.7.0.141-1jpp.1.el6","java-1.7.0-openjdk-1:1.7.0.141-2.6.10.1.el6_9","java-1.8.0-openjdk-1:1.8.0.131-0.b11.el6_9","java-1.7.0-openjdk-1:1.7.0.141-2.6.10.1.el7_3","java-1.8.0-oracle-1:1.8.0.131-1jpp.1.el6","java-1.6.0-sun-1:1.6.0.151-1jpp.1.el6","java-1.6.0-sun-1:1.6.0.151-1jpp.1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3526.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-3512","severity":"critical","public_date":"2017-04-18T00:00:00Z","advisories":[],"bugzilla":"1443455","bugzilla_description":"CVE-2017-3512 OpenJDK: window framing issues on MacOSX (AWT, 8165626)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3512.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-3514","severity":"critical","public_date":"2017-04-18T00:00:00Z","advisories":[],"bugzilla":"1443469","bugzilla_description":"CVE-2017-3514 OpenJDK: peering issues on Windows (AWT, 8167110)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3514.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-3533","severity":"low","public_date":"2017-02-18T00:00:00Z","advisories":["RHSA-2017:1204","RHSA-2017:1118","RHSA-2017:1117","RHSA-2017:1109","RHSA-2017:1119","RHSA-2017:1108","RHSA-2017:3453","RHSA-2017:1220","RHSA-2017:1222","RHSA-2017:1221"],"bugzilla":"1443083","bugzilla_description":"CVE-2017-3533 OpenJDK: newline injection in the FTP client (Networking, 8170222)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["java-1.7.0-oracle-1:1.7.0.141-1jpp.1.el7_3","java-1.8.0-oracle-1:1.8.0.131-1jpp.1.el7_3","java-1.7.0-openjdk-1:1.7.0.141-2.6.10.1.el6_9","java-1.8.0-openjdk-1:1.8.0.131-0.b11.el6_9","java-1.8.0-ibm-1:1.8.0.4.5-1jpp.1.el6_9","java-1.7.0-openjdk-1:1.7.0.141-2.6.10.1.el7_3","java-1.8.0-ibm-1:1.8.0.4.5-1jpp.1.el7_3","java-1.8.0-oracle-1:1.8.0.131-1jpp.1.el6","java-1.6.0-ibm-1:1.6.0.16.45-1jpp.1.el6_9","java-1.8.0-openjdk-1:1.8.0.131-2.b11.el7_3","java-1.7.0-oracle-1:1.7.0.141-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.5-1jpp.2.el6_9","java-1.7.1-ibm-1:1.7.1.4.5-1jpp.1.el7_3","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9","java-1.6.0-sun-1:1.6.0.151-1jpp.1.el6","java-1.6.0-sun-1:1.6.0.151-1jpp.1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3533.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N","cvss3_score":"3.7"},{"CVE":"CVE-2017-3272","severity":"critical","public_date":"2017-01-17T00:00:00Z","advisories":["RHSA-2017:0269","RHSA-2017:0337","RHSA-2017:0336","RHSA-2017:1216","RHSA-2017:0180","RHSA-2017:0338","RHSA-2017:0175","RHSA-2017:0263","RHSA-2017:0177","RHSA-2017:0176"],"bugzilla":"1413554","bugzilla_description":"CVE-2017-3272 OpenJDK: insufficient protected field access checks in atomic field updaters (Libraries, 8165344)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el6_8","java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3","java-1.8.0-ibm-1:1.8.0.4.0-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el5_11","java-1.7.0-openjdk-1:1.7.0.131-2.6.9.0.el6_8","java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7","java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8","java-1.7.0-openjdk-1:1.7.0.131-2.6.9.0.el5_11","java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11","java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8","java-1.7.0-openjdk-1:1.7.0.131-2.6.9.0.el7_3","java-1.6.0-sun-1:1.6.0.141-1jpp.1.el5_11","java-1.6.0-sun-1:1.6.0.141-1jpp.1.el7_3","java-1.8.0-ibm-1:1.8.0.4.0-1jpp.1.el6_8","java-1.6.0-sun-1:1.6.0.141-1jpp.1.el6_8","java-1.8.0-openjdk-1:1.8.0.121-0.b13.el6_8","java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el7_3","java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8","java-1.8.0-openjdk-1:1.8.0.121-0.b13.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3272.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2017-3289","severity":"critical","public_date":"2017-01-17T00:00:00Z","advisories":["RHSA-2017:0269","RHSA-2017:0337","RHSA-2017:0336","RHSA-2017:1216","RHSA-2017:0180","RHSA-2017:0175","RHSA-2017:0263","RHSA-2017:0176"],"bugzilla":"1413562","bugzilla_description":"CVE-2017-3289 OpenJDK: insecure class construction (Hotspot, 8167104)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el6_8","java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3","java-1.8.0-ibm-1:1.8.0.4.0-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el5_11","java-1.7.0-openjdk-1:1.7.0.131-2.6.9.0.el6_8","java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7","java-1.7.0-openjdk-1:1.7.0.131-2.6.9.0.el5_11","java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11","java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8","java-1.7.0-openjdk-1:1.7.0.131-2.6.9.0.el7_3","java-1.8.0-ibm-1:1.8.0.4.0-1jpp.1.el6_8","java-1.8.0-openjdk-1:1.8.0.121-0.b13.el6_8","java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el7_3","java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8","java-1.8.0-openjdk-1:1.8.0.121-0.b13.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3289.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2017-3253","severity":"moderate","public_date":"2017-01-17T00:00:00Z","advisories":["RHSA-2017:0269","RHSA-2017:0337","RHSA-2017:0336","RHSA-2017:1216","RHSA-2017:0180","RHSA-2017:0338","RHSA-2017:0175","RHSA-2017:0263","RHSA-2017:0177","RHSA-2017:0176"],"bugzilla":"1413583","bugzilla_description":"CVE-2017-3253 OpenJDK: imageio PNGImageReader failed to honor ignoreMetadata for iTXt and zTXt chunks (2D, 8166988)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-770","affected_packages":["java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el6_8","java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3","java-1.8.0-ibm-1:1.8.0.4.0-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el5_11","java-1.7.0-openjdk-1:1.7.0.131-2.6.9.0.el6_8","java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7","java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8","java-1.7.0-openjdk-1:1.7.0.131-2.6.9.0.el5_11","java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11","java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8","java-1.7.0-openjdk-1:1.7.0.131-2.6.9.0.el7_3","java-1.6.0-sun-1:1.6.0.141-1jpp.1.el5_11","java-1.6.0-sun-1:1.6.0.141-1jpp.1.el7_3","java-1.8.0-ibm-1:1.8.0.4.0-1jpp.1.el6_8","java-1.6.0-sun-1:1.6.0.141-1jpp.1.el6_8","java-1.8.0-openjdk-1:1.8.0.121-0.b13.el6_8","java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el7_3","java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8","java-1.8.0-openjdk-1:1.8.0.121-0.b13.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3253.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2017-3261","severity":"moderate","public_date":"2017-01-17T00:00:00Z","advisories":["RHSA-2017:0269","RHSA-2017:0337","RHSA-2017:0336","RHSA-2017:1216","RHSA-2017:0180","RHSA-2017:0338","RHSA-2017:0175","RHSA-2017:0263","RHSA-2017:0177","RHSA-2017:0176"],"bugzilla":"1413653","bugzilla_description":"CVE-2017-3261 OpenJDK: integer overflow in SocketOutputStream boundary check (Networking, 8164147)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190->CWE-125","affected_packages":["java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el6_8","java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3","java-1.8.0-ibm-1:1.8.0.4.0-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el5_11","java-1.7.0-openjdk-1:1.7.0.131-2.6.9.0.el6_8","java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7","java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8","java-1.7.0-openjdk-1:1.7.0.131-2.6.9.0.el5_11","java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11","java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8","java-1.7.0-openjdk-1:1.7.0.131-2.6.9.0.el7_3","java-1.6.0-sun-1:1.6.0.141-1jpp.1.el5_11","java-1.6.0-sun-1:1.6.0.141-1jpp.1.el7_3","java-1.8.0-ibm-1:1.8.0.4.0-1jpp.1.el6_8","java-1.6.0-sun-1:1.6.0.141-1jpp.1.el6_8","java-1.8.0-openjdk-1:1.8.0.121-0.b13.el6_8","java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el7_3","java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8","java-1.8.0-openjdk-1:1.8.0.121-0.b13.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3261.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2017-3231","severity":"moderate","public_date":"2017-01-17T00:00:00Z","advisories":["RHSA-2017:0269","RHSA-2017:0337","RHSA-2017:0336","RHSA-2017:1216","RHSA-2017:0180","RHSA-2017:0338","RHSA-2017:0175","RHSA-2017:0263","RHSA-2017:0177","RHSA-2017:0176"],"bugzilla":"1413717","bugzilla_description":"CVE-2017-3231 OpenJDK: URLClassLoader insufficient access control checks (Networking, 8151934)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el6_8","java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3","java-1.8.0-ibm-1:1.8.0.4.0-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el5_11","java-1.7.0-openjdk-1:1.7.0.131-2.6.9.0.el6_8","java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7","java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8","java-1.7.0-openjdk-1:1.7.0.131-2.6.9.0.el5_11","java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11","java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8","java-1.7.0-openjdk-1:1.7.0.131-2.6.9.0.el7_3","java-1.6.0-sun-1:1.6.0.141-1jpp.1.el5_11","java-1.6.0-sun-1:1.6.0.141-1jpp.1.el7_3","java-1.8.0-ibm-1:1.8.0.4.0-1jpp.1.el6_8","java-1.6.0-sun-1:1.6.0.141-1jpp.1.el6_8","java-1.8.0-openjdk-1:1.8.0.121-0.b13.el6_8","java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el7_3","java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8","java-1.8.0-openjdk-1:1.8.0.121-0.b13.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3231.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2016-5547","severity":"moderate","public_date":"2017-01-17T00:00:00Z","advisories":["RHSA-2017:0269","RHSA-2017:0337","RHSA-2017:0336","RHSA-2017:1216","RHSA-2017:0180","RHSA-2017:0175","RHSA-2017:0263","RHSA-2017:0176"],"bugzilla":"1413764","bugzilla_description":"CVE-2016-5547 OpenJDK: missing ObjectIdentifier length check (Libraries, 8168705)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-770","affected_packages":["java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el6_8","java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3","java-1.8.0-ibm-1:1.8.0.4.0-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el5_11","java-1.7.0-openjdk-1:1.7.0.131-2.6.9.0.el6_8","java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7","java-1.7.0-openjdk-1:1.7.0.131-2.6.9.0.el5_11","java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11","java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8","java-1.7.0-openjdk-1:1.7.0.131-2.6.9.0.el7_3","java-1.8.0-ibm-1:1.8.0.4.0-1jpp.1.el6_8","java-1.8.0-openjdk-1:1.8.0.121-0.b13.el6_8","java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el7_3","java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8","java-1.8.0-openjdk-1:1.8.0.121-0.b13.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5547.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2016-5552","severity":"moderate","public_date":"2017-01-17T00:00:00Z","advisories":["RHSA-2017:0269","RHSA-2017:0337","RHSA-2017:0336","RHSA-2017:1216","RHSA-2017:0180","RHSA-2017:0338","RHSA-2017:0175","RHSA-2017:0263","RHSA-2017:0177","RHSA-2017:0176"],"bugzilla":"1413882","bugzilla_description":"CVE-2016-5552 OpenJDK: incorrect URL parsing in URLStreamHandler (Networking, 8167223)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el6_8","java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3","java-1.8.0-ibm-1:1.8.0.4.0-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el5_11","java-1.7.0-openjdk-1:1.7.0.131-2.6.9.0.el6_8","java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7","java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8","java-1.7.0-openjdk-1:1.7.0.131-2.6.9.0.el5_11","java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11","java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8","java-1.7.0-openjdk-1:1.7.0.131-2.6.9.0.el7_3","java-1.6.0-sun-1:1.6.0.141-1jpp.1.el5_11","java-1.6.0-sun-1:1.6.0.141-1jpp.1.el7_3","java-1.8.0-ibm-1:1.8.0.4.0-1jpp.1.el6_8","java-1.6.0-sun-1:1.6.0.141-1jpp.1.el6_8","java-1.8.0-openjdk-1:1.8.0.121-0.b13.el6_8","java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el7_3","java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8","java-1.8.0-openjdk-1:1.8.0.121-0.b13.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5552.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2017-3252","severity":"moderate","public_date":"2017-01-17T00:00:00Z","advisories":["RHSA-2017:0269","RHSA-2017:0337","RHSA-2017:0336","RHSA-2017:1216","RHSA-2017:0180","RHSA-2017:0338","RHSA-2017:0175","RHSA-2017:0263","RHSA-2017:0177","RHSA-2017:0176"],"bugzilla":"1413906","bugzilla_description":"CVE-2017-3252 OpenJDK: LdapLoginModule incorrect userDN extraction (JAAS, 8161743)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el6_8","java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3","java-1.8.0-ibm-1:1.8.0.4.0-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el5_11","java-1.7.0-openjdk-1:1.7.0.131-2.6.9.0.el6_8","java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7","java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8","java-1.7.0-openjdk-1:1.7.0.131-2.6.9.0.el5_11","java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11","java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8","java-1.7.0-openjdk-1:1.7.0.131-2.6.9.0.el7_3","java-1.6.0-sun-1:1.6.0.141-1jpp.1.el5_11","java-1.6.0-sun-1:1.6.0.141-1jpp.1.el7_3","java-1.8.0-ibm-1:1.8.0.4.0-1jpp.1.el6_8","java-1.6.0-sun-1:1.6.0.141-1jpp.1.el6_8","java-1.8.0-openjdk-1:1.8.0.121-0.b13.el6_8","java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el7_3","java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8","java-1.8.0-openjdk-1:1.8.0.121-0.b13.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3252.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2016-5546","severity":"moderate","public_date":"2017-01-17T00:00:00Z","advisories":["RHSA-2017:0269","RHSA-2017:0337","RHSA-2017:0336","RHSA-2017:1216","RHSA-2017:0180","RHSA-2017:0338","RHSA-2017:0175","RHSA-2017:0263","RHSA-2017:0177","RHSA-2017:0176"],"bugzilla":"1413911","bugzilla_description":"CVE-2016-5546 OpenJDK: incorrect ECDSA signature extraction from the DER input (Libraries, 8168714)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el6_8","java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3","java-1.8.0-ibm-1:1.8.0.4.0-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el5_11","java-1.7.0-openjdk-1:1.7.0.131-2.6.9.0.el6_8","java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7","java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8","java-1.7.0-openjdk-1:1.7.0.131-2.6.9.0.el5_11","java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11","java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8","java-1.7.0-openjdk-1:1.7.0.131-2.6.9.0.el7_3","java-1.6.0-sun-1:1.6.0.141-1jpp.1.el5_11","java-1.6.0-sun-1:1.6.0.141-1jpp.1.el7_3","java-1.8.0-ibm-1:1.8.0.4.0-1jpp.1.el6_8","java-1.6.0-sun-1:1.6.0.141-1jpp.1.el6_8","java-1.8.0-openjdk-1:1.8.0.121-0.b13.el6_8","java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el7_3","java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8","java-1.8.0-openjdk-1:1.8.0.121-0.b13.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5546.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","cvss3_score":"7.5"},{"CVE":"CVE-2016-5548","severity":"important","public_date":"2017-01-17T00:00:00Z","advisories":["RHSA-2017:0269","RHSA-2017:0337","RHSA-2017:0336","RHSA-2017:1216","RHSA-2017:0180","RHSA-2017:0338","RHSA-2017:0175","RHSA-2017:0263","RHSA-2017:0177","RHSA-2017:0176"],"bugzilla":"1413920","bugzilla_description":"CVE-2016-5548 OpenJDK: DSA implementation timing attack (Libraries, 8168728)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-385","affected_packages":["java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el6_8","java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3","java-1.8.0-ibm-1:1.8.0.4.0-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el5_11","java-1.7.0-openjdk-1:1.7.0.131-2.6.9.0.el6_8","java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7","java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8","java-1.7.0-openjdk-1:1.7.0.131-2.6.9.0.el5_11","java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11","java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8","java-1.7.0-openjdk-1:1.7.0.131-2.6.9.0.el7_3","java-1.6.0-sun-1:1.6.0.141-1jpp.1.el5_11","java-1.6.0-sun-1:1.6.0.141-1jpp.1.el7_3","java-1.8.0-ibm-1:1.8.0.4.0-1jpp.1.el6_8","java-1.6.0-sun-1:1.6.0.141-1jpp.1.el6_8","java-1.8.0-openjdk-1:1.8.0.121-0.b13.el6_8","java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el7_3","java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8","java-1.8.0-openjdk-1:1.8.0.121-0.b13.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5548.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2016-5549","severity":"important","public_date":"2017-01-17T00:00:00Z","advisories":["RHSA-2017:0337","RHSA-2017:0336","RHSA-2017:1216","RHSA-2017:0338","RHSA-2017:0175","RHSA-2017:0263","RHSA-2017:0176"],"bugzilla":"1413923","bugzilla_description":"CVE-2016-5549 OpenJDK: ECDSA implementation timing attack (Libraries, 8168724)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-385","affected_packages":["java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el6_8","java-1.8.0-ibm-1:1.8.0.4.0-1jpp.1.el6_8","java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3","java-1.8.0-ibm-1:1.8.0.4.0-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el5_11","java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7","java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8","java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11","java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8","java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el7_3","java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5549.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2017-3241","severity":"critical","public_date":"2017-01-17T00:00:00Z","advisories":["RHSA-2017:0269","RHSA-2017:0337","RHSA-2017:0336","RHSA-2017:1216","RHSA-2017:0180","RHSA-2017:0338","RHSA-2017:0175","RHSA-2017:0263","RHSA-2017:0177","RHSA-2017:0176"],"bugzilla":"1413955","bugzilla_description":"CVE-2017-3241 OpenJDK: untrusted input deserialization in RMI registry and DCG (RMI, 8156802)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-502","affected_packages":["java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el6_8","java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3","java-1.8.0-ibm-1:1.8.0.4.0-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el5_11","java-1.7.0-openjdk-1:1.7.0.131-2.6.9.0.el6_8","java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7","java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8","java-1.7.0-openjdk-1:1.7.0.131-2.6.9.0.el5_11","java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11","java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8","java-1.7.0-openjdk-1:1.7.0.131-2.6.9.0.el7_3","java-1.6.0-sun-1:1.6.0.141-1jpp.1.el5_11","java-1.6.0-sun-1:1.6.0.141-1jpp.1.el7_3","java-1.8.0-ibm-1:1.8.0.4.0-1jpp.1.el6_8","java-1.6.0-sun-1:1.6.0.141-1jpp.1.el6_8","java-1.8.0-openjdk-1:1.8.0.121-0.b13.el6_8","java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el7_3","java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8","java-1.8.0-openjdk-1:1.8.0.121-0.b13.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3241.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2017-3262","severity":"moderate","public_date":"2017-01-17T00:00:00Z","advisories":["RHSA-2017:0175"],"bugzilla":"1414162","bugzilla_description":"CVE-2017-3262 Oracle JDK: unspecified vulnerability fixed in 8u121 (Java Mission Control)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3","java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3262.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2017-3259","severity":"moderate","public_date":"2017-01-17T00:00:00Z","advisories":["RHSA-2017:0337","RHSA-2017:0336","RHSA-2017:1216","RHSA-2017:0338","RHSA-2017:0175","RHSA-2017:0263","RHSA-2017:0177","RHSA-2017:0176"],"bugzilla":"1414163","bugzilla_description":"CVE-2017-3259 Oracle JDK: unspecified vulnerability fixed in 6u141, 7u131, and 8u121 (Deployment)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el6_8","java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3","java-1.8.0-ibm-1:1.8.0.4.0-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el5_11","java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7","java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8","java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11","java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8","java-1.6.0-sun-1:1.6.0.141-1jpp.1.el5_11","java-1.6.0-sun-1:1.6.0.141-1jpp.1.el7_3","java-1.8.0-ibm-1:1.8.0.4.0-1jpp.1.el6_8","java-1.6.0-sun-1:1.6.0.141-1jpp.1.el6_8","java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el7_3","java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3259.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"3.7"},{"CVE":"CVE-2016-8328","severity":"moderate","public_date":"2017-01-17T00:00:00Z","advisories":["RHSA-2017:0175"],"bugzilla":"1414164","bugzilla_description":"CVE-2016-8328 Oracle JDK: unspecified vulnerability fixed in 8u121 (Java Mission Control)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3","java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8328.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N","cvss3_score":"3.7"},{"CVE":"CVE-2016-5582","severity":"critical","public_date":"2016-10-18T00:00:00Z","advisories":["RHSA-2016:2079","RHSA-2016:2089","RHSA-2016:2088","RHSA-2017:0061","RHSA-2016:2658","RHSA-2016:2090"],"bugzilla":"1385402","bugzilla_description":"CVE-2016-5582 OpenJDK: incomplete type checks of System.arraycopy arguments (Hotspot, 8160591)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-843","affected_packages":["java-1.8.0-openjdk-1:1.8.0.111-0.b15.el6_8","java-1.6.0-openjdk-1:1.6.0.41-1.13.13.1.el6_8","java-1.6.0-sun-1:1.6.0.131-1jpp.1.el5_11","java-1.8.0-oracle-1:1.8.0.111-1jpp.4.el7","java-1.6.0-openjdk-1:1.6.0.41-1.13.13.1.el7_3","java-1.7.0-oracle-1:1.7.0.121-1jpp.1.el6_8","java-1.7.0-oracle-1:1.7.0.121-1jpp.1.el5_11","java-1.8.0-openjdk-1:1.8.0.111-1.b15.el7_2","java-1.6.0-sun-1:1.6.0.131-1jpp.1.el6_8","java-1.7.0-oracle-1:1.7.0.121-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.131-1jpp.1.el7","java-1.8.0-oracle-1:1.8.0.111-1jpp.4.el6_8","java-1.7.0-openjdk-1:1.7.0.121-2.6.8.1.el5_11","java-1.7.0-openjdk-1:1.7.0.121-2.6.8.0.el7_3","java-1.6.0-openjdk-1:1.6.0.41-1.13.13.1.el5_11","java-1.7.0-openjdk-1:1.7.0.121-2.6.8.1.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5582.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2016-5573","severity":"important","public_date":"2016-10-18T00:00:00Z","advisories":["RHSA-2016:2079","RHSA-2016:2089","RHSA-2016:2136","RHSA-2017:1216","RHSA-2016:2088","RHSA-2017:0061","RHSA-2016:2659","RHSA-2016:2658","RHSA-2016:2138","RHSA-2016:2137","RHSA-2016:2090"],"bugzilla":"1385544","bugzilla_description":"CVE-2016-5573 OpenJDK: insufficient checks of JDWP packets (Hotspot, 8159519)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-20","affected_packages":["java-1.8.0-openjdk-1:1.8.0.111-0.b15.el6_8","java-1.6.0-openjdk-1:1.6.0.41-1.13.13.1.el6_8","java-1.6.0-sun-1:1.6.0.131-1jpp.1.el5_11","java-1.8.0-oracle-1:1.8.0.111-1jpp.4.el7","java-1.8.0-ibm-1:1.8.0.3.20-1jpp.1.el6_8","java-1.6.0-openjdk-1:1.6.0.41-1.13.13.1.el7_3","java-1.7.0-oracle-1:1.7.0.121-1jpp.1.el6_8","java-1.7.0-oracle-1:1.7.0.121-1jpp.1.el5_11","java-1.8.0-openjdk-1:1.8.0.111-1.b15.el7_2","java-1.8.0-ibm-1:1.8.0.3.20-1jpp.1.el7_2","java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8","java-1.7.0-ibm-1:1.7.0.9.60-1jpp.1.el5_11","java-1.6.0-sun-1:1.6.0.131-1jpp.1.el6_8","java-1.7.0-oracle-1:1.7.0.121-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.131-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.3.60-1jpp.1.el6_8","java-1.8.0-oracle-1:1.8.0.111-1jpp.4.el6_8","java-1.7.1-ibm-1:1.7.1.3.60-1jpp.1.el7_2","java-1.6.0-ibm-1:1.6.0.16.35-1jpp.1.el6_8","java-1.7.0-openjdk-1:1.7.0.121-2.6.8.1.el5_11","java-1.7.0-openjdk-1:1.7.0.121-2.6.8.0.el7_3","java-1.6.0-openjdk-1:1.6.0.41-1.13.13.1.el5_11","java-1.7.0-openjdk-1:1.7.0.121-2.6.8.1.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5573.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2016-5554","severity":"moderate","public_date":"2016-10-18T00:00:00Z","advisories":["RHSA-2016:2079","RHSA-2016:2089","RHSA-2016:2136","RHSA-2017:1216","RHSA-2016:2088","RHSA-2017:0061","RHSA-2016:2659","RHSA-2016:2658","RHSA-2016:2138","RHSA-2016:2137","RHSA-2016:2090"],"bugzilla":"1385714","bugzilla_description":"CVE-2016-5554 OpenJDK: insufficient classloader consistency checks in ClassLoaderWithRepository (JMX, 8157739)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.8.0-openjdk-1:1.8.0.111-0.b15.el6_8","java-1.6.0-openjdk-1:1.6.0.41-1.13.13.1.el6_8","java-1.6.0-sun-1:1.6.0.131-1jpp.1.el5_11","java-1.8.0-oracle-1:1.8.0.111-1jpp.4.el7","java-1.8.0-ibm-1:1.8.0.3.20-1jpp.1.el6_8","java-1.6.0-openjdk-1:1.6.0.41-1.13.13.1.el7_3","java-1.7.0-oracle-1:1.7.0.121-1jpp.1.el6_8","java-1.7.0-oracle-1:1.7.0.121-1jpp.1.el5_11","java-1.8.0-openjdk-1:1.8.0.111-1.b15.el7_2","java-1.8.0-ibm-1:1.8.0.3.20-1jpp.1.el7_2","java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8","java-1.7.0-ibm-1:1.7.0.9.60-1jpp.1.el5_11","java-1.6.0-sun-1:1.6.0.131-1jpp.1.el6_8","java-1.7.0-oracle-1:1.7.0.121-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.131-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.3.60-1jpp.1.el6_8","java-1.8.0-oracle-1:1.8.0.111-1jpp.4.el6_8","java-1.7.1-ibm-1:1.7.1.3.60-1jpp.1.el7_2","java-1.6.0-ibm-1:1.6.0.16.35-1jpp.1.el6_8","java-1.7.0-openjdk-1:1.7.0.121-2.6.8.1.el5_11","java-1.7.0-openjdk-1:1.7.0.121-2.6.8.0.el7_3","java-1.6.0-openjdk-1:1.6.0.41-1.13.13.1.el5_11","java-1.7.0-openjdk-1:1.7.0.121-2.6.8.1.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5554.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2016-5542","severity":"moderate","public_date":"2016-10-18T00:00:00Z","advisories":["RHSA-2016:2079","RHSA-2016:2089","RHSA-2016:2136","RHSA-2017:1216","RHSA-2016:2088","RHSA-2017:0061","RHSA-2016:2659","RHSA-2016:2658","RHSA-2016:2138","RHSA-2016:2137","RHSA-2016:2090"],"bugzilla":"1385723","bugzilla_description":"CVE-2016-5542 OpenJDK: missing algorithm restrictions for jar verification (Libraries, 8155973)","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:P/A:N","CWE":"CWE-327","affected_packages":["java-1.8.0-openjdk-1:1.8.0.111-0.b15.el6_8","java-1.6.0-openjdk-1:1.6.0.41-1.13.13.1.el6_8","java-1.6.0-sun-1:1.6.0.131-1jpp.1.el5_11","java-1.8.0-oracle-1:1.8.0.111-1jpp.4.el7","java-1.8.0-ibm-1:1.8.0.3.20-1jpp.1.el6_8","java-1.6.0-openjdk-1:1.6.0.41-1.13.13.1.el7_3","java-1.7.0-oracle-1:1.7.0.121-1jpp.1.el6_8","java-1.7.0-oracle-1:1.7.0.121-1jpp.1.el5_11","java-1.8.0-openjdk-1:1.8.0.111-1.b15.el7_2","java-1.8.0-ibm-1:1.8.0.3.20-1jpp.1.el7_2","java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8","java-1.7.0-ibm-1:1.7.0.9.60-1jpp.1.el5_11","java-1.6.0-sun-1:1.6.0.131-1jpp.1.el6_8","java-1.7.0-oracle-1:1.7.0.121-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.131-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.3.60-1jpp.1.el6_8","java-1.8.0-oracle-1:1.8.0.111-1jpp.4.el6_8","java-1.7.1-ibm-1:1.7.1.3.60-1jpp.1.el7_2","java-1.6.0-ibm-1:1.6.0.16.35-1jpp.1.el6_8","java-1.7.0-openjdk-1:1.7.0.121-2.6.8.1.el5_11","java-1.7.0-openjdk-1:1.7.0.121-2.6.8.0.el7_3","java-1.6.0-openjdk-1:1.6.0.41-1.13.13.1.el5_11","java-1.7.0-openjdk-1:1.7.0.121-2.6.8.1.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5542.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N","cvss3_score":"3.1"},{"CVE":"CVE-2016-5597","severity":"moderate","public_date":"2016-10-18T00:00:00Z","advisories":["RHSA-2016:2079","RHSA-2016:2089","RHSA-2016:2136","RHSA-2017:1216","RHSA-2016:2088","RHSA-2017:0061","RHSA-2016:2659","RHSA-2016:2658","RHSA-2016:2138","RHSA-2016:2137","RHSA-2016:2090"],"bugzilla":"1386103","bugzilla_description":"CVE-2016-5597 OpenJDK: exposure of server authentication credentials to proxy (Networking, 8160838)","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:N/A:N","CWE":"CWE-319","affected_packages":["java-1.8.0-openjdk-1:1.8.0.111-0.b15.el6_8","java-1.6.0-openjdk-1:1.6.0.41-1.13.13.1.el6_8","java-1.6.0-sun-1:1.6.0.131-1jpp.1.el5_11","java-1.8.0-oracle-1:1.8.0.111-1jpp.4.el7","java-1.8.0-ibm-1:1.8.0.3.20-1jpp.1.el6_8","java-1.6.0-openjdk-1:1.6.0.41-1.13.13.1.el7_3","java-1.7.0-oracle-1:1.7.0.121-1jpp.1.el6_8","java-1.7.0-oracle-1:1.7.0.121-1jpp.1.el5_11","java-1.8.0-openjdk-1:1.8.0.111-1.b15.el7_2","java-1.8.0-ibm-1:1.8.0.3.20-1jpp.1.el7_2","java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8","java-1.7.0-ibm-1:1.7.0.9.60-1jpp.1.el5_11","java-1.6.0-sun-1:1.6.0.131-1jpp.1.el6_8","java-1.7.0-oracle-1:1.7.0.121-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.131-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.3.60-1jpp.1.el6_8","java-1.8.0-oracle-1:1.8.0.111-1jpp.4.el6_8","java-1.7.1-ibm-1:1.7.1.3.60-1jpp.1.el7_2","java-1.6.0-ibm-1:1.6.0.16.35-1jpp.1.el6_8","java-1.7.0-openjdk-1:1.7.0.121-2.6.8.1.el5_11","java-1.7.0-openjdk-1:1.7.0.121-2.6.8.0.el7_3","java-1.6.0-openjdk-1:1.6.0.41-1.13.13.1.el5_11","java-1.7.0-openjdk-1:1.7.0.121-2.6.8.1.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5597.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2016-5568","severity":"critical","public_date":"2016-10-18T00:00:00Z","advisories":[],"bugzilla":"1386112","bugzilla_description":"CVE-2016-5568 OpenJDK: incorrect menu handling on Windows (AWT, 8158993)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5568.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2016-5556","severity":"critical","public_date":"2016-10-18T00:00:00Z","advisories":["RHSA-2016:2089","RHSA-2016:2136","RHSA-2017:1216","RHSA-2016:2088","RHSA-2016:2659","RHSA-2016:2138","RHSA-2016:2137","RHSA-2016:2090"],"bugzilla":"1386408","bugzilla_description":"CVE-2016-5556 Oracle JDK: unspecified vulnerability fixed in 6u131, 7u121, and 8u111 (2D)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-sun-1:1.6.0.131-1jpp.1.el5_11","java-1.8.0-oracle-1:1.8.0.111-1jpp.4.el7","java-1.8.0-ibm-1:1.8.0.3.20-1jpp.1.el6_8","java-1.7.0-oracle-1:1.7.0.121-1jpp.1.el6_8","java-1.7.0-oracle-1:1.7.0.121-1jpp.1.el5_11","java-1.8.0-ibm-1:1.8.0.3.20-1jpp.1.el7_2","java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8","java-1.7.0-ibm-1:1.7.0.9.60-1jpp.1.el5_11","java-1.6.0-sun-1:1.6.0.131-1jpp.1.el6_8","java-1.7.0-oracle-1:1.7.0.121-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.131-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.3.60-1jpp.1.el6_8","java-1.8.0-oracle-1:1.8.0.111-1jpp.4.el6_8","java-1.7.1-ibm-1:1.7.1.3.60-1jpp.1.el7_2","java-1.6.0-ibm-1:1.6.0.16.35-1jpp.1.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5556.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2016-9843","severity":"low","public_date":"2016-09-29T00:00:00Z","advisories":["RHSA-2017:2999","RHSA-2017:3046","RHSA-2017:3453","RHSA-2017:1220","RHSA-2017:1222","RHSA-2017:1221","RHSA-2017:3047"],"bugzilla":"1402351","bugzilla_description":"CVE-2016-9843 zlib: Big-endian out-of-bounds pointer","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6","java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7","java-1.6.0-ibm-1:1.6.0.16.45-1jpp.1.el6_9","java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6","java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7","java-1.7.1-ibm-1:1.7.1.4.5-1jpp.2.el6_9","java-1.7.1-ibm-1:1.7.1.4.5-1jpp.1.el7_3","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9","java-1.8.0-ibm-1:1.8.0.4.5-1jpp.1.el6_9","java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6","java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7","java-1.8.0-ibm-1:1.8.0.4.5-1jpp.1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9843.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-9840","severity":"low","public_date":"2016-09-22T00:00:00Z","advisories":["RHSA-2017:2999","RHSA-2017:3046","RHSA-2017:3453","RHSA-2017:1220","RHSA-2017:1222","RHSA-2017:1221","RHSA-2017:3047"],"bugzilla":"1402345","bugzilla_description":"CVE-2016-9840 zlib: Out-of-bounds pointer arithmetic in inftrees.c","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6","java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7","java-1.6.0-ibm-1:1.6.0.16.45-1jpp.1.el6_9","java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6","java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7","java-1.7.1-ibm-1:1.7.1.4.5-1jpp.2.el6_9","java-1.7.1-ibm-1:1.7.1.4.5-1jpp.1.el7_3","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9","java-1.8.0-ibm-1:1.8.0.4.5-1jpp.1.el6_9","java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6","java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7","java-1.8.0-ibm-1:1.8.0.4.5-1jpp.1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9840.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-9841","severity":"low","public_date":"2016-09-22T00:00:00Z","advisories":["RHSA-2017:2999","RHSA-2017:3046","RHSA-2017:3453","RHSA-2017:1220","RHSA-2017:1222","RHSA-2017:1221","RHSA-2017:3047"],"bugzilla":"1402346","bugzilla_description":"CVE-2016-9841 zlib: Out-of-bounds pointer arithmetic in inffast.c","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6","java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7","java-1.6.0-ibm-1:1.6.0.16.45-1jpp.1.el6_9","java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6","java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7","java-1.7.1-ibm-1:1.7.1.4.5-1jpp.2.el6_9","java-1.7.1-ibm-1:1.7.1.4.5-1jpp.1.el7_3","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9","java-1.8.0-ibm-1:1.8.0.4.5-1jpp.1.el6_9","java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6","java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7","java-1.8.0-ibm-1:1.8.0.4.5-1jpp.1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9841.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-9842","severity":"low","public_date":"2016-09-06T00:00:00Z","advisories":["RHSA-2017:2999","RHSA-2017:3046","RHSA-2017:3453","RHSA-2017:1220","RHSA-2017:1222","RHSA-2017:1221","RHSA-2017:3047"],"bugzilla":"1402348","bugzilla_description":"CVE-2016-9842 zlib: Undefined left shift of negative number","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6","java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7","java-1.6.0-ibm-1:1.6.0.16.45-1jpp.1.el6_9","java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6","java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7","java-1.7.1-ibm-1:1.7.1.4.5-1jpp.2.el6_9","java-1.7.1-ibm-1:1.7.1.4.5-1jpp.1.el7_3","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9","java-1.8.0-ibm-1:1.8.0.4.5-1jpp.1.el6_9","java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6","java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7","java-1.8.0-ibm-1:1.8.0.4.5-1jpp.1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9842.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-10165","severity":"moderate","public_date":"2016-08-15T00:00:00Z","advisories":["RHSA-2016:2079","RHSA-2017:2999","RHSA-2017:3046","RHSA-2016:2658","RHSA-2017:3453","RHSA-2017:3264","RHSA-2017:3267","RHSA-2017:3268"],"bugzilla":"1367357","bugzilla_description":"CVE-2016-10165 lcms2: Out-of-bounds read in Type_MLU_Read()","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:P","CWE":"CWE-125","affected_packages":["java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7","java-1.8.0-openjdk-1:1.8.0.111-0.b15.el6_8","java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.4.15-1jpp.2.el7","java-1.7.1-ibm-1:1.7.1.4.15-1jpp.3.el6_9","java-1.8.0-openjdk-1:1.8.0.111-1.b15.el7_2","java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6","java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7","java-1.7.0-openjdk-1:1.7.0.121-2.6.8.1.el5_11","java-1.7.0-openjdk-1:1.7.0.121-2.6.8.0.el7_3","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9","java-1.7.0-openjdk-1:1.7.0.121-2.6.8.1.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10165.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H","cvss3_score":"5.7"},{"CVE":"CVE-2016-3606","severity":"critical","public_date":"2016-07-19T00:00:00Z","advisories":["RHSA-2016:1475","RHSA-2016:1476","RHSA-2016:1504","RHSA-2016:1776","RHSA-2016:1458"],"bugzilla":"1356963","bugzilla_description":"CVE-2016-3606 OpenJDK: insufficient bytecode verification (Hotspot, 8155981)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.111-2.6.7.1.el5_11","java-1.8.0-openjdk-1:1.8.0.101-3.b13.el6_8","java-1.8.0-openjdk-1:1.8.0.101-3.b13.el7_2","java-1.7.0-openjdk-1:1.7.0.111-2.6.7.2.el6_8","java-1.7.0-openjdk-1:1.7.0.111-2.6.7.2.el7_2","java-1.7.0-oracle-1:1.7.0.111-1jpp.1.el7","java-1.6.0-openjdk-1:1.6.0.40-1.13.12.6.el6_8","java-1.7.0-oracle-1:1.7.0.111-1jpp.1.el5_11","java-1.8.0-oracle-1:1.8.0.101-1jpp.1.el6_8","java-1.7.0-oracle-1:1.7.0.111-1jpp.1.el6_8","java-1.6.0-openjdk-1:1.6.0.40-1.13.12.4.el5_11","java-1.8.0-oracle-1:1.8.0.101-1jpp.1.el7","java-1.6.0-openjdk-1:1.6.0.40-1.13.12.5.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3606.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2016-3598","severity":"critical","public_date":"2016-07-19T00:00:00Z","advisories":["RHSA-2016:1475","RHSA-2017:1216","RHSA-2016:1504","RHSA-2016:1587","RHSA-2016:1588","RHSA-2016:1589","RHSA-2016:1458"],"bugzilla":"1356971","bugzilla_description":"CVE-2016-3598 OpenJDK: incorrect handling of MethodHandles.dropArguments() argument (Libraries, 8155985)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.111-2.6.7.1.el5_11","java-1.8.0-openjdk-1:1.8.0.101-3.b13.el6_8","java-1.8.0-openjdk-1:1.8.0.101-3.b13.el7_2","java-1.7.0-openjdk-1:1.7.0.111-2.6.7.2.el6_8","java-1.7.1-ibm-1:1.7.1.3.50-1jpp.1.el6_8","java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8","java-1.7.1-ibm-1:1.7.1.3.50-1jpp.1.el7_2","java-1.7.0-openjdk-1:1.7.0.111-2.6.7.2.el7_2","java-1.8.0-ibm-1:1.8.0.3.10-1jpp.2.el6_8","java-1.8.0-oracle-1:1.8.0.101-1jpp.1.el6_8","java-1.8.0-oracle-1:1.8.0.101-1jpp.1.el7","java-1.7.0-ibm-1:1.7.0.9.50-1jpp.1.el5_11","java-1.8.0-ibm-1:1.8.0.3.10-1jpp.2.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3598.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2016-3587","severity":"critical","public_date":"2016-07-19T00:00:00Z","advisories":["RHSA-2016:1475","RHSA-2016:1458"],"bugzilla":"1356987","bugzilla_description":"CVE-2016-3587 OpenJDK: insufficient protection of MethodHandle.invokeBasic() (Hotspot, 8154475)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.8.0-openjdk-1:1.8.0.101-3.b13.el6_8","java-1.8.0-oracle-1:1.8.0.101-1jpp.1.el6_8","java-1.8.0-openjdk-1:1.8.0.101-3.b13.el7_2","java-1.8.0-oracle-1:1.8.0.101-1jpp.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3587.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2016-3610","severity":"critical","public_date":"2016-07-19T00:00:00Z","advisories":["RHSA-2016:1475","RHSA-2016:1504","RHSA-2016:1458"],"bugzilla":"1356994","bugzilla_description":"CVE-2016-3610 OpenJDK: insufficient value count check in MethodHandles.filterReturnValue() (Libraries, 8158571)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.111-2.6.7.1.el5_11","java-1.8.0-openjdk-1:1.8.0.101-3.b13.el6_8","java-1.8.0-oracle-1:1.8.0.101-1jpp.1.el6_8","java-1.8.0-openjdk-1:1.8.0.101-3.b13.el7_2","java-1.8.0-oracle-1:1.8.0.101-1jpp.1.el7","java-1.7.0-openjdk-1:1.7.0.111-2.6.7.2.el6_8","java-1.7.0-openjdk-1:1.7.0.111-2.6.7.2.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3610.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2016-3500","severity":"moderate","public_date":"2016-07-19T00:00:00Z","advisories":["RHSA-2016:1475","RHSA-2016:1476","RHSA-2016:1504","RHSA-2016:1477","RHSA-2016:1776","RHSA-2016:1458"],"bugzilla":"1357008","bugzilla_description":"CVE-2016-3500 OpenJDK: maximum XML name limit not applied to namespace URIs (JAXP, 8148872)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-770","affected_packages":["java-1.7.0-openjdk-1:1.7.0.111-2.6.7.1.el5_11","java-1.8.0-openjdk-1:1.8.0.101-3.b13.el6_8","java-1.8.0-openjdk-1:1.8.0.101-3.b13.el7_2","java-1.7.0-openjdk-1:1.7.0.111-2.6.7.2.el6_8","java-1.6.0-sun-1:1.6.0.121-1jpp.1.el6_8","java-1.7.0-openjdk-1:1.7.0.111-2.6.7.2.el7_2","java-1.7.0-oracle-1:1.7.0.111-1jpp.1.el7","java-1.6.0-openjdk-1:1.6.0.40-1.13.12.6.el6_8","java-1.7.0-oracle-1:1.7.0.111-1jpp.1.el5_11","java-1.8.0-oracle-1:1.8.0.101-1jpp.1.el6_8","java-1.7.0-oracle-1:1.7.0.111-1jpp.1.el6_8","java-1.6.0-sun-1:1.6.0.121-1jpp.1.el7","java-1.6.0-openjdk-1:1.6.0.40-1.13.12.4.el5_11","java-1.8.0-oracle-1:1.8.0.101-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.121-1jpp.1.el5_11","java-1.6.0-openjdk-1:1.6.0.40-1.13.12.5.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3500.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2016-3508","severity":"moderate","public_date":"2016-07-19T00:00:00Z","advisories":["RHSA-2016:1475","RHSA-2016:1476","RHSA-2016:1504","RHSA-2016:1477","RHSA-2016:1776","RHSA-2016:1458"],"bugzilla":"1357015","bugzilla_description":"CVE-2016-3508 OpenJDK: missing entity replacement limits (JAXP, 8149962)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-770","affected_packages":["java-1.7.0-openjdk-1:1.7.0.111-2.6.7.1.el5_11","java-1.8.0-openjdk-1:1.8.0.101-3.b13.el6_8","java-1.8.0-openjdk-1:1.8.0.101-3.b13.el7_2","java-1.7.0-openjdk-1:1.7.0.111-2.6.7.2.el6_8","java-1.6.0-sun-1:1.6.0.121-1jpp.1.el6_8","java-1.7.0-openjdk-1:1.7.0.111-2.6.7.2.el7_2","java-1.7.0-oracle-1:1.7.0.111-1jpp.1.el7","java-1.6.0-openjdk-1:1.6.0.40-1.13.12.6.el6_8","java-1.7.0-oracle-1:1.7.0.111-1jpp.1.el5_11","java-1.8.0-oracle-1:1.8.0.101-1jpp.1.el6_8","java-1.7.0-oracle-1:1.7.0.111-1jpp.1.el6_8","java-1.6.0-sun-1:1.6.0.121-1jpp.1.el7","java-1.6.0-openjdk-1:1.6.0.40-1.13.12.4.el5_11","java-1.8.0-oracle-1:1.8.0.101-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.121-1jpp.1.el5_11","java-1.6.0-openjdk-1:1.6.0.40-1.13.12.5.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3508.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2016-3458","severity":"moderate","public_date":"2016-07-19T00:00:00Z","advisories":["RHSA-2016:1475","RHSA-2016:1476","RHSA-2016:1504","RHSA-2016:1477","RHSA-2016:1776","RHSA-2016:1458"],"bugzilla":"1357494","bugzilla_description":"CVE-2016-3458 OpenJDK: insufficient restrictions on the use of custom ValueHandler (CORBA, 8079718)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.111-2.6.7.1.el5_11","java-1.8.0-openjdk-1:1.8.0.101-3.b13.el6_8","java-1.8.0-openjdk-1:1.8.0.101-3.b13.el7_2","java-1.7.0-openjdk-1:1.7.0.111-2.6.7.2.el6_8","java-1.6.0-sun-1:1.6.0.121-1jpp.1.el6_8","java-1.7.0-openjdk-1:1.7.0.111-2.6.7.2.el7_2","java-1.7.0-oracle-1:1.7.0.111-1jpp.1.el7","java-1.6.0-openjdk-1:1.6.0.40-1.13.12.6.el6_8","java-1.7.0-oracle-1:1.7.0.111-1jpp.1.el5_11","java-1.8.0-oracle-1:1.8.0.101-1jpp.1.el6_8","java-1.7.0-oracle-1:1.7.0.111-1jpp.1.el6_8","java-1.6.0-sun-1:1.6.0.121-1jpp.1.el7","java-1.6.0-openjdk-1:1.6.0.40-1.13.12.4.el5_11","java-1.8.0-oracle-1:1.8.0.101-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.121-1jpp.1.el5_11","java-1.6.0-openjdk-1:1.6.0.40-1.13.12.5.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3458.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2016-3550","severity":"moderate","public_date":"2016-07-19T00:00:00Z","advisories":["RHSA-2016:1475","RHSA-2016:1476","RHSA-2016:1504","RHSA-2016:1477","RHSA-2016:1776","RHSA-2016:1458"],"bugzilla":"1357506","bugzilla_description":"CVE-2016-3550 OpenJDK: integer overflows in bytecode streams (Hotspot, 8152479)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-190","affected_packages":["java-1.7.0-openjdk-1:1.7.0.111-2.6.7.1.el5_11","java-1.8.0-openjdk-1:1.8.0.101-3.b13.el6_8","java-1.8.0-openjdk-1:1.8.0.101-3.b13.el7_2","java-1.7.0-openjdk-1:1.7.0.111-2.6.7.2.el6_8","java-1.6.0-sun-1:1.6.0.121-1jpp.1.el6_8","java-1.7.0-openjdk-1:1.7.0.111-2.6.7.2.el7_2","java-1.7.0-oracle-1:1.7.0.111-1jpp.1.el7","java-1.6.0-openjdk-1:1.6.0.40-1.13.12.6.el6_8","java-1.7.0-oracle-1:1.7.0.111-1jpp.1.el5_11","java-1.8.0-oracle-1:1.8.0.101-1jpp.1.el6_8","java-1.7.0-oracle-1:1.7.0.111-1jpp.1.el6_8","java-1.6.0-sun-1:1.6.0.121-1jpp.1.el7","java-1.6.0-openjdk-1:1.6.0.40-1.13.12.4.el5_11","java-1.8.0-oracle-1:1.8.0.101-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.121-1jpp.1.el5_11","java-1.6.0-openjdk-1:1.6.0.40-1.13.12.5.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3550.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2016-3485","severity":"low","public_date":"2016-07-19T00:00:00Z","advisories":[],"bugzilla":"1357516","bugzilla_description":"CVE-2016-3485 OpenJDK: weak authentication secret in Pipe implementation on Windows (Networking, 8145446)","cvss_score":1.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3485.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N","cvss3_score":"2.9"},{"CVE":"CVE-2016-3552","severity":"important","public_date":"2016-07-19T00:00:00Z","advisories":["RHSA-2016:1475"],"bugzilla":"1358167","bugzilla_description":"CVE-2016-3552 Oracle JDK: unspecified vulnerability fixed in 8u101 (Install)","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.101-1jpp.1.el6_8","java-1.8.0-oracle-1:1.8.0.101-1jpp.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3552.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.4"},{"CVE":"CVE-2016-3511","severity":"moderate","public_date":"2016-07-19T00:00:00Z","advisories":["RHSA-2016:1475","RHSA-2016:1476","RHSA-2017:1216","RHSA-2016:1587","RHSA-2016:1588","RHSA-2016:1589"],"bugzilla":"1358168","bugzilla_description":"CVE-2016-3511 Oracle JDK: unspecified vulnerability fixed in 7u111 and 8u101 (Deployment)","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.8.0-ibm-1:1.8.0.3.10-1jpp.2.el6_8","java-1.7.0-oracle-1:1.7.0.111-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.111-1jpp.1.el5_11","java-1.8.0-oracle-1:1.8.0.101-1jpp.1.el6_8","java-1.7.0-oracle-1:1.7.0.111-1jpp.1.el6_8","java-1.8.0-oracle-1:1.8.0.101-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.3.50-1jpp.1.el6_8","java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8","java-1.7.0-ibm-1:1.7.0.9.50-1jpp.1.el5_11","java-1.8.0-ibm-1:1.8.0.3.10-1jpp.2.el7_2","java-1.7.1-ibm-1:1.7.1.3.50-1jpp.1.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3511.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2016-3503","severity":"moderate","public_date":"2016-07-19T00:00:00Z","advisories":["RHSA-2016:1475","RHSA-2016:1476","RHSA-2016:1477"],"bugzilla":"1358169","bugzilla_description":"CVE-2016-3503 Oracle JDK: unspecified vulnerability fixed in 6u121, 7u111, and 8u101 (Install)","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.111-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.111-1jpp.1.el5_11","java-1.8.0-oracle-1:1.8.0.101-1jpp.1.el6_8","java-1.7.0-oracle-1:1.7.0.111-1jpp.1.el6_8","java-1.6.0-sun-1:1.6.0.121-1jpp.1.el7","java-1.8.0-oracle-1:1.8.0.101-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.121-1jpp.1.el5_11","java-1.6.0-sun-1:1.6.0.121-1jpp.1.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3503.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2016-3498","severity":"moderate","public_date":"2016-07-19T00:00:00Z","advisories":["RHSA-2016:1475","RHSA-2016:1476"],"bugzilla":"1358170","bugzilla_description":"CVE-2016-3498 Oracle JDK: unspecified vulnerability fixed in 7u111 and 8u101 (JavaFX)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.111-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.111-1jpp.1.el5_11","java-1.8.0-oracle-1:1.8.0.101-1jpp.1.el6_8","java-1.7.0-oracle-1:1.7.0.111-1jpp.1.el6_8","java-1.8.0-oracle-1:1.8.0.101-1jpp.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3498.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"4.3"},{"CVE":"CVE-2016-0686","severity":"critical","public_date":"2016-04-19T00:00:00Z","advisories":["RHSA-2016:1430","RHSA-2016:0650","RHSA-2016:0651","RHSA-2016:0708","RHSA-2017:1216","RHSA-2016:0716","RHSA-2016:0678","RHSA-2016:0679","RHSA-2016:0723","RHSA-2016:0701","RHSA-2016:0702","RHSA-2016:0675","RHSA-2016:0676","RHSA-2016:1039","RHSA-2016:0677"],"bugzilla":"1327743","bugzilla_description":"CVE-2016-0686 OpenJDK: insufficient thread consistency checks in ObjectInputStream (Serialization, 8129952)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.91-1jpp.1.el6_7","java-1.6.0-openjdk-1:1.6.0.39-1.13.11.0.el5_11","java-1.6.0-sun-1:1.6.0.115-1jpp.1.el5_11","java-1.6.0-ibm-1:1.6.0.16.25-1jpp.1.el6_7","java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7","java-1.7.0-oracle-1:1.7.0.101-1jpp.1.el5_11","java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el7","java-1.8.0-oracle-1:1.8.0.91-1jpp.1.el7","java-1.6.0-openjdk-1:1.6.0.39-1.13.11.0.el6_7","java-1.6.0-sun-1:1.6.0.115-1jpp.1.el7","java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5","java-1.8.0-ibm-1:1.8.0.3.0-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.3.0-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8","java-1.7.0-openjdk-1:1.7.0.101-2.6.6.1.el5_11","java-1.7.0-openjdk-1:1.7.0.101-2.6.6.1.el7_2","java-1.7.0-oracle-1:1.7.0.101-1jpp.1.el6_7","java-1.7.0-oracle-1:1.7.0.101-1jpp.1.el7","java-1.6.0-openjdk-1:1.6.0.39-1.13.11.0.el7_2","java-1.7.0-openjdk-1:1.7.0.101-2.6.6.1.el6_7","java-1.6.0-sun-1:1.6.0.115-1jpp.1.el6_7","java-1.8.0-openjdk-1:1.8.0.91-0.b14.el6_7","java-1.8.0-openjdk-1:1.8.0.91-0.b14.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0686.json"},{"CVE":"CVE-2016-0687","severity":"critical","public_date":"2016-04-19T00:00:00Z","advisories":["RHSA-2016:1430","RHSA-2016:0650","RHSA-2016:0651","RHSA-2016:0708","RHSA-2017:1216","RHSA-2016:0716","RHSA-2016:0678","RHSA-2016:0679","RHSA-2016:0723","RHSA-2016:0701","RHSA-2016:0702","RHSA-2016:0675","RHSA-2016:0676","RHSA-2016:1039","RHSA-2016:0677"],"bugzilla":"1327749","bugzilla_description":"CVE-2016-0687 OpenJDK: insufficient byte type checks (Hotspot, 8132051)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.91-1jpp.1.el6_7","java-1.6.0-openjdk-1:1.6.0.39-1.13.11.0.el5_11","java-1.6.0-sun-1:1.6.0.115-1jpp.1.el5_11","java-1.6.0-ibm-1:1.6.0.16.25-1jpp.1.el6_7","java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7","java-1.7.0-oracle-1:1.7.0.101-1jpp.1.el5_11","java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el7","java-1.8.0-oracle-1:1.8.0.91-1jpp.1.el7","java-1.6.0-openjdk-1:1.6.0.39-1.13.11.0.el6_7","java-1.6.0-sun-1:1.6.0.115-1jpp.1.el7","java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5","java-1.8.0-ibm-1:1.8.0.3.0-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.3.0-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8","java-1.7.0-openjdk-1:1.7.0.101-2.6.6.1.el5_11","java-1.7.0-openjdk-1:1.7.0.101-2.6.6.1.el7_2","java-1.7.0-oracle-1:1.7.0.101-1jpp.1.el6_7","java-1.7.0-oracle-1:1.7.0.101-1jpp.1.el7","java-1.6.0-openjdk-1:1.6.0.39-1.13.11.0.el7_2","java-1.7.0-openjdk-1:1.7.0.101-2.6.6.1.el6_7","java-1.6.0-sun-1:1.6.0.115-1jpp.1.el6_7","java-1.8.0-openjdk-1:1.8.0.91-0.b14.el6_7","java-1.8.0-openjdk-1:1.8.0.91-0.b14.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0687.json"},{"CVE":"CVE-2016-0695","severity":"low","public_date":"2016-04-19T00:00:00Z","advisories":["RHSA-2016:0650","RHSA-2016:0651","RHSA-2016:0678","RHSA-2016:0679","RHSA-2016:0723","RHSA-2016:0675","RHSA-2016:0676","RHSA-2016:0677"],"bugzilla":"1328022","bugzilla_description":"CVE-2016-0695 OpenJDK: insufficient DSA key parameters checks (Security, 8138593)","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.91-1jpp.1.el6_7","java-1.6.0-openjdk-1:1.6.0.39-1.13.11.0.el5_11","java-1.6.0-sun-1:1.6.0.115-1jpp.1.el5_11","java-1.7.0-oracle-1:1.7.0.101-1jpp.1.el5_11","java-1.8.0-oracle-1:1.8.0.91-1jpp.1.el7","java-1.6.0-openjdk-1:1.6.0.39-1.13.11.0.el6_7","java-1.6.0-sun-1:1.6.0.115-1jpp.1.el7","java-1.7.0-openjdk-1:1.7.0.101-2.6.6.1.el5_11","java-1.7.0-openjdk-1:1.7.0.101-2.6.6.1.el7_2","java-1.7.0-oracle-1:1.7.0.101-1jpp.1.el6_7","java-1.7.0-oracle-1:1.7.0.101-1jpp.1.el7","java-1.6.0-openjdk-1:1.6.0.39-1.13.11.0.el7_2","java-1.7.0-openjdk-1:1.7.0.101-2.6.6.1.el6_7","java-1.6.0-sun-1:1.6.0.115-1jpp.1.el6_7","java-1.8.0-openjdk-1:1.8.0.91-0.b14.el6_7","java-1.8.0-openjdk-1:1.8.0.91-0.b14.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0695.json"},{"CVE":"CVE-2016-3425","severity":"moderate","public_date":"2016-04-19T00:00:00Z","advisories":["RHSA-2016:0650","RHSA-2016:0651","RHSA-2016:0678","RHSA-2016:0679","RHSA-2016:0723","RHSA-2016:0675","RHSA-2016:0676","RHSA-2016:0677"],"bugzilla":"1328040","bugzilla_description":"CVE-2016-3425 OpenJDK: incorrect handling of surrogate pairs in XML attribute values (JAXP, 8143167)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.91-1jpp.1.el6_7","java-1.6.0-openjdk-1:1.6.0.39-1.13.11.0.el5_11","java-1.6.0-sun-1:1.6.0.115-1jpp.1.el5_11","java-1.7.0-oracle-1:1.7.0.101-1jpp.1.el5_11","java-1.8.0-oracle-1:1.8.0.91-1jpp.1.el7","java-1.6.0-openjdk-1:1.6.0.39-1.13.11.0.el6_7","java-1.6.0-sun-1:1.6.0.115-1jpp.1.el7","java-1.7.0-openjdk-1:1.7.0.101-2.6.6.1.el5_11","java-1.7.0-openjdk-1:1.7.0.101-2.6.6.1.el7_2","java-1.7.0-oracle-1:1.7.0.101-1jpp.1.el6_7","java-1.7.0-oracle-1:1.7.0.101-1jpp.1.el7","java-1.6.0-openjdk-1:1.6.0.39-1.13.11.0.el7_2","java-1.7.0-openjdk-1:1.7.0.101-2.6.6.1.el6_7","java-1.6.0-sun-1:1.6.0.115-1jpp.1.el6_7","java-1.8.0-openjdk-1:1.8.0.91-0.b14.el6_7","java-1.8.0-openjdk-1:1.8.0.91-0.b14.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3425.json"},{"CVE":"CVE-2016-3426","severity":"low","public_date":"2016-04-19T00:00:00Z","advisories":["RHSA-2016:0708","RHSA-2016:1430","RHSA-2016:0650","RHSA-2016:0651","RHSA-2017:1216","RHSA-2016:0716","RHSA-2016:0701","RHSA-2016:0702","RHSA-2016:1039","RHSA-2016:0677"],"bugzilla":"1328059","bugzilla_description":"CVE-2016-3426 OpenJDK: non-constant time GCM authentication tag comparison (JCE, 8143945)","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.91-1jpp.1.el6_7","java-1.6.0-ibm-1:1.6.0.16.25-1jpp.1.el6_7","java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7","java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el7","java-1.8.0-oracle-1:1.8.0.91-1jpp.1.el7","java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5","java-1.8.0-ibm-1:1.8.0.3.0-1jpp.1.el6","java-1.8.0-openjdk-1:1.8.0.91-0.b14.el6_7","java-1.8.0-ibm-1:1.8.0.3.0-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8","java-1.8.0-openjdk-1:1.8.0.91-0.b14.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3426.json"},{"CVE":"CVE-2016-3427","severity":"critical","public_date":"2016-04-19T00:00:00Z","advisories":["RHSA-2016:1430","RHSA-2016:0650","RHSA-2016:0651","RHSA-2016:0708","RHSA-2017:1216","RHSA-2016:0716","RHSA-2016:0678","RHSA-2016:0679","RHSA-2016:0723","RHSA-2016:0701","RHSA-2016:0702","RHSA-2016:0675","RHSA-2016:0676","RHSA-2016:1039","RHSA-2016:0677"],"bugzilla":"1328210","bugzilla_description":"CVE-2016-3427 OpenJDK: unrestricted deserialization of authentication credentials (JMX, 8144430)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.91-1jpp.1.el6_7","java-1.6.0-openjdk-1:1.6.0.39-1.13.11.0.el5_11","java-1.6.0-sun-1:1.6.0.115-1jpp.1.el5_11","java-1.6.0-ibm-1:1.6.0.16.25-1jpp.1.el6_7","java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7","java-1.7.0-oracle-1:1.7.0.101-1jpp.1.el5_11","java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el7","java-1.8.0-oracle-1:1.8.0.91-1jpp.1.el7","java-1.6.0-openjdk-1:1.6.0.39-1.13.11.0.el6_7","java-1.6.0-sun-1:1.6.0.115-1jpp.1.el7","java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5","java-1.8.0-ibm-1:1.8.0.3.0-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.3.0-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8","java-1.7.0-openjdk-1:1.7.0.101-2.6.6.1.el5_11","java-1.7.0-openjdk-1:1.7.0.101-2.6.6.1.el7_2","java-1.7.0-oracle-1:1.7.0.101-1jpp.1.el6_7","java-1.7.0-oracle-1:1.7.0.101-1jpp.1.el7","java-1.6.0-openjdk-1:1.6.0.39-1.13.11.0.el7_2","java-1.7.0-openjdk-1:1.7.0.101-2.6.6.1.el6_7","java-1.6.0-sun-1:1.6.0.115-1jpp.1.el6_7","java-1.8.0-openjdk-1:1.8.0.91-0.b14.el6_7","java-1.8.0-openjdk-1:1.8.0.91-0.b14.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3427.json"},{"CVE":"CVE-2016-3443","severity":"critical","public_date":"2016-04-19T00:00:00Z","advisories":["RHSA-2016:0708","RHSA-2016:1430","RHSA-2017:1216","RHSA-2016:0716","RHSA-2016:0678","RHSA-2016:0679","RHSA-2016:0701","RHSA-2016:0702","RHSA-2016:1039","RHSA-2016:0677"],"bugzilla":"1328618","bugzilla_description":"CVE-2016-3443 Oracle JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (2D)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.91-1jpp.1.el6_7","java-1.6.0-sun-1:1.6.0.115-1jpp.1.el5_11","java-1.6.0-ibm-1:1.6.0.16.25-1jpp.1.el6_7","java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7","java-1.7.0-oracle-1:1.7.0.101-1jpp.1.el5_11","java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el7","java-1.8.0-oracle-1:1.8.0.91-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.115-1jpp.1.el7","java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5","java-1.8.0-ibm-1:1.8.0.3.0-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.3.0-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8","java-1.7.0-oracle-1:1.7.0.101-1jpp.1.el6_7","java-1.7.0-oracle-1:1.7.0.101-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.115-1jpp.1.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3443.json"},{"CVE":"CVE-2016-3449","severity":"important","public_date":"2016-04-19T00:00:00Z","advisories":["RHSA-2016:0708","RHSA-2016:1430","RHSA-2017:1216","RHSA-2016:0716","RHSA-2016:0678","RHSA-2016:0679","RHSA-2016:0701","RHSA-2016:0702","RHSA-2016:1039","RHSA-2016:0677"],"bugzilla":"1328619","bugzilla_description":"CVE-2016-3449 Oracle JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (Deployment)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.91-1jpp.1.el6_7","java-1.6.0-sun-1:1.6.0.115-1jpp.1.el5_11","java-1.6.0-ibm-1:1.6.0.16.25-1jpp.1.el6_7","java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7","java-1.7.0-oracle-1:1.7.0.101-1jpp.1.el5_11","java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el7","java-1.8.0-oracle-1:1.8.0.91-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.115-1jpp.1.el7","java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5","java-1.8.0-ibm-1:1.8.0.3.0-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.3.0-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8","java-1.7.0-oracle-1:1.7.0.101-1jpp.1.el6_7","java-1.7.0-oracle-1:1.7.0.101-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.115-1jpp.1.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3449.json"},{"CVE":"CVE-2016-3422","severity":"moderate","public_date":"2016-04-19T00:00:00Z","advisories":["RHSA-2016:0708","RHSA-2016:1430","RHSA-2017:1216","RHSA-2016:0716","RHSA-2016:0678","RHSA-2016:0679","RHSA-2016:0701","RHSA-2016:0702","RHSA-2016:1039","RHSA-2016:0677"],"bugzilla":"1328620","bugzilla_description":"CVE-2016-3422 Oracle JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (2D)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.91-1jpp.1.el6_7","java-1.6.0-sun-1:1.6.0.115-1jpp.1.el5_11","java-1.6.0-ibm-1:1.6.0.16.25-1jpp.1.el6_7","java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7","java-1.7.0-oracle-1:1.7.0.101-1jpp.1.el5_11","java-1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el7","java-1.8.0-oracle-1:1.8.0.91-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.115-1jpp.1.el7","java-1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5","java-1.8.0-ibm-1:1.8.0.3.0-1jpp.1.el6","java-1.8.0-ibm-1:1.8.0.3.0-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8","java-1.7.0-oracle-1:1.7.0.101-1jpp.1.el6_7","java-1.7.0-oracle-1:1.7.0.101-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.115-1jpp.1.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3422.json"},{"CVE":"CVE-2016-0636","severity":"critical","public_date":"2016-03-23T00:00:00Z","advisories":["RHSA-2016:0513","RHSA-2016:0514","RHSA-2016:0515","RHSA-2016:0516","RHSA-2016:0511","RHSA-2016:0512"],"bugzilla":"1320650","bugzilla_description":"CVE-2016-0636 OpenJDK: missing type safety checks for MethodHandle calls across class loaders, incorrect CVE-2013-5838 fix (Hotspot, 8151666)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-358","affected_packages":["java-1.7.0-oracle-1:1.7.0.99-1jpp.1.el5_11","java-1.8.0-openjdk-1:1.8.0.77-0.b03.el6_7","java-1.7.0-oracle-1:1.7.0.99-1jpp.1.el7","java-1.8.0-openjdk-1:1.8.0.77-0.b03.el7_2","java-1.8.0-oracle-1:1.8.0.77-1jpp.1.el6_7","java-1.7.0-openjdk-1:1.7.0.99-2.6.5.0.el6_7","java-1.7.0-openjdk-1:1.7.0.99-2.6.5.0.el7_2","java-1.7.0-oracle-1:1.7.0.99-1jpp.1.el6_7","java-1.8.0-oracle-1:1.8.0.77-1jpp.1.el7","java-1.7.0-openjdk-1:1.7.0.99-2.6.5.0.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0636.json"},{"CVE":"CVE-2016-0494","severity":"critical","public_date":"2016-01-19T00:00:00Z","advisories":["RHSA-2016:0054","RHSA-2016:0098","RHSA-2016:0055","RHSA-2016:0099","RHSA-2016:1430","RHSA-2016:0056","RHSA-2016:0067","RHSA-2016:0100","RHSA-2016:0057","RHSA-2016:0101","RHSA-2016:0050","RHSA-2016:0053","RHSA-2016:0049"],"bugzilla":"1298906","bugzilla_description":"CVE-2016-0494 ICU: integer signedness issue in IndicRearrangementProcessor (OpenJDK 2D, 8140543)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-681","affected_packages":["java-1.6.0-openjdk-1:1.6.0.38-1.13.10.0.el7_2","java-1.6.0-sun-1:1.6.0.111-1jpp.3.el5_11","java-1.6.0-ibm-1:1.6.0.16.20-1jpp.1.el6_7","java-1.8.0-oracle-1:1.8.0.71-1jpp.1.el7","java-1.8.0-openjdk-1:1.8.0.71-1.b15.el6_7","java-1.6.0-openjdk-1:1.6.0.38-1.13.10.0.el6_7","java-1.7.1-ibm-1:1.7.1.3.30-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.95-1jpp.2.el7","java-1.7.0-openjdk-1:1.7.0.95-2.6.4.0.el7_2","java-1.7.0-oracle-1:1.7.0.95-1jpp.1.el5_11","java-1.7.0-openjdk-1:1.7.0.95-2.6.4.1.el5_11","java-1.6.0-sun-1:1.6.0.111-1jpp.1.el7","java-1.7.0-openjdk-1:1.7.0.95-2.6.4.0.el6_7","java-1.7.0-ibm-1:1.7.0.9.30-1jpp.1.el5","java-1.6.0-openjdk-1:1.6.0.38-1.13.10.0.el5_11","java-1.7.0-oracle-1:1.7.0.95-1jpp.1.el6_7","java-1.8.0-openjdk-1:1.8.0.71-2.b15.el7_2","java-1.8.0-ibm-1:1.8.0.2.10-1jpp.1.el7","java-1.8.0-oracle-1:1.8.0.71-1jpp.1.el6_7","java-1.6.0-sun-1:1.6.0.111-1jpp.3.el6_7","java-1.7.1-ibm-1:1.7.1.3.30-1jpp.2.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0494.json"},{"CVE":"CVE-2016-0475","severity":"moderate","public_date":"2016-01-19T00:00:00Z","advisories":["RHSA-2016:0098","RHSA-2016:0055","RHSA-2016:0050","RHSA-2016:0049"],"bugzilla":"1298949","bugzilla_description":"CVE-2016-0475 OpenJDK: PBE incorrect key lengths (Libraries, 8138589)","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.71-1jpp.1.el7","java-1.8.0-openjdk-1:1.8.0.71-1.b15.el6_7","java-1.8.0-openjdk-1:1.8.0.71-2.b15.el7_2","java-1.8.0-ibm-1:1.8.0.2.10-1jpp.1.el7","java-1.8.0-oracle-1:1.8.0.71-1jpp.1.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0475.json"},{"CVE":"CVE-2016-0402","severity":"moderate","public_date":"2016-01-19T00:00:00Z","advisories":["RHSA-2016:0054","RHSA-2016:0098","RHSA-2016:0055","RHSA-2016:0099","RHSA-2016:1430","RHSA-2016:0056","RHSA-2016:0067","RHSA-2016:0100","RHSA-2016:0057","RHSA-2016:0101","RHSA-2016:0050","RHSA-2016:0053","RHSA-2016:0049"],"bugzilla":"1298957","bugzilla_description":"CVE-2016-0402 OpenJDK: URL deserialization inconsistencies (Networking, 8059054)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.6.0-openjdk-1:1.6.0.38-1.13.10.0.el7_2","java-1.6.0-sun-1:1.6.0.111-1jpp.3.el5_11","java-1.6.0-ibm-1:1.6.0.16.20-1jpp.1.el6_7","java-1.8.0-oracle-1:1.8.0.71-1jpp.1.el7","java-1.8.0-openjdk-1:1.8.0.71-1.b15.el6_7","java-1.6.0-openjdk-1:1.6.0.38-1.13.10.0.el6_7","java-1.7.1-ibm-1:1.7.1.3.30-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.95-1jpp.2.el7","java-1.7.0-openjdk-1:1.7.0.95-2.6.4.0.el7_2","java-1.7.0-oracle-1:1.7.0.95-1jpp.1.el5_11","java-1.7.0-openjdk-1:1.7.0.95-2.6.4.1.el5_11","java-1.6.0-sun-1:1.6.0.111-1jpp.1.el7","java-1.7.0-openjdk-1:1.7.0.95-2.6.4.0.el6_7","java-1.7.0-ibm-1:1.7.0.9.30-1jpp.1.el5","java-1.6.0-openjdk-1:1.6.0.38-1.13.10.0.el5_11","java-1.7.0-oracle-1:1.7.0.95-1jpp.1.el6_7","java-1.8.0-openjdk-1:1.8.0.71-2.b15.el7_2","java-1.8.0-ibm-1:1.8.0.2.10-1jpp.1.el7","java-1.8.0-oracle-1:1.8.0.71-1jpp.1.el6_7","java-1.6.0-sun-1:1.6.0.111-1jpp.3.el6_7","java-1.7.1-ibm-1:1.7.1.3.30-1jpp.2.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0402.json"},{"CVE":"CVE-2016-0448","severity":"moderate","public_date":"2016-01-19T00:00:00Z","advisories":["RHSA-2016:0054","RHSA-2016:0098","RHSA-2016:0055","RHSA-2016:0099","RHSA-2016:1430","RHSA-2016:0056","RHSA-2016:0067","RHSA-2016:0100","RHSA-2016:0057","RHSA-2016:0101","RHSA-2016:0050","RHSA-2016:0053","RHSA-2016:0049"],"bugzilla":"1299073","bugzilla_description":"CVE-2016-0448 OpenJDK: logging of RMI connection secrets (JMX, 8130710)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-532","affected_packages":["java-1.6.0-openjdk-1:1.6.0.38-1.13.10.0.el7_2","java-1.6.0-sun-1:1.6.0.111-1jpp.3.el5_11","java-1.6.0-ibm-1:1.6.0.16.20-1jpp.1.el6_7","java-1.8.0-oracle-1:1.8.0.71-1jpp.1.el7","java-1.8.0-openjdk-1:1.8.0.71-1.b15.el6_7","java-1.6.0-openjdk-1:1.6.0.38-1.13.10.0.el6_7","java-1.7.1-ibm-1:1.7.1.3.30-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.95-1jpp.2.el7","java-1.7.0-openjdk-1:1.7.0.95-2.6.4.0.el7_2","java-1.7.0-oracle-1:1.7.0.95-1jpp.1.el5_11","java-1.7.0-openjdk-1:1.7.0.95-2.6.4.1.el5_11","java-1.6.0-sun-1:1.6.0.111-1jpp.1.el7","java-1.7.0-openjdk-1:1.7.0.95-2.6.4.0.el6_7","java-1.7.0-ibm-1:1.7.0.9.30-1jpp.1.el5","java-1.6.0-openjdk-1:1.6.0.38-1.13.10.0.el5_11","java-1.7.0-oracle-1:1.7.0.95-1jpp.1.el6_7","java-1.8.0-openjdk-1:1.8.0.71-2.b15.el7_2","java-1.8.0-ibm-1:1.8.0.2.10-1jpp.1.el7","java-1.8.0-oracle-1:1.8.0.71-1jpp.1.el6_7","java-1.6.0-sun-1:1.6.0.111-1jpp.3.el6_7","java-1.7.1-ibm-1:1.7.1.3.30-1jpp.2.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0448.json"},{"CVE":"CVE-2016-0466","severity":"moderate","public_date":"2016-01-19T00:00:00Z","advisories":["RHSA-2016:0054","RHSA-2016:0098","RHSA-2016:0055","RHSA-2016:0099","RHSA-2016:1430","RHSA-2016:0056","RHSA-2016:0067","RHSA-2016:0100","RHSA-2016:0057","RHSA-2016:0101","RHSA-2016:0050","RHSA-2016:0053","RHSA-2016:0049"],"bugzilla":"1299385","bugzilla_description":"CVE-2016-0466 OpenJDK: insufficient enforcement of totalEntitySizeLimit (JAXP, 8133962)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["java-1.6.0-openjdk-1:1.6.0.38-1.13.10.0.el7_2","java-1.6.0-sun-1:1.6.0.111-1jpp.3.el5_11","java-1.6.0-ibm-1:1.6.0.16.20-1jpp.1.el6_7","java-1.8.0-oracle-1:1.8.0.71-1jpp.1.el7","java-1.8.0-openjdk-1:1.8.0.71-1.b15.el6_7","java-1.6.0-openjdk-1:1.6.0.38-1.13.10.0.el6_7","java-1.7.1-ibm-1:1.7.1.3.30-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.95-1jpp.2.el7","java-1.7.0-openjdk-1:1.7.0.95-2.6.4.0.el7_2","java-1.7.0-oracle-1:1.7.0.95-1jpp.1.el5_11","java-1.7.0-openjdk-1:1.7.0.95-2.6.4.1.el5_11","java-1.6.0-sun-1:1.6.0.111-1jpp.1.el7","java-1.7.0-openjdk-1:1.7.0.95-2.6.4.0.el6_7","java-1.7.0-ibm-1:1.7.0.9.30-1jpp.1.el5","java-1.6.0-openjdk-1:1.6.0.38-1.13.10.0.el5_11","java-1.7.0-oracle-1:1.7.0.95-1jpp.1.el6_7","java-1.8.0-openjdk-1:1.8.0.71-2.b15.el7_2","java-1.8.0-ibm-1:1.8.0.2.10-1jpp.1.el7","java-1.8.0-oracle-1:1.8.0.71-1jpp.1.el6_7","java-1.6.0-sun-1:1.6.0.111-1jpp.3.el6_7","java-1.7.1-ibm-1:1.7.1.3.30-1jpp.2.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0466.json"},{"CVE":"CVE-2016-0483","severity":"critical","public_date":"2016-01-19T00:00:00Z","advisories":["RHSA-2016:0054","RHSA-2016:0098","RHSA-2016:0055","RHSA-2016:0099","RHSA-2016:1430","RHSA-2016:0056","RHSA-2016:0067","RHSA-2016:0100","RHSA-2016:0057","RHSA-2016:0101","RHSA-2016:0050","RHSA-2016:0053","RHSA-2016:0049"],"bugzilla":"1299441","bugzilla_description":"CVE-2016-0483 OpenJDK: incorrect boundary check in JPEG decoder (AWT, 8139017)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-787","affected_packages":["java-1.6.0-openjdk-1:1.6.0.38-1.13.10.0.el7_2","java-1.6.0-sun-1:1.6.0.111-1jpp.3.el5_11","java-1.6.0-ibm-1:1.6.0.16.20-1jpp.1.el6_7","java-1.8.0-oracle-1:1.8.0.71-1jpp.1.el7","java-1.8.0-openjdk-1:1.8.0.71-1.b15.el6_7","java-1.6.0-openjdk-1:1.6.0.38-1.13.10.0.el6_7","java-1.7.1-ibm-1:1.7.1.3.30-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.95-1jpp.2.el7","java-1.7.0-openjdk-1:1.7.0.95-2.6.4.0.el7_2","java-1.7.0-oracle-1:1.7.0.95-1jpp.1.el5_11","java-1.7.0-openjdk-1:1.7.0.95-2.6.4.1.el5_11","java-1.6.0-sun-1:1.6.0.111-1jpp.1.el7","java-1.7.0-openjdk-1:1.7.0.95-2.6.4.0.el6_7","java-1.7.0-ibm-1:1.7.0.9.30-1jpp.1.el5","java-1.6.0-openjdk-1:1.6.0.38-1.13.10.0.el5_11","java-1.7.0-oracle-1:1.7.0.95-1jpp.1.el6_7","java-1.8.0-openjdk-1:1.8.0.71-2.b15.el7_2","java-1.8.0-ibm-1:1.8.0.2.10-1jpp.1.el7","java-1.8.0-oracle-1:1.8.0.71-1jpp.1.el6_7","java-1.6.0-sun-1:1.6.0.111-1jpp.3.el6_7","java-1.7.1-ibm-1:1.7.1.3.30-1jpp.2.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0483.json"},{"CVE":"CVE-2015-7575","severity":"moderate","public_date":"2016-01-06T00:00:00Z","advisories":["RHSA-2016:0054","RHSA-2016:0098","RHSA-2016:0055","RHSA-2016:0099","RHSA-2016:1430","RHSA-2016:0056","RHSA-2016:0100","RHSA-2016:0012","RHSA-2016:0101","RHSA-2016:0050","RHSA-2016:0053","RHSA-2016:0007","RHSA-2016:0008","RHSA-2016:0049"],"bugzilla":"1289841","bugzilla_description":"CVE-2015-7575 TLS 1.2 Transcipt Collision attacks against MD5 in key exchange protocol (SLOTH)","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["openssl-0:1.0.1e-42.el6_7.2","java-1.6.0-ibm-1:1.6.0.16.20-1jpp.1.el6_7","java-1.8.0-oracle-1:1.8.0.71-1jpp.1.el7","java-1.8.0-openjdk-1:1.8.0.71-1.b15.el6_7","java-1.7.1-ibm-1:1.7.1.3.30-1jpp.1.el7","nss-0:3.19.1-19.el7_2","gnutls-0:3.3.8-14.el7_2","java-1.7.0-oracle-1:1.7.0.95-1jpp.2.el7","java-1.7.0-oracle-1:1.7.0.95-1jpp.1.el5_11","java-1.7.0-openjdk-1:1.7.0.95-2.6.4.1.el5_11","java-1.7.0-openjdk-1:1.7.0.95-2.6.4.0.el6_7","java-1.7.0-ibm-1:1.7.0.9.30-1jpp.1.el5","java-1.7.0-oracle-1:1.7.0.95-1jpp.1.el6_7","gnutls-0:2.8.5-19.el6_7","java-1.8.0-openjdk-1:1.8.0.71-2.b15.el7_2","java-1.8.0-ibm-1:1.8.0.2.10-1jpp.1.el7","java-1.8.0-oracle-1:1.8.0.71-1jpp.1.el6_7","nss-0:3.19.1-8.el6_7","openssl-1:1.0.1e-51.el7_2.2","java-1.7.1-ibm-1:1.7.1.3.30-1jpp.2.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7575.json"},{"CVE":"CVE-2015-8126","severity":"moderate","public_date":"2015-11-12T00:00:00Z","advisories":["RHSA-2016:0098","RHSA-2016:0055","RHSA-2016:0099","RHSA-2016:1430","RHSA-2016:0056","RHSA-2016:0100","RHSA-2016:0057","RHSA-2016:0101","RHSA-2015:2594","RHSA-2015:2595","RHSA-2015:2596"],"bugzilla":"1281756","bugzilla_description":"CVE-2015-8126 CVE-2015-8472 libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-120","affected_packages":["java-1.6.0-sun-1:1.6.0.111-1jpp.3.el5_11","java-1.6.0-ibm-1:1.6.0.16.20-1jpp.1.el6_7","java-1.8.0-oracle-1:1.8.0.71-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.3.30-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.95-1jpp.2.el7","java-1.7.0-oracle-1:1.7.0.95-1jpp.1.el5_11","java-1.6.0-sun-1:1.6.0.111-1jpp.1.el7","java-1.7.0-ibm-1:1.7.0.9.30-1jpp.1.el5","java-1.7.0-oracle-1:1.7.0.95-1jpp.1.el6_7","libpng-2:1.5.13-7.el7_2","libpng12-0:1.2.50-7.el7_2","java-1.8.0-ibm-1:1.8.0.2.10-1jpp.1.el7","libpng-2:1.2.49-2.el6_7","java-1.8.0-oracle-1:1.8.0.71-1jpp.1.el6_7","java-1.6.0-sun-1:1.6.0.111-1jpp.3.el6_7","java-1.7.1-ibm-1:1.7.1.3.30-1jpp.2.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8126.json"},{"CVE":"CVE-2015-8472","severity":"moderate","public_date":"2015-11-12T00:00:00Z","advisories":["RHSA-2016:0098","RHSA-2016:0055","RHSA-2016:0099","RHSA-2016:1430","RHSA-2016:0056","RHSA-2016:0100","RHSA-2016:0057","RHSA-2016:0101","RHSA-2015:2594","RHSA-2015:2595","RHSA-2015:2596"],"bugzilla":"1281756","bugzilla_description":"CVE-2015-8126 CVE-2015-8472 libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-120","affected_packages":["java-1.6.0-sun-1:1.6.0.111-1jpp.3.el5_11","java-1.6.0-ibm-1:1.6.0.16.20-1jpp.1.el6_7","java-1.8.0-oracle-1:1.8.0.71-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.3.30-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.95-1jpp.2.el7","java-1.7.0-oracle-1:1.7.0.95-1jpp.1.el5_11","java-1.6.0-sun-1:1.6.0.111-1jpp.1.el7","java-1.7.0-ibm-1:1.7.0.9.30-1jpp.1.el5","java-1.7.0-oracle-1:1.7.0.95-1jpp.1.el6_7","libpng-2:1.5.13-7.el7_2","libpng12-0:1.2.50-7.el7_2","java-1.8.0-ibm-1:1.8.0.2.10-1jpp.1.el7","libpng-2:1.2.49-2.el6_7","java-1.8.0-oracle-1:1.8.0.71-1jpp.1.el6_7","java-1.6.0-sun-1:1.6.0.111-1jpp.3.el6_7","java-1.7.1-ibm-1:1.7.1.3.30-1jpp.2.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8472.json"},{"CVE":"CVE-2015-4806","severity":"moderate","public_date":"2015-10-20T00:00:00Z","advisories":["RHSA-2015:2507","RHSA-2015:2518","RHSA-2015:2508","RHSA-2016:1430","RHSA-2015:1926","RHSA-2015:2509","RHSA-2015:1927","RHSA-2015:1928","RHSA-2015:1919","RHSA-2015:1920","RHSA-2015:1921","RHSA-2015:2506","RHSA-2015:2086"],"bugzilla":"1233687","bugzilla_description":"CVE-2015-4806 OpenJDK: HttpURLConnection header restriction bypass (Libraries, 8130193)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-20","affected_packages":["java-1.7.0-openjdk-1:1.7.0.91-2.6.2.2.el6_7","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el7_1","java-1.7.0-openjdk-1:1.7.0.91-2.6.2.1.el7_1","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el7_1","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el7_1","java-1.8.0-openjdk-1:1.8.0.65-2.b17.ael7b_1","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el6_7","java-1.8.0-openjdk-1:1.8.0.65-0.b17.el6_7","java-1.5.0-ibm-1:1.5.0.16.14-1jpp.1.el6_7","java-1.7.0-ibm-1:1.7.0.9.20-1jpp.1.el5","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el6_7","java-1.6.0-ibm-1:1.6.0.16.15-1jpp.1.el6_7","java-1.8.0-ibm-1:1.8.0.2.0-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el5_11","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el5_11","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el6_7","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el5_11","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el6_7","java-1.7.1-ibm-1:1.7.1.3.20-1jpp.1.el6_7","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el7_1","java-1.7.0-openjdk-1:1.7.0.91-2.6.2.1.el5_11","java-1.7.1-ibm-1:1.7.1.3.20-1jpp.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4806.json"},{"CVE":"CVE-2015-4835","severity":"critical","public_date":"2015-10-20T00:00:00Z","advisories":["RHSA-2015:2507","RHSA-2015:2508","RHSA-2016:1430","RHSA-2015:1926","RHSA-2015:2086","RHSA-2015:2509","RHSA-2015:1927","RHSA-2015:1928","RHSA-2015:1919","RHSA-2015:1920","RHSA-2015:1921","RHSA-2015:2506"],"bugzilla":"1273022","bugzilla_description":"CVE-2015-4835 OpenJDK: insufficient permission checks in StubGenerator (CORBA, 8076383)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.91-2.6.2.2.el6_7","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el7_1","java-1.7.0-openjdk-1:1.7.0.91-2.6.2.1.el7_1","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el7_1","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el7_1","java-1.8.0-openjdk-1:1.8.0.65-2.b17.ael7b_1","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el6_7","java-1.8.0-openjdk-1:1.8.0.65-0.b17.el6_7","java-1.7.0-ibm-1:1.7.0.9.20-1jpp.1.el5","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el6_7","java-1.6.0-ibm-1:1.6.0.16.15-1jpp.1.el6_7","java-1.8.0-ibm-1:1.8.0.2.0-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el5_11","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el5_11","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el6_7","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el5_11","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el6_7","java-1.7.1-ibm-1:1.7.1.3.20-1jpp.1.el6_7","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el7_1","java-1.7.0-openjdk-1:1.7.0.91-2.6.2.1.el5_11","java-1.7.1-ibm-1:1.7.1.3.20-1jpp.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4835.json"},{"CVE":"CVE-2015-4881","severity":"critical","public_date":"2015-10-20T00:00:00Z","advisories":["RHSA-2015:1926","RHSA-2015:2086","RHSA-2015:1927","RHSA-2015:1928","RHSA-2015:1919","RHSA-2015:1920","RHSA-2015:1921"],"bugzilla":"1273027","bugzilla_description":"CVE-2015-4881 OpenJDK: missing type checks in IIOPInputStream (CORBA, 8076392)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.91-2.6.2.2.el6_7","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el7_1","java-1.7.0-openjdk-1:1.7.0.91-2.6.2.1.el7_1","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el7_1","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el7_1","java-1.8.0-openjdk-1:1.8.0.65-2.b17.ael7b_1","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el6_7","java-1.8.0-openjdk-1:1.8.0.65-0.b17.el6_7","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el6_7","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el5_11","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el5_11","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el6_7","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el5_11","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el6_7","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el7_1","java-1.7.0-openjdk-1:1.7.0.91-2.6.2.1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4881.json"},{"CVE":"CVE-2015-4843","severity":"critical","public_date":"2015-10-20T00:00:00Z","advisories":["RHSA-2015:2507","RHSA-2015:2518","RHSA-2015:2508","RHSA-2016:1430","RHSA-2015:1926","RHSA-2015:2509","RHSA-2015:1927","RHSA-2015:1928","RHSA-2015:1919","RHSA-2015:1920","RHSA-2015:1921","RHSA-2015:2506","RHSA-2015:2086"],"bugzilla":"1273053","bugzilla_description":"CVE-2015-4843 OpenJDK: java.nio Buffers integer overflow issues (Libraries, 8130891)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-681->CWE-119","affected_packages":["java-1.7.0-openjdk-1:1.7.0.91-2.6.2.2.el6_7","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el7_1","java-1.7.0-openjdk-1:1.7.0.91-2.6.2.1.el7_1","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el7_1","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el7_1","java-1.8.0-openjdk-1:1.8.0.65-2.b17.ael7b_1","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el6_7","java-1.8.0-openjdk-1:1.8.0.65-0.b17.el6_7","java-1.5.0-ibm-1:1.5.0.16.14-1jpp.1.el6_7","java-1.7.0-ibm-1:1.7.0.9.20-1jpp.1.el5","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el6_7","java-1.6.0-ibm-1:1.6.0.16.15-1jpp.1.el6_7","java-1.8.0-ibm-1:1.8.0.2.0-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el5_11","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el5_11","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el6_7","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el5_11","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el6_7","java-1.7.1-ibm-1:1.7.1.3.20-1jpp.1.el6_7","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el7_1","java-1.7.0-openjdk-1:1.7.0.91-2.6.2.1.el5_11","java-1.7.1-ibm-1:1.7.1.3.20-1jpp.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4843.json"},{"CVE":"CVE-2015-4883","severity":"critical","public_date":"2015-10-20T00:00:00Z","advisories":["RHSA-2015:2507","RHSA-2015:2518","RHSA-2015:2508","RHSA-2016:1430","RHSA-2015:1926","RHSA-2015:2509","RHSA-2015:1927","RHSA-2015:1928","RHSA-2015:1919","RHSA-2015:1920","RHSA-2015:1921","RHSA-2015:2506","RHSA-2015:2086"],"bugzilla":"1273304","bugzilla_description":"CVE-2015-4883 OpenJDK: incorrect access control context used in DGCClient (RMI, 8076413)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.91-2.6.2.2.el6_7","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el7_1","java-1.7.0-openjdk-1:1.7.0.91-2.6.2.1.el7_1","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el7_1","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el7_1","java-1.8.0-openjdk-1:1.8.0.65-2.b17.ael7b_1","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el6_7","java-1.8.0-openjdk-1:1.8.0.65-0.b17.el6_7","java-1.5.0-ibm-1:1.5.0.16.14-1jpp.1.el6_7","java-1.7.0-ibm-1:1.7.0.9.20-1jpp.1.el5","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el6_7","java-1.6.0-ibm-1:1.6.0.16.15-1jpp.1.el6_7","java-1.8.0-ibm-1:1.8.0.2.0-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el5_11","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el5_11","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el6_7","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el5_11","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el6_7","java-1.7.1-ibm-1:1.7.1.3.20-1jpp.1.el6_7","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el7_1","java-1.7.0-openjdk-1:1.7.0.91-2.6.2.1.el5_11","java-1.7.1-ibm-1:1.7.1.3.20-1jpp.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4883.json"},{"CVE":"CVE-2015-4860","severity":"critical","public_date":"2015-10-20T00:00:00Z","advisories":["RHSA-2015:2507","RHSA-2015:2518","RHSA-2015:2508","RHSA-2016:1430","RHSA-2015:1926","RHSA-2015:2509","RHSA-2015:1927","RHSA-2015:1928","RHSA-2015:1919","RHSA-2015:1920","RHSA-2015:1921","RHSA-2015:2506","RHSA-2015:2086"],"bugzilla":"1273308","bugzilla_description":"CVE-2015-4860 OpenJDK: incorrect access control context used in DGCImpl (RMI, 8080688)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.91-2.6.2.2.el6_7","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el7_1","java-1.7.0-openjdk-1:1.7.0.91-2.6.2.1.el7_1","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el7_1","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el7_1","java-1.8.0-openjdk-1:1.8.0.65-2.b17.ael7b_1","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el6_7","java-1.8.0-openjdk-1:1.8.0.65-0.b17.el6_7","java-1.5.0-ibm-1:1.5.0.16.14-1jpp.1.el6_7","java-1.7.0-ibm-1:1.7.0.9.20-1jpp.1.el5","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el6_7","java-1.6.0-ibm-1:1.6.0.16.15-1jpp.1.el6_7","java-1.8.0-ibm-1:1.8.0.2.0-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el5_11","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el5_11","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el6_7","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el5_11","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el6_7","java-1.7.1-ibm-1:1.7.1.3.20-1jpp.1.el6_7","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el7_1","java-1.7.0-openjdk-1:1.7.0.91-2.6.2.1.el5_11","java-1.7.1-ibm-1:1.7.1.3.20-1jpp.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4860.json"},{"CVE":"CVE-2015-4805","severity":"critical","public_date":"2015-10-20T00:00:00Z","advisories":["RHSA-2015:2507","RHSA-2015:2518","RHSA-2015:2508","RHSA-2016:1430","RHSA-2015:1926","RHSA-2015:2509","RHSA-2015:1927","RHSA-2015:1928","RHSA-2015:1919","RHSA-2015:1920","RHSA-2015:1921","RHSA-2015:2506","RHSA-2015:2086"],"bugzilla":"1273311","bugzilla_description":"CVE-2015-4805 OpenJDK: missing checks for proper initialization in ObjectStreamClass (Serialization, 8103671)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-665","affected_packages":["java-1.7.0-openjdk-1:1.7.0.91-2.6.2.2.el6_7","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el7_1","java-1.7.0-openjdk-1:1.7.0.91-2.6.2.1.el7_1","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el7_1","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el7_1","java-1.8.0-openjdk-1:1.8.0.65-2.b17.ael7b_1","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el6_7","java-1.8.0-openjdk-1:1.8.0.65-0.b17.el6_7","java-1.5.0-ibm-1:1.5.0.16.14-1jpp.1.el6_7","java-1.7.0-ibm-1:1.7.0.9.20-1jpp.1.el5","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el6_7","java-1.6.0-ibm-1:1.6.0.16.15-1jpp.1.el6_7","java-1.8.0-ibm-1:1.8.0.2.0-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el5_11","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el5_11","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el6_7","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el5_11","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el6_7","java-1.7.1-ibm-1:1.7.1.3.20-1jpp.1.el6_7","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el7_1","java-1.7.0-openjdk-1:1.7.0.91-2.6.2.1.el5_11","java-1.7.1-ibm-1:1.7.1.3.20-1jpp.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4805.json"},{"CVE":"CVE-2015-4844","severity":"critical","public_date":"2015-10-20T00:00:00Z","advisories":["RHSA-2015:2507","RHSA-2015:2518","RHSA-2015:2508","RHSA-2016:1430","RHSA-2015:1926","RHSA-2015:2509","RHSA-2015:1927","RHSA-2015:1928","RHSA-2015:1919","RHSA-2015:1920","RHSA-2015:1921","RHSA-2015:2506","RHSA-2015:2086"],"bugzilla":"1273318","bugzilla_description":"CVE-2015-4844 ICU: missing boundary checks in layout engine (OpenJDK 2D, 8132042)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.91-2.6.2.2.el6_7","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el7_1","java-1.7.0-openjdk-1:1.7.0.91-2.6.2.1.el7_1","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el7_1","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el7_1","java-1.8.0-openjdk-1:1.8.0.65-2.b17.ael7b_1","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el6_7","java-1.8.0-openjdk-1:1.8.0.65-0.b17.el6_7","java-1.5.0-ibm-1:1.5.0.16.14-1jpp.1.el6_7","java-1.7.0-ibm-1:1.7.0.9.20-1jpp.1.el5","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el6_7","java-1.6.0-ibm-1:1.6.0.16.15-1jpp.1.el6_7","java-1.8.0-ibm-1:1.8.0.2.0-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el5_11","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el5_11","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el6_7","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el5_11","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el6_7","java-1.7.1-ibm-1:1.7.1.3.20-1jpp.1.el6_7","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el7_1","java-1.7.0-openjdk-1:1.7.0.91-2.6.2.1.el5_11","java-1.7.1-ibm-1:1.7.1.3.20-1jpp.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4844.json"},{"CVE":"CVE-2015-4868","severity":"moderate","public_date":"2015-10-20T00:00:00Z","advisories":["RHSA-2015:1926","RHSA-2015:1919"],"bugzilla":"1273328","bugzilla_description":"CVE-2015-4868 OpenJDK: CRL checking flaw (Libraries, 8081744)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el6_7","java-1.8.0-openjdk-1:1.8.0.65-2.b17.ael7b_1","java-1.8.0-openjdk-1:1.8.0.65-0.b17.el6_7","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4868.json"},{"CVE":"CVE-2015-4840","severity":"moderate","public_date":"2015-10-20T00:00:00Z","advisories":["RHSA-2015:2507","RHSA-2016:1430","RHSA-2015:1926","RHSA-2015:2509","RHSA-2015:1927","RHSA-2015:1919","RHSA-2015:1920","RHSA-2015:1921","RHSA-2015:2506"],"bugzilla":"1273338","bugzilla_description":"CVE-2015-4840 OpenJDK: OOB access in CMS code (2D, 8086092)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-125","affected_packages":["java-1.7.0-openjdk-1:1.7.0.91-2.6.2.2.el6_7","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el7_1","java-1.7.0-openjdk-1:1.7.0.91-2.6.2.1.el7_1","java-1.8.0-openjdk-1:1.8.0.65-2.b17.ael7b_1","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el6_7","java-1.8.0-openjdk-1:1.8.0.65-0.b17.el6_7","java-1.7.0-ibm-1:1.7.0.9.20-1jpp.1.el5","java-1.8.0-ibm-1:1.8.0.2.0-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el5_11","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el6_7","java-1.7.1-ibm-1:1.7.1.3.20-1jpp.1.el6_7","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el7_1","java-1.7.0-openjdk-1:1.7.0.91-2.6.2.1.el5_11","java-1.7.1-ibm-1:1.7.1.3.20-1jpp.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4840.json"},{"CVE":"CVE-2015-4882","severity":"moderate","public_date":"2015-10-20T00:00:00Z","advisories":["RHSA-2015:2507","RHSA-2015:2508","RHSA-2016:1430","RHSA-2015:1926","RHSA-2015:2086","RHSA-2015:2509","RHSA-2015:1927","RHSA-2015:1928","RHSA-2015:1919","RHSA-2015:1920","RHSA-2015:1921","RHSA-2015:2506"],"bugzilla":"1273414","bugzilla_description":"CVE-2015-4882 OpenJDK: incorrect String object deserialization in IIOPInputStream (CORBA, 8076387)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.91-2.6.2.2.el6_7","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el7_1","java-1.7.0-openjdk-1:1.7.0.91-2.6.2.1.el7_1","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el7_1","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el7_1","java-1.8.0-openjdk-1:1.8.0.65-2.b17.ael7b_1","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el6_7","java-1.8.0-openjdk-1:1.8.0.65-0.b17.el6_7","java-1.7.0-ibm-1:1.7.0.9.20-1jpp.1.el5","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el6_7","java-1.6.0-ibm-1:1.6.0.16.15-1jpp.1.el6_7","java-1.8.0-ibm-1:1.8.0.2.0-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el5_11","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el5_11","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el6_7","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el5_11","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el6_7","java-1.7.1-ibm-1:1.7.1.3.20-1jpp.1.el6_7","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el7_1","java-1.7.0-openjdk-1:1.7.0.91-2.6.2.1.el5_11","java-1.7.1-ibm-1:1.7.1.3.20-1jpp.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4882.json"},{"CVE":"CVE-2015-4842","severity":"moderate","public_date":"2015-10-20T00:00:00Z","advisories":["RHSA-2015:2507","RHSA-2015:2508","RHSA-2016:1430","RHSA-2015:1926","RHSA-2015:2086","RHSA-2015:2509","RHSA-2015:1927","RHSA-2015:1928","RHSA-2015:1919","RHSA-2015:1920","RHSA-2015:1921","RHSA-2015:2506"],"bugzilla":"1273425","bugzilla_description":"CVE-2015-4842 OpenJDK: leak of user.dir location (JAXP, 8078427)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-200","affected_packages":["java-1.7.0-openjdk-1:1.7.0.91-2.6.2.2.el6_7","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el7_1","java-1.7.0-openjdk-1:1.7.0.91-2.6.2.1.el7_1","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el7_1","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el7_1","java-1.8.0-openjdk-1:1.8.0.65-2.b17.ael7b_1","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el6_7","java-1.8.0-openjdk-1:1.8.0.65-0.b17.el6_7","java-1.7.0-ibm-1:1.7.0.9.20-1jpp.1.el5","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el6_7","java-1.6.0-ibm-1:1.6.0.16.15-1jpp.1.el6_7","java-1.8.0-ibm-1:1.8.0.2.0-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el5_11","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el5_11","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el6_7","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el5_11","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el6_7","java-1.7.1-ibm-1:1.7.1.3.20-1jpp.1.el6_7","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el7_1","java-1.7.0-openjdk-1:1.7.0.91-2.6.2.1.el5_11","java-1.7.1-ibm-1:1.7.1.3.20-1jpp.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4842.json"},{"CVE":"CVE-2015-4734","severity":"moderate","public_date":"2015-10-20T00:00:00Z","advisories":["RHSA-2015:2507","RHSA-2015:2508","RHSA-2016:1430","RHSA-2015:1926","RHSA-2015:2086","RHSA-2015:2509","RHSA-2015:1927","RHSA-2015:1928","RHSA-2015:1919","RHSA-2015:1920","RHSA-2015:1921","RHSA-2015:2506"],"bugzilla":"1273430","bugzilla_description":"CVE-2015-4734 OpenJDK: kerberos realm name leak (JGSS, 8048030)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-200","affected_packages":["java-1.7.0-openjdk-1:1.7.0.91-2.6.2.2.el6_7","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el7_1","java-1.7.0-openjdk-1:1.7.0.91-2.6.2.1.el7_1","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el7_1","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el7_1","java-1.8.0-openjdk-1:1.8.0.65-2.b17.ael7b_1","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el6_7","java-1.8.0-openjdk-1:1.8.0.65-0.b17.el6_7","java-1.7.0-ibm-1:1.7.0.9.20-1jpp.1.el5","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el6_7","java-1.6.0-ibm-1:1.6.0.16.15-1jpp.1.el6_7","java-1.8.0-ibm-1:1.8.0.2.0-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el5_11","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el5_11","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el6_7","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el5_11","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el6_7","java-1.7.1-ibm-1:1.7.1.3.20-1jpp.1.el6_7","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el7_1","java-1.7.0-openjdk-1:1.7.0.91-2.6.2.1.el5_11","java-1.7.1-ibm-1:1.7.1.3.20-1jpp.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4734.json"},{"CVE":"CVE-2015-4903","severity":"moderate","public_date":"2015-10-20T00:00:00Z","advisories":["RHSA-2015:2507","RHSA-2015:2518","RHSA-2015:2508","RHSA-2016:1430","RHSA-2015:1926","RHSA-2015:2509","RHSA-2015:1927","RHSA-2015:1928","RHSA-2015:1919","RHSA-2015:1920","RHSA-2015:1921","RHSA-2015:2506","RHSA-2015:2086"],"bugzilla":"1273496","bugzilla_description":"CVE-2015-4903 OpenJDK: insufficient proxy class checks in RemoteObjectInvocationHandler (RMI, 8076339)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.91-2.6.2.2.el6_7","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el7_1","java-1.7.0-openjdk-1:1.7.0.91-2.6.2.1.el7_1","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el7_1","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el7_1","java-1.8.0-openjdk-1:1.8.0.65-2.b17.ael7b_1","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el6_7","java-1.8.0-openjdk-1:1.8.0.65-0.b17.el6_7","java-1.5.0-ibm-1:1.5.0.16.14-1jpp.1.el6_7","java-1.7.0-ibm-1:1.7.0.9.20-1jpp.1.el5","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el6_7","java-1.6.0-ibm-1:1.6.0.16.15-1jpp.1.el6_7","java-1.8.0-ibm-1:1.8.0.2.0-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el5_11","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el5_11","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el6_7","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el5_11","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el6_7","java-1.7.1-ibm-1:1.7.1.3.20-1jpp.1.el6_7","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el7_1","java-1.7.0-openjdk-1:1.7.0.91-2.6.2.1.el5_11","java-1.7.1-ibm-1:1.7.1.3.20-1jpp.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4903.json"},{"CVE":"CVE-2015-4803","severity":"moderate","public_date":"2015-10-20T00:00:00Z","advisories":["RHSA-2015:2507","RHSA-2015:2508","RHSA-2016:1430","RHSA-2015:1926","RHSA-2015:2086","RHSA-2015:2509","RHSA-2015:1927","RHSA-2015:1928","RHSA-2015:1919","RHSA-2015:1920","RHSA-2015:1921","RHSA-2015:2506"],"bugzilla":"1273637","bugzilla_description":"CVE-2015-4803 OpenJDK: inefficient use of hash tables and lists during XML parsing (JAXP, 8068842)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-407","affected_packages":["java-1.8.0-openjdk-1:1.8.0.65-2.b17.el7_1","java-1.7.0-openjdk-1:1.7.0.91-2.6.2.1.ael7b_1","java-1.7.0-openjdk-1:1.7.0.91-2.6.2.2.el6_7","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el7_1","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el7_1","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el7_1","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el6_7","java-1.8.0-openjdk-1:1.8.0.65-0.b17.el6_7","java-1.7.0-ibm-1:1.7.0.9.20-1jpp.1.el5","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el6_7","java-1.6.0-ibm-1:1.6.0.16.15-1jpp.1.el6_7","java-1.8.0-ibm-1:1.8.0.2.0-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el5_11","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el5_11","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el6_7","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el5_11","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el6_7","java-1.7.1-ibm-1:1.7.1.3.20-1jpp.1.el6_7","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el7_1","java-1.7.0-openjdk-1:1.7.0.91-2.6.2.1.el5_11","java-1.7.1-ibm-1:1.7.1.3.20-1jpp.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4803.json"},{"CVE":"CVE-2015-4893","severity":"moderate","public_date":"2015-10-20T00:00:00Z","advisories":["RHSA-2015:2507","RHSA-2015:2508","RHSA-2016:1430","RHSA-2015:1926","RHSA-2015:2086","RHSA-2015:2509","RHSA-2015:1927","RHSA-2015:1928","RHSA-2015:1919","RHSA-2015:1920","RHSA-2015:1921","RHSA-2015:2506"],"bugzilla":"1273638","bugzilla_description":"CVE-2015-4893 OpenJDK: incomplete MaxXMLNameLimit enforcement (JAXP, 8086733)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-770","affected_packages":["java-1.8.0-openjdk-1:1.8.0.65-2.b17.el7_1","java-1.7.0-openjdk-1:1.7.0.91-2.6.2.1.ael7b_1","java-1.7.0-openjdk-1:1.7.0.91-2.6.2.2.el6_7","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el7_1","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el7_1","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el7_1","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el6_7","java-1.8.0-openjdk-1:1.8.0.65-0.b17.el6_7","java-1.7.0-ibm-1:1.7.0.9.20-1jpp.1.el5","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el6_7","java-1.6.0-ibm-1:1.6.0.16.15-1jpp.1.el6_7","java-1.8.0-ibm-1:1.8.0.2.0-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el5_11","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el5_11","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el6_7","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el5_11","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el6_7","java-1.7.1-ibm-1:1.7.1.3.20-1jpp.1.el6_7","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el7_1","java-1.7.0-openjdk-1:1.7.0.91-2.6.2.1.el5_11","java-1.7.1-ibm-1:1.7.1.3.20-1jpp.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4893.json"},{"CVE":"CVE-2015-4911","severity":"moderate","public_date":"2015-10-20T00:00:00Z","advisories":["RHSA-2015:1926","RHSA-2015:2086","RHSA-2015:1927","RHSA-2015:1928","RHSA-2015:1919","RHSA-2015:1920","RHSA-2015:1921"],"bugzilla":"1273645","bugzilla_description":"CVE-2015-4911 OpenJDK: incomplete supportDTD enforcement (JAXP, 8130078)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["java-1.8.0-openjdk-1:1.8.0.65-2.b17.el7_1","java-1.7.0-openjdk-1:1.7.0.91-2.6.2.1.ael7b_1","java-1.7.0-openjdk-1:1.7.0.91-2.6.2.2.el6_7","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el7_1","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el7_1","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el7_1","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el6_7","java-1.8.0-openjdk-1:1.8.0.65-0.b17.el6_7","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el6_7","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el5_11","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el5_11","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el6_7","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el5_11","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el6_7","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el7_1","java-1.7.0-openjdk-1:1.7.0.91-2.6.2.1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4911.json"},{"CVE":"CVE-2015-4872","severity":"moderate","public_date":"2015-10-20T00:00:00Z","advisories":["RHSA-2015:2507","RHSA-2015:2518","RHSA-2015:2508","RHSA-2016:1430","RHSA-2015:1926","RHSA-2015:2509","RHSA-2015:1927","RHSA-2015:1928","RHSA-2015:1919","RHSA-2015:1920","RHSA-2015:1921","RHSA-2015:2506","RHSA-2015:2086"],"bugzilla":"1273734","bugzilla_description":"CVE-2015-4872 OpenJDK: incomplete constraints enforcement by AlgorithmChecker (Security, 8131291)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.91-2.6.2.2.el6_7","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el7_1","java-1.7.0-openjdk-1:1.7.0.91-2.6.2.1.el7_1","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el7_1","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el7_1","java-1.8.0-openjdk-1:1.8.0.65-2.b17.ael7b_1","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el6_7","java-1.8.0-openjdk-1:1.8.0.65-0.b17.el6_7","java-1.5.0-ibm-1:1.5.0.16.14-1jpp.1.el6_7","java-1.7.0-ibm-1:1.7.0.9.20-1jpp.1.el5","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el6_7","java-1.6.0-ibm-1:1.6.0.16.15-1jpp.1.el6_7","java-1.8.0-ibm-1:1.8.0.2.0-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el5_11","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el5_11","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el6_7","java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el5_11","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el6_7","java-1.7.1-ibm-1:1.7.1.3.20-1jpp.1.el6_7","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el7_1","java-1.7.0-openjdk-1:1.7.0.91-2.6.2.1.el5_11","java-1.7.1-ibm-1:1.7.1.3.20-1jpp.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4872.json"},{"CVE":"CVE-2015-4901","severity":"critical","public_date":"2015-10-20T00:00:00Z","advisories":["RHSA-2015:1926"],"bugzilla":"1273856","bugzilla_description":"CVE-2015-4901 Oracle JDK: unspecified vulnerability fixed in 8u65 (JavaFX)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el6_7","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4901.json"},{"CVE":"CVE-2015-4810","severity":"important","public_date":"2015-10-20T00:00:00Z","advisories":["RHSA-2015:2507","RHSA-2016:1430","RHSA-2015:1926","RHSA-2015:2509","RHSA-2015:1927","RHSA-2015:2506"],"bugzilla":"1273858","bugzilla_description":"CVE-2015-4810 Oracle JDK: unspecified vulnerability fixed in 7u91 and 8u65 (Deployment)","cvss_score":6.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el5_11","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el7_1","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el6_7","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el6_7","java-1.7.1-ibm-1:1.7.1.3.20-1jpp.1.el6_7","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el7_1","java-1.7.0-ibm-1:1.7.0.9.20-1jpp.1.el5","java-1.7.1-ibm-1:1.7.1.3.20-1jpp.1.el7","java-1.8.0-ibm-1:1.8.0.2.0-1jpp.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4810.json"},{"CVE":"CVE-2015-4871","severity":"moderate","public_date":"2015-10-20T00:00:00Z","advisories":["RHSA-2016:0054","RHSA-2015:2507","RHSA-2016:1430","RHSA-2015:2509","RHSA-2015:1927","RHSA-2016:0053","RHSA-2015:2506"],"bugzilla":"1273859","bugzilla_description":"CVE-2015-4871 OpenJDK: protected methods can be used as interface methods via DirectMethodHandle (Libraries)","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el5_11","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el7_1","java-1.7.0-openjdk-1:1.7.0.95-2.6.4.0.el7_2","java-1.7.0-openjdk-1:1.7.0.95-2.6.4.1.el5_11","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el6_7","java-1.7.1-ibm-1:1.7.1.3.20-1jpp.1.el6_7","java-1.7.0-openjdk-1:1.7.0.95-2.6.4.0.el6_7","java-1.7.0-ibm-1:1.7.0.9.20-1jpp.1.el5","java-1.7.1-ibm-1:1.7.1.3.20-1jpp.1.el7","java-1.8.0-ibm-1:1.8.0.2.0-1jpp.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4871.json"},{"CVE":"CVE-2015-4902","severity":"moderate","public_date":"2015-10-20T00:00:00Z","advisories":["RHSA-2015:2507","RHSA-2015:2518","RHSA-2015:2508","RHSA-2016:1430","RHSA-2015:1926","RHSA-2015:2509","RHSA-2015:1927","RHSA-2015:1928","RHSA-2015:2506"],"bugzilla":"1273860","bugzilla_description":"CVE-2015-4902 Oracle JDK: unspecified vulnerability fixed in 6u105, 7u91 and 8u65 (Deployment)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el7_1","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el7_1","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el6_7","java-1.5.0-ibm-1:1.5.0.16.14-1jpp.1.el6_7","java-1.7.0-ibm-1:1.7.0.9.20-1jpp.1.el5","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el6_7","java-1.6.0-ibm-1:1.6.0.16.15-1jpp.1.el6_7","java-1.8.0-ibm-1:1.8.0.2.0-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.105-1jpp.2.el5_11","java-1.7.0-oracle-1:1.7.0.91-1jpp.1.el5_11","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el6_7","java-1.7.1-ibm-1:1.7.1.3.20-1jpp.1.el6_7","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el7_1","java-1.7.1-ibm-1:1.7.1.3.20-1jpp.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4902.json"},{"CVE":"CVE-2015-4906","severity":"moderate","public_date":"2015-10-20T00:00:00Z","advisories":["RHSA-2015:1926"],"bugzilla":"1273861","bugzilla_description":"CVE-2015-4906 Oracle JDK: unspecified vulnerability fixed in 8u65 (JavaFX)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el6_7","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4906.json"},{"CVE":"CVE-2015-4916","severity":"moderate","public_date":"2015-10-20T00:00:00Z","advisories":["RHSA-2015:1926"],"bugzilla":"1273862","bugzilla_description":"CVE-2015-4916 Oracle JDK: unspecified vulnerability fixed in 8u65 (JavaFX)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el6_7","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4916.json"},{"CVE":"CVE-2015-4908","severity":"moderate","public_date":"2015-10-20T00:00:00Z","advisories":["RHSA-2015:1926"],"bugzilla":"1273863","bugzilla_description":"CVE-2015-4908 Oracle JDK: unspecified vulnerability fixed in 8u65 (JavaFX)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el6_7","java-1.8.0-oracle-1:1.8.0.65-1jpp.3.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4908.json"},{"CVE":"CVE-2015-2601","severity":"moderate","public_date":"2015-07-14T00:00:00Z","advisories":["RHSA-2015:1604","RHSA-2015:1526","RHSA-2015:1229","RHSA-2015:1228","RHSA-2015:1544","RHSA-2015:1488","RHSA-2015:1486","RHSA-2015:1243","RHSA-2015:1485","RHSA-2015:1242","RHSA-2015:1241","RHSA-2015:1230"],"bugzilla":"1242019","bugzilla_description":"CVE-2015-2601 OpenJDK: non-constant time comparisons in crypto code (JCE, 8074865)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","CWE":"CWE-385","affected_packages":["java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el7_1","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el7_1","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el6_6","java-1.7.0-oracle-1:1.7.0.85-1jpp.1.el5_11","java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el6_6","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el6_6","java-1.7.1-ibm-1:1.7.1.3.10-1jpp.3.el6_7","java-1.5.0-ibm-1:1.5.0.16.13-1jpp.3.el5","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.3.el5_11","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el7_1","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el7_1","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el6_7","java-1.7.0-ibm-1:1.7.0.9.10-1jpp.2.el5","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.2.ael7b_1","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.3.el6_6","java-1.5.0-ibm-1:1.5.0.16.13-1jpp.3.el6_7","java-1.8.0-openjdk-1:1.8.0.51-0.b16.el6_6","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el5_11","java-1.6.0-ibm-1:1.6.0.16.7-1jpp.1.el6_7","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el5_11","java-1.6.0-ibm-1:1.6.0.16.7-1jpp.1.el5","java-1.8.0-openjdk-1:1.8.0.51-1.b16.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2601.json"},{"CVE":"CVE-2015-2659","severity":"moderate","public_date":"2015-07-14T00:00:00Z","advisories":["RHSA-2015:1228","RHSA-2015:1241"],"bugzilla":"1242144","bugzilla_description":"CVE-2015-2659 OpenJDK: GCM cipher issue causing JVM crash (Security, 8067648)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-476","affected_packages":["java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el7_1","java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el6_6","java-1.8.0-openjdk-1:1.8.0.51-0.b16.el6_6","java-1.8.0-openjdk-1:1.8.0.51-1.b16.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2659.json"},{"CVE":"CVE-2015-2628","severity":"critical","public_date":"2015-07-14T00:00:00Z","advisories":["RHSA-2015:1526","RHSA-2015:1229","RHSA-2015:1228","RHSA-2015:1243","RHSA-2015:1242","RHSA-2015:1241","RHSA-2015:1230"],"bugzilla":"1242232","bugzilla_description":"CVE-2015-2628 OpenJDK: IIOPInputStream type confusion vulnerability (CORBA, 8076376)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-843","affected_packages":["java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el7_1","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el7_1","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el6_6","java-1.7.0-oracle-1:1.7.0.85-1jpp.1.el5_11","java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el6_6","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el6_6","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.3.el5_11","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el7_1","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el7_1","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el6_7","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.2.ael7b_1","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.3.el6_6","java-1.8.0-openjdk-1:1.8.0.51-0.b16.el6_6","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el5_11","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el5_11","java-1.8.0-openjdk-1:1.8.0.51-1.b16.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2628.json"},{"CVE":"CVE-2015-4731","severity":"critical","public_date":"2015-07-14T00:00:00Z","advisories":["RHSA-2015:1604","RHSA-2015:1526","RHSA-2015:1229","RHSA-2015:1228","RHSA-2015:1544","RHSA-2015:1488","RHSA-2015:1486","RHSA-2015:1243","RHSA-2015:1485","RHSA-2015:1242","RHSA-2015:1241","RHSA-2015:1230"],"bugzilla":"1242234","bugzilla_description":"CVE-2015-4731 OpenJDK: improper permission checks in MBeanServerInvocationHandler (JMX, 8076397)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el7_1","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el7_1","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el6_6","java-1.7.0-oracle-1:1.7.0.85-1jpp.1.el5_11","java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el6_6","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el6_6","java-1.7.1-ibm-1:1.7.1.3.10-1jpp.3.el6_7","java-1.5.0-ibm-1:1.5.0.16.13-1jpp.3.el5","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.3.el5_11","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el7_1","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el7_1","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el6_7","java-1.7.0-ibm-1:1.7.0.9.10-1jpp.2.el5","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.2.ael7b_1","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.3.el6_6","java-1.5.0-ibm-1:1.5.0.16.13-1jpp.3.el6_7","java-1.8.0-openjdk-1:1.8.0.51-0.b16.el6_6","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el5_11","java-1.6.0-ibm-1:1.6.0.16.7-1jpp.1.el6_7","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el5_11","java-1.6.0-ibm-1:1.6.0.16.7-1jpp.1.el5","java-1.8.0-openjdk-1:1.8.0.51-1.b16.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4731.json"},{"CVE":"CVE-2015-4732","severity":"critical","public_date":"2015-07-14T00:00:00Z","advisories":["RHSA-2015:1604","RHSA-2015:1526","RHSA-2015:1229","RHSA-2015:1228","RHSA-2015:1544","RHSA-2015:1488","RHSA-2015:1486","RHSA-2015:1243","RHSA-2015:1485","RHSA-2015:1242","RHSA-2015:1241","RHSA-2015:1230"],"bugzilla":"1242240","bugzilla_description":"CVE-2015-4732 OpenJDK: insufficient context checks during object deserialization (Libraries, 8076405)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-567","affected_packages":["java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el7_1","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el7_1","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el6_6","java-1.7.0-oracle-1:1.7.0.85-1jpp.1.el5_11","java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el6_6","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el6_6","java-1.7.1-ibm-1:1.7.1.3.10-1jpp.3.el6_7","java-1.5.0-ibm-1:1.5.0.16.13-1jpp.3.el5","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.3.el5_11","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el7_1","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el7_1","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el6_7","java-1.7.0-ibm-1:1.7.0.9.10-1jpp.2.el5","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.2.ael7b_1","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.3.el6_6","java-1.5.0-ibm-1:1.5.0.16.13-1jpp.3.el6_7","java-1.8.0-openjdk-1:1.8.0.51-0.b16.el6_6","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el5_11","java-1.6.0-ibm-1:1.6.0.16.7-1jpp.1.el6_7","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el5_11","java-1.6.0-ibm-1:1.6.0.16.7-1jpp.1.el5","java-1.8.0-openjdk-1:1.8.0.51-1.b16.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4732.json"},{"CVE":"CVE-2015-4733","severity":"critical","public_date":"2015-07-14T00:00:00Z","advisories":["RHSA-2015:1604","RHSA-2015:1526","RHSA-2015:1229","RHSA-2015:1228","RHSA-2015:1544","RHSA-2015:1488","RHSA-2015:1486","RHSA-2015:1243","RHSA-2015:1485","RHSA-2015:1242","RHSA-2015:1241","RHSA-2015:1230"],"bugzilla":"1242275","bugzilla_description":"CVE-2015-4733 OpenJDK: RemoteObjectInvocationHandler allows calling finalize() (RMI, 8076409)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el7_1","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el7_1","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el6_6","java-1.7.0-oracle-1:1.7.0.85-1jpp.1.el5_11","java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el6_6","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el6_6","java-1.7.1-ibm-1:1.7.1.3.10-1jpp.3.el6_7","java-1.5.0-ibm-1:1.5.0.16.13-1jpp.3.el5","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.3.el5_11","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el7_1","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el7_1","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el6_7","java-1.7.0-ibm-1:1.7.0.9.10-1jpp.2.el5","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.2.ael7b_1","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.3.el6_6","java-1.5.0-ibm-1:1.5.0.16.13-1jpp.3.el6_7","java-1.8.0-openjdk-1:1.8.0.51-0.b16.el6_6","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el5_11","java-1.6.0-ibm-1:1.6.0.16.7-1jpp.1.el6_7","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el5_11","java-1.6.0-ibm-1:1.6.0.16.7-1jpp.1.el5","java-1.8.0-openjdk-1:1.8.0.51-1.b16.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4733.json"},{"CVE":"CVE-2015-4748","severity":"moderate","public_date":"2015-07-14T00:00:00Z","advisories":["RHSA-2015:1604","RHSA-2015:1526","RHSA-2015:1229","RHSA-2015:1228","RHSA-2015:1544","RHSA-2015:1488","RHSA-2015:1486","RHSA-2015:1243","RHSA-2015:1485","RHSA-2015:1242","RHSA-2015:1241","RHSA-2015:1230"],"bugzilla":"1242281","bugzilla_description":"CVE-2015-4748 OpenJDK: incorrect OCSP nextUpdate checking (Libraries, 8075374)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-299","affected_packages":["java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el7_1","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el7_1","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el6_6","java-1.7.0-oracle-1:1.7.0.85-1jpp.1.el5_11","java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el6_6","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el6_6","java-1.7.1-ibm-1:1.7.1.3.10-1jpp.3.el6_7","java-1.5.0-ibm-1:1.5.0.16.13-1jpp.3.el5","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.3.el5_11","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el7_1","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el7_1","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el6_7","java-1.7.0-ibm-1:1.7.0.9.10-1jpp.2.el5","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.2.ael7b_1","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.3.el6_6","java-1.5.0-ibm-1:1.5.0.16.13-1jpp.3.el6_7","java-1.8.0-openjdk-1:1.8.0.51-0.b16.el6_6","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el5_11","java-1.6.0-ibm-1:1.6.0.16.7-1jpp.1.el6_7","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el5_11","java-1.6.0-ibm-1:1.6.0.16.7-1jpp.1.el5","java-1.8.0-openjdk-1:1.8.0.51-1.b16.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4748.json"},{"CVE":"CVE-2015-2621","severity":"moderate","public_date":"2015-07-14T00:00:00Z","advisories":["RHSA-2015:1604","RHSA-2015:1526","RHSA-2015:1229","RHSA-2015:1228","RHSA-2015:1544","RHSA-2015:1488","RHSA-2015:1486","RHSA-2015:1243","RHSA-2015:1485","RHSA-2015:1242","RHSA-2015:1241","RHSA-2015:1230"],"bugzilla":"1242372","bugzilla_description":"CVE-2015-2621 OpenJDK: incorrect code permission checks in RMIConnectionImpl (JMX, 8075853)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el7_1","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el7_1","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el6_6","java-1.7.0-oracle-1:1.7.0.85-1jpp.1.el5_11","java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el6_6","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el6_6","java-1.7.1-ibm-1:1.7.1.3.10-1jpp.3.el6_7","java-1.5.0-ibm-1:1.5.0.16.13-1jpp.3.el5","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.3.el5_11","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el7_1","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el7_1","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el6_7","java-1.7.0-ibm-1:1.7.0.9.10-1jpp.2.el5","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.2.ael7b_1","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.3.el6_6","java-1.5.0-ibm-1:1.5.0.16.13-1jpp.3.el6_7","java-1.8.0-openjdk-1:1.8.0.51-0.b16.el6_6","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el5_11","java-1.6.0-ibm-1:1.6.0.16.7-1jpp.1.el6_7","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el5_11","java-1.6.0-ibm-1:1.6.0.16.7-1jpp.1.el5","java-1.8.0-openjdk-1:1.8.0.51-1.b16.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2621.json"},{"CVE":"CVE-2015-4749","severity":"moderate","public_date":"2015-07-14T00:00:00Z","advisories":["RHSA-2015:1604","RHSA-2015:1526","RHSA-2015:1229","RHSA-2015:1228","RHSA-2015:1544","RHSA-2015:1488","RHSA-2015:1486","RHSA-2015:1243","RHSA-2015:1485","RHSA-2015:1242","RHSA-2015:1241","RHSA-2015:1230"],"bugzilla":"1242379","bugzilla_description":"CVE-2015-4749 OpenJDK: DnsClient fails to release request information after error (JNDI, 8075378)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-772","affected_packages":["java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el7_1","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el7_1","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el6_6","java-1.7.0-oracle-1:1.7.0.85-1jpp.1.el5_11","java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el6_6","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el6_6","java-1.7.1-ibm-1:1.7.1.3.10-1jpp.3.el6_7","java-1.5.0-ibm-1:1.5.0.16.13-1jpp.3.el5","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.3.el5_11","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el7_1","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el7_1","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el6_7","java-1.7.0-ibm-1:1.7.0.9.10-1jpp.2.el5","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.2.ael7b_1","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.3.el6_6","java-1.5.0-ibm-1:1.5.0.16.13-1jpp.3.el6_7","java-1.8.0-openjdk-1:1.8.0.51-0.b16.el6_6","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el5_11","java-1.6.0-ibm-1:1.6.0.16.7-1jpp.1.el6_7","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el5_11","java-1.6.0-ibm-1:1.6.0.16.7-1jpp.1.el5","java-1.8.0-openjdk-1:1.8.0.51-1.b16.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4749.json"},{"CVE":"CVE-2015-2632","severity":"moderate","public_date":"2015-07-14T00:00:00Z","advisories":["RHSA-2015:1604","RHSA-2015:1526","RHSA-2015:1229","RHSA-2015:1228","RHSA-2015:1544","RHSA-2015:1488","RHSA-2015:1486","RHSA-2015:1243","RHSA-2015:1485","RHSA-2015:1242","RHSA-2015:1241","RHSA-2015:1230"],"bugzilla":"1242394","bugzilla_description":"CVE-2015-2632 ICU: integer overflow in LETableReference verifyLength() (OpenJDK 2D, 8077520)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-190->CWE-125","affected_packages":["java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el7_1","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el7_1","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el6_6","java-1.7.0-oracle-1:1.7.0.85-1jpp.1.el5_11","java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el6_6","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el6_6","java-1.7.1-ibm-1:1.7.1.3.10-1jpp.3.el6_7","java-1.5.0-ibm-1:1.5.0.16.13-1jpp.3.el5","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.3.el5_11","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el7_1","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el7_1","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el6_7","java-1.7.0-ibm-1:1.7.0.9.10-1jpp.2.el5","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.2.ael7b_1","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.3.el6_6","java-1.5.0-ibm-1:1.5.0.16.13-1jpp.3.el6_7","java-1.8.0-openjdk-1:1.8.0.51-0.b16.el6_6","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el5_11","java-1.6.0-ibm-1:1.6.0.16.7-1jpp.1.el6_7","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el5_11","java-1.6.0-ibm-1:1.6.0.16.7-1jpp.1.el5","java-1.8.0-openjdk-1:1.8.0.51-1.b16.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2632.json"},{"CVE":"CVE-2015-4760","severity":"critical","public_date":"2015-07-14T00:00:00Z","advisories":["RHSA-2015:1604","RHSA-2015:1526","RHSA-2015:1229","RHSA-2015:1228","RHSA-2015:1544","RHSA-2015:1488","RHSA-2015:1486","RHSA-2015:1243","RHSA-2015:1485","RHSA-2015:1242","RHSA-2015:1241","RHSA-2015:1230"],"bugzilla":"1242447","bugzilla_description":"CVE-2015-4760 ICU: missing boundary checks in layout engine (OpenJDK 2D, 8071715)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-787","affected_packages":["java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el7_1","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el7_1","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el6_6","java-1.7.0-oracle-1:1.7.0.85-1jpp.1.el5_11","java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el6_6","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el6_6","java-1.7.1-ibm-1:1.7.1.3.10-1jpp.3.el6_7","java-1.5.0-ibm-1:1.5.0.16.13-1jpp.3.el5","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.3.el5_11","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el7_1","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el7_1","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el6_7","java-1.7.0-ibm-1:1.7.0.9.10-1jpp.2.el5","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.2.ael7b_1","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.3.el6_6","java-1.5.0-ibm-1:1.5.0.16.13-1jpp.3.el6_7","java-1.8.0-openjdk-1:1.8.0.51-0.b16.el6_6","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el5_11","java-1.6.0-ibm-1:1.6.0.16.7-1jpp.1.el6_7","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el5_11","java-1.6.0-ibm-1:1.6.0.16.7-1jpp.1.el5","java-1.8.0-openjdk-1:1.8.0.51-1.b16.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4760.json"},{"CVE":"CVE-2015-2613","severity":"moderate","public_date":"2015-07-14T00:00:00Z","advisories":["RHSA-2015:1488","RHSA-2015:1485","RHSA-2015:1242","RHSA-2015:1241"],"bugzilla":"1242456","bugzilla_description":"CVE-2015-2613 NSS / JCE: missing EC parameter validation in ECDH_Derive() (OpenJDK JCE, 8075833)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","CWE":"CWE-358","affected_packages":["java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el7_1","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el7_1","java-1.7.0-oracle-1:1.7.0.85-1jpp.1.el5_11","java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el6_6","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el6_6","java-1.7.0-ibm-1:1.7.0.9.10-1jpp.2.el5","java-1.7.1-ibm-1:1.7.1.3.10-1jpp.3.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2613.json"},{"CVE":"CVE-2015-2590","severity":"critical","public_date":"2015-07-14T00:00:00Z","advisories":["RHSA-2015:1604","RHSA-2015:1526","RHSA-2015:1229","RHSA-2015:1228","RHSA-2015:1544","RHSA-2015:1488","RHSA-2015:1486","RHSA-2015:1243","RHSA-2015:1485","RHSA-2015:1242","RHSA-2015:1241","RHSA-2015:1230"],"bugzilla":"1243139","bugzilla_description":"CVE-2015-2590 OpenJDK: deserialization issue in ObjectInputStream.readSerialData() (Libraries, 8076401)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el7_1","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el7_1","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el6_6","java-1.7.0-oracle-1:1.7.0.85-1jpp.1.el5_11","java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el6_6","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el6_6","java-1.7.1-ibm-1:1.7.1.3.10-1jpp.3.el6_7","java-1.5.0-ibm-1:1.5.0.16.13-1jpp.3.el5","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.3.el5_11","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el7_1","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el7_1","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el6_7","java-1.7.0-ibm-1:1.7.0.9.10-1jpp.2.el5","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.2.ael7b_1","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.3.el6_6","java-1.5.0-ibm-1:1.5.0.16.13-1jpp.3.el6_7","java-1.8.0-openjdk-1:1.8.0.51-0.b16.el6_6","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el5_11","java-1.6.0-ibm-1:1.6.0.16.7-1jpp.1.el6_7","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el5_11","java-1.6.0-ibm-1:1.6.0.16.7-1jpp.1.el5","java-1.8.0-openjdk-1:1.8.0.51-1.b16.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2590.json"},{"CVE":"CVE-2015-2638","severity":"critical","public_date":"2015-07-14T00:00:00Z","advisories":["RHSA-2015:1604","RHSA-2015:1544","RHSA-2015:1488","RHSA-2015:1486","RHSA-2015:1243","RHSA-2015:1485","RHSA-2015:1242","RHSA-2015:1241"],"bugzilla":"1243283","bugzilla_description":"CVE-2015-2638 Oracle JDK: unspecified vulnerability fixed in 6u101, 7u85 and 8u51 (2D)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el7_1","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el7_1","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el6_6","java-1.7.0-oracle-1:1.7.0.85-1jpp.1.el5_11","java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el6_6","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el6_6","java-1.7.1-ibm-1:1.7.1.3.10-1jpp.3.el6_7","java-1.5.0-ibm-1:1.5.0.16.13-1jpp.3.el5","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el7_1","java-1.7.0-ibm-1:1.7.0.9.10-1jpp.2.el5","java-1.5.0-ibm-1:1.5.0.16.13-1jpp.3.el6_7","java-1.6.0-ibm-1:1.6.0.16.7-1jpp.1.el6_7","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el5_11","java-1.6.0-ibm-1:1.6.0.16.7-1jpp.1.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2638.json"},{"CVE":"CVE-2015-4736","severity":"critical","public_date":"2015-07-14T00:00:00Z","advisories":["RHSA-2015:1488","RHSA-2015:1485","RHSA-2015:1242","RHSA-2015:1241"],"bugzilla":"1243284","bugzilla_description":"CVE-2015-4736 Oracle JDK: unspecified vulnerability fixed in 7u85 and 8u51 (Deployment)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el7_1","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el7_1","java-1.7.0-oracle-1:1.7.0.85-1jpp.1.el5_11","java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el6_6","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el6_6","java-1.7.0-ibm-1:1.7.0.9.10-1jpp.2.el5","java-1.7.1-ibm-1:1.7.1.3.10-1jpp.3.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4736.json"},{"CVE":"CVE-2015-2597","severity":"important","public_date":"2015-07-14T00:00:00Z","advisories":[],"bugzilla":"1243285","bugzilla_description":"CVE-2015-2597 Oracle JDK: unspecified vulnerability fixed in 7u85 and 8u51 (Install)","cvss_score":7.2,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2597.json"},{"CVE":"CVE-2015-2619","severity":"moderate","public_date":"2015-07-14T00:00:00Z","advisories":["RHSA-2015:1488","RHSA-2015:1485","RHSA-2015:1242","RHSA-2015:1241"],"bugzilla":"1243286","bugzilla_description":"CVE-2015-2619 Oracle JDK: unspecified vulnerability fixed in 7u85 and 8u51 (2D)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el7_1","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el7_1","java-1.7.0-oracle-1:1.7.0.85-1jpp.1.el5_11","java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el6_6","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el6_6","java-1.7.0-ibm-1:1.7.0.9.10-1jpp.2.el5","java-1.7.1-ibm-1:1.7.1.3.10-1jpp.3.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2619.json"},{"CVE":"CVE-2015-2637","severity":"moderate","public_date":"2015-07-14T00:00:00Z","advisories":["RHSA-2015:1604","RHSA-2015:1544","RHSA-2015:1488","RHSA-2015:1486","RHSA-2015:1243","RHSA-2015:1485","RHSA-2015:1242","RHSA-2015:1241"],"bugzilla":"1243287","bugzilla_description":"CVE-2015-2637 Oracle JDK: unspecified vulnerability fixed in 6u101, 7u85 and 8u51 (2D)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el7_1","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el7_1","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el6_6","java-1.7.0-oracle-1:1.7.0.85-1jpp.1.el5_11","java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el6_6","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el6_6","java-1.7.1-ibm-1:1.7.1.3.10-1jpp.3.el6_7","java-1.5.0-ibm-1:1.5.0.16.13-1jpp.3.el5","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el7_1","java-1.7.0-ibm-1:1.7.0.9.10-1jpp.2.el5","java-1.5.0-ibm-1:1.5.0.16.13-1jpp.3.el6_7","java-1.6.0-ibm-1:1.6.0.16.7-1jpp.1.el6_7","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el5_11","java-1.6.0-ibm-1:1.6.0.16.7-1jpp.1.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2637.json"},{"CVE":"CVE-2015-2596","severity":"moderate","public_date":"2015-07-14T00:00:00Z","advisories":["RHSA-2015:1242"],"bugzilla":"1243288","bugzilla_description":"CVE-2015-2596 Oracle JDK: unspecified vulnerability fixed in 7u85 (Hotspot)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el7_1","java-1.7.0-oracle-1:1.7.0.85-1jpp.1.el5_11","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2596.json"},{"CVE":"CVE-2015-4729","severity":"moderate","public_date":"2015-07-14T00:00:00Z","advisories":["RHSA-2015:1488","RHSA-2015:1485","RHSA-2015:1242","RHSA-2015:1241"],"bugzilla":"1243290","bugzilla_description":"CVE-2015-4729 Oracle JDK: unspecified vulnerability fixed in 7u85 and 8u51 (Deployment)","cvss_score":4.0,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el7_1","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el7_1","java-1.7.0-oracle-1:1.7.0.85-1jpp.1.el5_11","java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el6_6","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el6_6","java-1.7.0-ibm-1:1.7.0.9.10-1jpp.2.el5","java-1.7.1-ibm-1:1.7.1.3.10-1jpp.3.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4729.json"},{"CVE":"CVE-2015-2627","severity":"low","public_date":"2015-07-14T00:00:00Z","advisories":["RHSA-2015:1243","RHSA-2015:1242","RHSA-2015:1241"],"bugzilla":"1243291","bugzilla_description":"CVE-2015-2627 Oracle JDK: unspecified vulnerability fixed in 6u101, 7u85 and 8u51 (Install)","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el7_1","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el7_1","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el6_6","java-1.7.0-oracle-1:1.7.0.85-1jpp.1.el5_11","java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el6_6","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el6_6","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el5_11","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2627.json"},{"CVE":"CVE-2015-2664","severity":"moderate","public_date":"2015-07-14T00:00:00Z","advisories":["RHSA-2015:1604","RHSA-2015:1544","RHSA-2015:1488","RHSA-2015:1486","RHSA-2015:1243","RHSA-2015:1485","RHSA-2015:1242","RHSA-2015:1241"],"bugzilla":"1243300","bugzilla_description":"CVE-2015-2664 Oracle JDK: unspecified vulnerability fixed in 6u101, 7u85 and 8u51 (Deployment)","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el7_1","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el7_1","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el6_6","java-1.7.0-oracle-1:1.7.0.85-1jpp.1.el5_11","java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el6_6","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el6_6","java-1.7.1-ibm-1:1.7.1.3.10-1jpp.3.el6_7","java-1.5.0-ibm-1:1.5.0.16.13-1jpp.3.el5","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el7_1","java-1.7.0-ibm-1:1.7.0.9.10-1jpp.2.el5","java-1.5.0-ibm-1:1.5.0.16.13-1jpp.3.el6_7","java-1.6.0-ibm-1:1.6.0.16.7-1jpp.1.el6_7","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el5_11","java-1.6.0-ibm-1:1.6.0.16.7-1jpp.1.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2664.json"},{"CVE":"CVE-2015-4000","severity":"moderate","public_date":"2015-05-20T00:00:00Z","advisories":["RHSA-2015:1604","RHSA-2015:1526","RHSA-2015:1229","RHSA-2016:2056","RHSA-2015:1228","RHSA-2015:1544","RHSA-2015:1488","RHSA-2015:1486","RHSA-2016:1624","RHSA-2015:1243","RHSA-2015:1485","RHSA-2015:1242","RHSA-2015:1241","RHSA-2015:1197","RHSA-2015:1230","RHSA-2015:1185","RHSA-2015:1072"],"bugzilla":"1223211","bugzilla_description":"CVE-2015-4000 LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-327","affected_packages":["java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el7_1","nss-0:3.19.1-3.el6_6","java-1.7.0-oracle-1:1.7.0.85-1jpp.1.el5_11","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el6_6","java-1.7.1-ibm-1:1.7.1.3.10-1jpp.3.el6_7","java-1.5.0-ibm-1:1.5.0.16.13-1jpp.3.el5","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.3.el5_11","nss-0:3.19.1-3.ael7b_1","java-1.7.0-ibm-1:1.7.0.9.10-1jpp.2.el5","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.2.ael7b_1","openssl-0:1.0.1e-30.el6_6.9","java-1.8.0-openjdk-1:1.8.0.51-0.b16.el6_6","java-1.6.0-ibm-1:1.6.0.16.7-1jpp.1.el6_7","java-1.6.0-ibm-1:1.6.0.16.7-1jpp.1.el5","java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el7_1","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el6_6","java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el6_6","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el7_1","openssl-1:1.0.1e-42.ael7b_1.6","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el7_1","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el6_7","java-1.8.0-openjdk-1:1.8.0.51-1.b16.ael7b_1","openssl-0:0.9.8e-36.el5_11","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.3.el6_6","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el5_11","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4000.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N","cvss3_score":"3.7"},{"CVE":"CVE-2015-0478","severity":"low","public_date":"2015-04-14T00:00:00Z","advisories":["RHSA-2015:0854","RHSA-2015:1091","RHSA-2015:1007","RHSA-2015:1006","RHSA-2015:0809","RHSA-2015:0808","RHSA-2015:0807","RHSA-2015:0806","RHSA-2015:1021","RHSA-2015:1020","RHSA-2015:0858","RHSA-2015:0857"],"bugzilla":"1210355","bugzilla_description":"CVE-2015-0478 OpenJDK: insufficient hardening of RSA-CRT implementation (JCE, 8071726)","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:N/A:N","CWE":"CWE-358","affected_packages":["java-1.7.0-ibm-1:1.7.0.9.0-1jpp.1.el5","java-1.8.0-oracle-1:1.8.0.45-1jpp.2.el7_1","java-1.6.0-ibm-1:1.6.0.16.4-1jpp.1.el6_6","java-1.5.0-ibm-1:1.5.0.16.10-1jpp.1.el6_6","java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el7_1","java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el5_11","java-1.6.0-openjdk-1:1.6.0.35-1.13.7.1.el6_6","java-1.6.0-openjdk-1:1.6.0.35-1.13.7.1.el5_11","java-1.6.0-openjdk-1:1.6.0.35-1.13.7.1.el7_1","java-1.6.0-sun-1:1.6.0.95-1jpp.3.el6_6","java-1.7.0-openjdk-1:1.7.0.79-2.5.5.1.el7_1","java-1.8.0-openjdk-1:1.8.0.45-30.b13.el7_1","java-1.7.1-ibm-1:1.7.1.3.0-1jpp.2.el6_6","java-1.6.0-sun-1:1.6.0.95-1jpp.3.el7_1","java-1.7.0-openjdk-1:1.7.0.79-2.5.5.1.el6_6","java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el6_6","java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11","java-1.6.0-sun-1:1.6.0.95-1jpp.3.el5_11","java-1.8.0-oracle-1:1.8.0.45-1jpp.2.el6_6","java-1.8.0-openjdk-1:1.8.0.45-28.b13.el6_6","java-1.7.1-ibm-1:1.7.1.3.0-1jpp.2.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0478.json"},{"CVE":"CVE-2015-0469","severity":"critical","public_date":"2015-04-14T00:00:00Z","advisories":["RHSA-2015:0854","RHSA-2015:1091","RHSA-2015:1007","RHSA-2015:1006","RHSA-2015:0809","RHSA-2015:0808","RHSA-2015:0807","RHSA-2015:0806","RHSA-2015:1021","RHSA-2015:1020","RHSA-2015:0858","RHSA-2015:0857"],"bugzilla":"1210829","bugzilla_description":"CVE-2015-0469 ICU: layout engine glyphStorage off-by-one (OpenJDK 2D, 8067699)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-193->CWE-122","affected_packages":["java-1.7.0-ibm-1:1.7.0.9.0-1jpp.1.el5","java-1.8.0-oracle-1:1.8.0.45-1jpp.2.el7_1","java-1.6.0-ibm-1:1.6.0.16.4-1jpp.1.el6_6","java-1.5.0-ibm-1:1.5.0.16.10-1jpp.1.el6_6","java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el7_1","java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el5_11","java-1.6.0-openjdk-1:1.6.0.35-1.13.7.1.el6_6","java-1.6.0-openjdk-1:1.6.0.35-1.13.7.1.el5_11","java-1.6.0-openjdk-1:1.6.0.35-1.13.7.1.el7_1","java-1.6.0-sun-1:1.6.0.95-1jpp.3.el6_6","java-1.7.0-openjdk-1:1.7.0.79-2.5.5.1.el7_1","java-1.8.0-openjdk-1:1.8.0.45-30.b13.el7_1","java-1.7.1-ibm-1:1.7.1.3.0-1jpp.2.el6_6","java-1.6.0-sun-1:1.6.0.95-1jpp.3.el7_1","java-1.7.0-openjdk-1:1.7.0.79-2.5.5.1.el6_6","java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el6_6","java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11","java-1.6.0-sun-1:1.6.0.95-1jpp.3.el5_11","java-1.8.0-oracle-1:1.8.0.45-1jpp.2.el6_6","java-1.8.0-openjdk-1:1.8.0.45-28.b13.el6_6","java-1.7.1-ibm-1:1.7.1.3.0-1jpp.2.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0469.json"},{"CVE":"CVE-2015-0460","severity":"critical","public_date":"2015-04-14T00:00:00Z","advisories":["RHSA-2015:0854","RHSA-2015:0809","RHSA-2015:0808","RHSA-2015:0807","RHSA-2015:0806","RHSA-2015:0858","RHSA-2015:0857"],"bugzilla":"1211285","bugzilla_description":"CVE-2015-0460 OpenJDK: incorrect handling of phantom references (Hotspot, 8071931)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.45-1jpp.2.el7_1","java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el7_1","java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el5_11","java-1.6.0-openjdk-1:1.6.0.35-1.13.7.1.el6_6","java-1.6.0-openjdk-1:1.6.0.35-1.13.7.1.el5_11","java-1.6.0-openjdk-1:1.6.0.35-1.13.7.1.el7_1","java-1.6.0-sun-1:1.6.0.95-1jpp.3.el6_6","java-1.7.0-openjdk-1:1.7.0.79-2.5.5.1.el7_1","java-1.8.0-openjdk-1:1.8.0.45-30.b13.el7_1","java-1.6.0-sun-1:1.6.0.95-1jpp.3.el7_1","java-1.7.0-openjdk-1:1.7.0.79-2.5.5.1.el6_6","java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el6_6","java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11","java-1.6.0-sun-1:1.6.0.95-1jpp.3.el5_11","java-1.8.0-oracle-1:1.8.0.45-1jpp.2.el6_6","java-1.8.0-openjdk-1:1.8.0.45-28.b13.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0460.json"},{"CVE":"CVE-2015-0477","severity":"moderate","public_date":"2015-04-14T00:00:00Z","advisories":["RHSA-2015:0854","RHSA-2015:1091","RHSA-2015:1007","RHSA-2015:1006","RHSA-2015:0809","RHSA-2015:0808","RHSA-2015:0807","RHSA-2015:0806","RHSA-2015:1021","RHSA-2015:1020","RHSA-2015:0858","RHSA-2015:0857"],"bugzilla":"1211299","bugzilla_description":"CVE-2015-0477 OpenJDK: incorrect permissions check in resource loading (Beans, 8068320)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.9.0-1jpp.1.el5","java-1.8.0-oracle-1:1.8.0.45-1jpp.2.el7_1","java-1.6.0-ibm-1:1.6.0.16.4-1jpp.1.el6_6","java-1.5.0-ibm-1:1.5.0.16.10-1jpp.1.el6_6","java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el7_1","java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el5_11","java-1.6.0-openjdk-1:1.6.0.35-1.13.7.1.el6_6","java-1.6.0-openjdk-1:1.6.0.35-1.13.7.1.el5_11","java-1.6.0-openjdk-1:1.6.0.35-1.13.7.1.el7_1","java-1.6.0-sun-1:1.6.0.95-1jpp.3.el6_6","java-1.7.0-openjdk-1:1.7.0.79-2.5.5.1.el7_1","java-1.8.0-openjdk-1:1.8.0.45-30.b13.el7_1","java-1.7.1-ibm-1:1.7.1.3.0-1jpp.2.el6_6","java-1.6.0-sun-1:1.6.0.95-1jpp.3.el7_1","java-1.7.0-openjdk-1:1.7.0.79-2.5.5.1.el6_6","java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el6_6","java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11","java-1.6.0-sun-1:1.6.0.95-1jpp.3.el5_11","java-1.8.0-oracle-1:1.8.0.45-1jpp.2.el6_6","java-1.8.0-openjdk-1:1.8.0.45-28.b13.el6_6","java-1.7.1-ibm-1:1.7.1.3.0-1jpp.2.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0477.json"},{"CVE":"CVE-2015-0470","severity":"moderate","public_date":"2015-04-14T00:00:00Z","advisories":["RHSA-2015:0854","RHSA-2015:0809"],"bugzilla":"1211387","bugzilla_description":"CVE-2015-0470 OpenJDK: incorrect handling of default methods (Hotspot, 8065366)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.45-1jpp.2.el7_1","java-1.8.0-openjdk-1:1.8.0.45-30.b13.el7_1","java-1.8.0-oracle-1:1.8.0.45-1jpp.2.el6_6","java-1.8.0-openjdk-1:1.8.0.45-28.b13.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0470.json"},{"CVE":"CVE-2015-0488","severity":"moderate","public_date":"2015-04-14T00:00:00Z","advisories":["RHSA-2015:0854","RHSA-2015:1091","RHSA-2015:1007","RHSA-2015:1006","RHSA-2015:0809","RHSA-2015:0808","RHSA-2015:0807","RHSA-2015:0806","RHSA-2015:1021","RHSA-2015:1020","RHSA-2015:0858","RHSA-2015:0857"],"bugzilla":"1211543","bugzilla_description":"CVE-2015-0488 OpenJDK: certificate options parsing uncaught exception (JSSE, 8068720)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-248","affected_packages":["java-1.7.0-ibm-1:1.7.0.9.0-1jpp.1.el5","java-1.8.0-oracle-1:1.8.0.45-1jpp.2.el7_1","java-1.6.0-ibm-1:1.6.0.16.4-1jpp.1.el6_6","java-1.5.0-ibm-1:1.5.0.16.10-1jpp.1.el6_6","java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el7_1","java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el5_11","java-1.6.0-openjdk-1:1.6.0.35-1.13.7.1.el6_6","java-1.6.0-openjdk-1:1.6.0.35-1.13.7.1.el5_11","java-1.6.0-openjdk-1:1.6.0.35-1.13.7.1.el7_1","java-1.6.0-sun-1:1.6.0.95-1jpp.3.el6_6","java-1.7.0-openjdk-1:1.7.0.79-2.5.5.1.el7_1","java-1.8.0-openjdk-1:1.8.0.45-30.b13.el7_1","java-1.7.1-ibm-1:1.7.1.3.0-1jpp.2.el6_6","java-1.6.0-sun-1:1.6.0.95-1jpp.3.el7_1","java-1.7.0-openjdk-1:1.7.0.79-2.5.5.1.el6_6","java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el6_6","java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11","java-1.6.0-sun-1:1.6.0.95-1jpp.3.el5_11","java-1.8.0-oracle-1:1.8.0.45-1jpp.2.el6_6","java-1.8.0-openjdk-1:1.8.0.45-28.b13.el6_6","java-1.7.1-ibm-1:1.7.1.3.0-1jpp.2.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0488.json"},{"CVE":"CVE-2015-0459","severity":"critical","public_date":"2015-04-14T00:00:00Z","advisories":["RHSA-2015:0854","RHSA-2015:1091","RHSA-2015:1007","RHSA-2015:1006","RHSA-2015:1021","RHSA-2015:1020","RHSA-2015:0858","RHSA-2015:0857"],"bugzilla":"1211768","bugzilla_description":"CVE-2015-0459 Oracle JDK: unspecified vulnerability fixed in 5.0u85, 6u95, 7u79 and 8u45 (2D)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.9.0-1jpp.1.el5","java-1.8.0-oracle-1:1.8.0.45-1jpp.2.el7_1","java-1.6.0-ibm-1:1.6.0.16.4-1jpp.1.el6_6","java-1.5.0-ibm-1:1.5.0.16.10-1jpp.1.el6_6","java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el7_1","java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el5_11","java-1.6.0-sun-1:1.6.0.95-1jpp.3.el6_6","java-1.7.1-ibm-1:1.7.1.3.0-1jpp.2.el6_6","java-1.6.0-sun-1:1.6.0.95-1jpp.3.el7_1","java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el6_6","java-1.6.0-sun-1:1.6.0.95-1jpp.3.el5_11","java-1.8.0-oracle-1:1.8.0.45-1jpp.2.el6_6","java-1.7.1-ibm-1:1.7.1.3.0-1jpp.2.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0459.json"},{"CVE":"CVE-2015-0491","severity":"critical","public_date":"2015-04-14T00:00:00Z","advisories":["RHSA-2015:0854","RHSA-2015:1091","RHSA-2015:1007","RHSA-2015:1006","RHSA-2015:1021","RHSA-2015:1020","RHSA-2015:0858","RHSA-2015:0857"],"bugzilla":"1211769","bugzilla_description":"CVE-2015-0491 Oracle JDK: unspecified vulnerability fixed in 5.0u85, 6u95, 7u79 and 8u45 (2D)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.9.0-1jpp.1.el5","java-1.8.0-oracle-1:1.8.0.45-1jpp.2.el7_1","java-1.6.0-ibm-1:1.6.0.16.4-1jpp.1.el6_6","java-1.5.0-ibm-1:1.5.0.16.10-1jpp.1.el6_6","java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el7_1","java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el5_11","java-1.6.0-sun-1:1.6.0.95-1jpp.3.el6_6","java-1.7.1-ibm-1:1.7.1.3.0-1jpp.2.el6_6","java-1.6.0-sun-1:1.6.0.95-1jpp.3.el7_1","java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el6_6","java-1.6.0-sun-1:1.6.0.95-1jpp.3.el5_11","java-1.8.0-oracle-1:1.8.0.45-1jpp.2.el6_6","java-1.7.1-ibm-1:1.7.1.3.0-1jpp.2.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0491.json"},{"CVE":"CVE-2015-0492","severity":"critical","public_date":"2015-04-14T00:00:00Z","advisories":["RHSA-2015:0854","RHSA-2015:0857"],"bugzilla":"1211770","bugzilla_description":"CVE-2015-0492 Oracle JDK: unspecified vulnerability fixed in 7u79 and 8u45 (JavaFX)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.45-1jpp.2.el7_1","java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el7_1","java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el5_11","java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el6_6","java-1.8.0-oracle-1:1.8.0.45-1jpp.2.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0492.json"},{"CVE":"CVE-2015-0458","severity":"important","public_date":"2015-04-14T00:00:00Z","advisories":["RHSA-2015:0854","RHSA-2015:1091","RHSA-2015:1007","RHSA-2015:1006","RHSA-2015:1020","RHSA-2015:0858","RHSA-2015:0857"],"bugzilla":"1211771","bugzilla_description":"CVE-2015-0458 Oracle JDK: unspecified vulnerability fixed in 6u95, 7u79 and 8u45 (Deployment)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.9.0-1jpp.1.el5","java-1.8.0-oracle-1:1.8.0.45-1jpp.2.el7_1","java-1.6.0-ibm-1:1.6.0.16.4-1jpp.1.el6_6","java-1.6.0-sun-1:1.6.0.95-1jpp.3.el6_6","java-1.7.1-ibm-1:1.7.1.3.0-1jpp.2.el6_6","java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el7_1","java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el5_11","java-1.6.0-sun-1:1.6.0.95-1jpp.3.el7_1","java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el6_6","java-1.6.0-sun-1:1.6.0.95-1jpp.3.el5_11","java-1.8.0-oracle-1:1.8.0.45-1jpp.2.el6_6","java-1.7.1-ibm-1:1.7.1.3.0-1jpp.2.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0458.json"},{"CVE":"CVE-2015-0484","severity":"important","public_date":"2015-04-14T00:00:00Z","advisories":["RHSA-2015:0854","RHSA-2015:0857"],"bugzilla":"1211773","bugzilla_description":"CVE-2015-0484 Oracle JDK: unspecified vulnerability fixed in 7u79 and 8u45 (JavaFX)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.45-1jpp.2.el7_1","java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el7_1","java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el5_11","java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el6_6","java-1.8.0-oracle-1:1.8.0.45-1jpp.2.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0484.json"},{"CVE":"CVE-2015-0486","severity":"moderate","public_date":"2015-04-14T00:00:00Z","advisories":["RHSA-2015:0854"],"bugzilla":"1211774","bugzilla_description":"CVE-2015-0486 Oracle JDK: unspecified vulnerability fixed in 8u45 (Deployment)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.45-1jpp.2.el7_1","java-1.8.0-oracle-1:1.8.0.45-1jpp.2.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0486.json"},{"CVE":"CVE-2015-2808","severity":"moderate","public_date":"2015-03-30T00:00:00Z","advisories":["RHSA-2015:1526","RHSA-2015:1229","RHSA-2015:1228","RHSA-2015:1091","RHSA-2015:1007","RHSA-2015:1006","RHSA-2015:1243","RHSA-2015:1242","RHSA-2015:1241","RHSA-2015:1230","RHSA-2015:1021","RHSA-2015:1020"],"bugzilla":"1207101","bugzilla_description":"CVE-2015-2808 SSL/TLS: \"Invariance Weakness\" vulnerability in RC4 stream cipher","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el7_1","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el7_1","java-1.7.0-ibm-1:1.7.0.9.0-1jpp.1.el5","java-1.6.0-ibm-1:1.6.0.16.4-1jpp.1.el6_6","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el6_6","java-1.5.0-ibm-1:1.5.0.16.10-1jpp.1.el6_6","java-1.7.0-oracle-1:1.7.0.85-1jpp.1.el5_11","java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el6_6","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el6_6","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.3.el5_11","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el7_1","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el7_1","java-1.7.1-ibm-1:1.7.1.3.0-1jpp.2.el6_6","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el6_7","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.2.ael7b_1","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.3.el6_6","java-1.8.0-openjdk-1:1.8.0.51-0.b16.el6_6","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el5_11","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el5_11","java-1.8.0-openjdk-1:1.8.0.51-1.b16.el7_1","java-1.7.1-ibm-1:1.7.1.3.0-1jpp.2.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2808.json"},{"CVE":"CVE-2015-0383","severity":"low","public_date":"2015-01-20T00:00:00Z","advisories":["RHSA-2015:0080","RHSA-2015:0069","RHSA-2015:0079","RHSA-2015:0068","RHSA-2015:0067","RHSA-2015:0086","RHSA-2015:0085"],"bugzilla":"1123870","bugzilla_description":"CVE-2015-0383 OpenJDK: insecure hsperfdata temporary file handling (Hotspot, 8050807)","cvss_score":3.3,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:P/A:P","CWE":"CWE-377","affected_packages":["java-1.8.0-openjdk-1:1.8.0.31-1.b13.el6_6","java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el6_6","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el5_11","java-1.7.0-openjdk-1:1.7.0.75-2.5.4.0.el6_6","java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el7_0","java-1.8.0-oracle-1:1.8.0.31-1jpp.1.el6","java-1.7.0-openjdk-1:1.7.0.75-2.5.4.2.el7_0","java-1.7.0-oracle-1:1.7.0.75-1jpp.1.el6","java-1.7.0-openjdk-1:1.7.0.75-2.5.4.0.el5_11","java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el5_11","java-1.7.0-oracle-1:1.7.0.75-1jpp.1.el5_11","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el6","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.75-1jpp.2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0383.json"},{"CVE":"CVE-2014-6601","severity":"critical","public_date":"2015-01-20T00:00:00Z","advisories":["RHSA-2015:0080","RHSA-2015:0069","RHSA-2015:0079","RHSA-2015:0068","RHSA-2015:0067","RHSA-2015:0086","RHSA-2015:0085"],"bugzilla":"1183020","bugzilla_description":"CVE-2014-6601 OpenJDK: class verifier insufficient invokespecial calls verification (Hotspot, 8058982)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.8.0-openjdk-1:1.8.0.31-1.b13.el6_6","java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el6_6","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el5_11","java-1.7.0-openjdk-1:1.7.0.75-2.5.4.0.el6_6","java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el7_0","java-1.8.0-oracle-1:1.8.0.31-1jpp.1.el6","java-1.7.0-openjdk-1:1.7.0.75-2.5.4.2.el7_0","java-1.7.0-oracle-1:1.7.0.75-1jpp.1.el6","java-1.7.0-openjdk-1:1.7.0.75-2.5.4.0.el5_11","java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el5_11","java-1.7.0-oracle-1:1.7.0.75-1jpp.1.el5_11","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el6","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.75-1jpp.2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6601.json"},{"CVE":"CVE-2015-0412","severity":"critical","public_date":"2015-01-20T00:00:00Z","advisories":["RHSA-2015:0080","RHSA-2015:0069","RHSA-2015:0135","RHSA-2015:0079","RHSA-2015:0068","RHSA-2015:0134","RHSA-2015:0067","RHSA-2015:0133","RHSA-2015:0264","RHSA-2015:0263","RHSA-2015:0086","RHSA-2015:0085"],"bugzilla":"1183021","bugzilla_description":"CVE-2015-0412 OpenJDK: insufficient code privileges checks (JAX-WS, 8054367)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.8.0-openjdk-1:1.8.0.31-1.b13.el6_6","java-1.6.0-ibm-1:1.6.0.16.3-1jpp.1.el6_6","java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el6_6","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el5_11","java-1.7.0-openjdk-1:1.7.0.75-2.5.4.0.el6_6","java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el7_0","java-1.8.0-oracle-1:1.8.0.31-1jpp.1.el6","java-1.7.0-openjdk-1:1.7.0.75-2.5.4.2.el7_0","java-1.7.0-oracle-1:1.7.0.75-1jpp.1.el6","java-1.7.0-openjdk-1:1.7.0.75-2.5.4.0.el5_11","java-1.7.1-ibm-1:1.7.1.2.10-1jpp.3.el6_6","java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el5_11","java-1.7.0-oracle-1:1.7.0.75-1jpp.1.el5_11","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el6","java-1.7.0-ibm-1:1.7.0.8.10-1jpp.4.el5","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el7","java-1.6.0-ibm-1:1.6.0.16.3-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.2.10-1jpp.3.el7_0","java-1.7.0-oracle-1:1.7.0.75-1jpp.2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0412.json"},{"CVE":"CVE-2015-0408","severity":"critical","public_date":"2015-01-20T00:00:00Z","advisories":["RHSA-2015:0136","RHSA-2015:0069","RHSA-2015:0135","RHSA-2015:0079","RHSA-2015:0068","RHSA-2015:0134","RHSA-2015:0080","RHSA-2015:0067","RHSA-2015:0133","RHSA-2015:0264","RHSA-2015:0263","RHSA-2015:0086","RHSA-2015:0085"],"bugzilla":"1183023","bugzilla_description":"CVE-2015-0408 OpenJDK: incorrect context class loader use in RMI transport (RMI, 8055309)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.8.0-openjdk-1:1.8.0.31-1.b13.el6_6","java-1.6.0-ibm-1:1.6.0.16.3-1jpp.1.el6_6","java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el6_6","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el5_11","java-1.7.0-openjdk-1:1.7.0.75-2.5.4.0.el6_6","java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el7_0","java-1.8.0-oracle-1:1.8.0.31-1jpp.1.el6","java-1.7.0-openjdk-1:1.7.0.75-2.5.4.2.el7_0","java-1.7.0-oracle-1:1.7.0.75-1jpp.1.el6","java-1.7.0-openjdk-1:1.7.0.75-2.5.4.0.el5_11","java-1.7.1-ibm-1:1.7.1.2.10-1jpp.3.el6_6","java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el5_11","java-1.7.0-oracle-1:1.7.0.75-1jpp.1.el5_11","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el6","java-1.7.0-ibm-1:1.7.0.8.10-1jpp.4.el5","java-1.5.0-ibm-1:1.5.0.16.9-1jpp.1.el6_6","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el7","java-1.6.0-ibm-1:1.6.0.16.3-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.2.10-1jpp.3.el7_0","java-1.7.0-oracle-1:1.7.0.75-1jpp.2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0408.json"},{"CVE":"CVE-2015-0395","severity":"critical","public_date":"2015-01-20T00:00:00Z","advisories":["RHSA-2015:0080","RHSA-2015:0136","RHSA-2015:0069","RHSA-2015:0135","RHSA-2015:0079","RHSA-2015:0068","RHSA-2015:0067","RHSA-2015:0264","RHSA-2015:0263","RHSA-2015:0086","RHSA-2015:0085"],"bugzilla":"1183031","bugzilla_description":"CVE-2015-0395 OpenJDK: phantom references handling issue in garbage collector (Hotspot, 8047125)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.8.0-openjdk-1:1.8.0.31-1.b13.el6_6","java-1.6.0-ibm-1:1.6.0.16.3-1jpp.1.el6_6","java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el6_6","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el5_11","java-1.7.0-openjdk-1:1.7.0.75-2.5.4.0.el6_6","java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el7_0","java-1.8.0-oracle-1:1.8.0.31-1jpp.1.el6","java-1.7.0-openjdk-1:1.7.0.75-2.5.4.2.el7_0","java-1.7.0-oracle-1:1.7.0.75-1jpp.1.el6","java-1.7.0-openjdk-1:1.7.0.75-2.5.4.0.el5_11","java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el5_11","java-1.7.0-oracle-1:1.7.0.75-1jpp.1.el5_11","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el6","java-1.5.0-ibm-1:1.5.0.16.9-1jpp.1.el6_6","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el7","java-1.6.0-ibm-1:1.6.0.16.3-1jpp.1.el6","java-1.7.0-oracle-1:1.7.0.75-1jpp.2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0395.json"},{"CVE":"CVE-2015-0400","severity":"moderate","public_date":"2015-01-20T00:00:00Z","advisories":[],"bugzilla":"1183039","bugzilla_description":"CVE-2015-0400 OpenJDK: NTLM authentication data disclosure via redirect to proxy (Libraries, 8048035)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0400.json"},{"CVE":"CVE-2015-0407","severity":"moderate","public_date":"2015-01-20T00:00:00Z","advisories":["RHSA-2015:0136","RHSA-2015:0069","RHSA-2015:0135","RHSA-2015:0079","RHSA-2015:0068","RHSA-2015:0134","RHSA-2015:0080","RHSA-2015:0067","RHSA-2015:0133","RHSA-2015:0264","RHSA-2015:0263","RHSA-2015:0086","RHSA-2015:0085"],"bugzilla":"1183043","bugzilla_description":"CVE-2015-0407 OpenJDK: directory information leak via file chooser (Swing, 8055304)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.8.0-openjdk-1:1.8.0.31-1.b13.el6_6","java-1.6.0-ibm-1:1.6.0.16.3-1jpp.1.el6_6","java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el6_6","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el5_11","java-1.7.0-openjdk-1:1.7.0.75-2.5.4.0.el6_6","java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el7_0","java-1.8.0-oracle-1:1.8.0.31-1jpp.1.el6","java-1.7.0-openjdk-1:1.7.0.75-2.5.4.2.el7_0","java-1.7.0-oracle-1:1.7.0.75-1jpp.1.el6","java-1.7.0-openjdk-1:1.7.0.75-2.5.4.0.el5_11","java-1.7.1-ibm-1:1.7.1.2.10-1jpp.3.el6_6","java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el5_11","java-1.7.0-oracle-1:1.7.0.75-1jpp.1.el5_11","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el6","java-1.7.0-ibm-1:1.7.0.8.10-1jpp.4.el5","java-1.5.0-ibm-1:1.5.0.16.9-1jpp.1.el6_6","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el7","java-1.6.0-ibm-1:1.6.0.16.3-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.2.10-1jpp.3.el7_0","java-1.7.0-oracle-1:1.7.0.75-1jpp.2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0407.json"},{"CVE":"CVE-2015-0410","severity":"moderate","public_date":"2015-01-20T00:00:00Z","advisories":["RHSA-2015:0136","RHSA-2015:0069","RHSA-2015:0135","RHSA-2015:0079","RHSA-2015:0068","RHSA-2015:0134","RHSA-2015:0080","RHSA-2015:0067","RHSA-2015:0133","RHSA-2015:0264","RHSA-2015:0263","RHSA-2015:0086","RHSA-2015:0085"],"bugzilla":"1183044","bugzilla_description":"CVE-2015-0410 OpenJDK: DER decoder infinite loop (Security, 8059485)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["java-1.8.0-openjdk-1:1.8.0.31-1.b13.el6_6","java-1.6.0-ibm-1:1.6.0.16.3-1jpp.1.el6_6","java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el6_6","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el5_11","java-1.7.0-openjdk-1:1.7.0.75-2.5.4.0.el6_6","java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el7_0","java-1.8.0-oracle-1:1.8.0.31-1jpp.1.el6","java-1.7.0-openjdk-1:1.7.0.75-2.5.4.2.el7_0","java-1.7.0-oracle-1:1.7.0.75-1jpp.1.el6","java-1.7.0-openjdk-1:1.7.0.75-2.5.4.0.el5_11","java-1.7.1-ibm-1:1.7.1.2.10-1jpp.3.el6_6","java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el5_11","java-1.7.0-oracle-1:1.7.0.75-1jpp.1.el5_11","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el6","java-1.7.0-ibm-1:1.7.0.8.10-1jpp.4.el5","java-1.5.0-ibm-1:1.5.0.16.9-1jpp.1.el6_6","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el7","java-1.6.0-ibm-1:1.6.0.16.3-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.2.10-1jpp.3.el7_0","java-1.7.0-oracle-1:1.7.0.75-1jpp.2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0410.json"},{"CVE":"CVE-2014-6593","severity":"moderate","public_date":"2015-01-20T00:00:00Z","advisories":["RHSA-2015:0136","RHSA-2015:0069","RHSA-2015:0135","RHSA-2015:0079","RHSA-2015:0068","RHSA-2015:0134","RHSA-2015:0080","RHSA-2015:0067","RHSA-2015:0133","RHSA-2015:0264","RHSA-2015:0263","RHSA-2015:0086","RHSA-2015:0085"],"bugzilla":"1183049","bugzilla_description":"CVE-2014-6593 OpenJDK: incorrect tracking of ChangeCipherSpec during SSL/TLS handshake (JSSE, 8057555)","cvss_score":4.0,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["java-1.8.0-openjdk-1:1.8.0.31-1.b13.el6_6","java-1.6.0-ibm-1:1.6.0.16.3-1jpp.1.el6_6","java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el6_6","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el5_11","java-1.7.0-openjdk-1:1.7.0.75-2.5.4.0.el6_6","java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el7_0","java-1.8.0-oracle-1:1.8.0.31-1jpp.1.el6","java-1.7.0-openjdk-1:1.7.0.75-2.5.4.2.el7_0","java-1.7.0-oracle-1:1.7.0.75-1jpp.1.el6","java-1.7.0-openjdk-1:1.7.0.75-2.5.4.0.el5_11","java-1.7.1-ibm-1:1.7.1.2.10-1jpp.3.el6_6","java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el5_11","java-1.7.0-oracle-1:1.7.0.75-1jpp.1.el5_11","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el6","java-1.7.0-ibm-1:1.7.0.8.10-1jpp.4.el5","java-1.5.0-ibm-1:1.5.0.16.9-1jpp.1.el6_6","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el7","java-1.6.0-ibm-1:1.6.0.16.3-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.2.10-1jpp.3.el7_0","java-1.7.0-oracle-1:1.7.0.75-1jpp.2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6593.json"},{"CVE":"CVE-2014-6585","severity":"low","public_date":"2015-01-20T00:00:00Z","advisories":["RHSA-2015:0136","RHSA-2015:0069","RHSA-2015:0135","RHSA-2015:0079","RHSA-2015:0068","RHSA-2015:0134","RHSA-2015:0080","RHSA-2015:0067","RHSA-2015:0133","RHSA-2015:0264","RHSA-2015:0263","RHSA-2015:0086","RHSA-2015:0085"],"bugzilla":"1183645","bugzilla_description":"CVE-2014-6585 ICU: font parsing OOB read (OpenJDK 2D, 8055489)","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:N/A:N","CWE":"CWE-125","affected_packages":["java-1.8.0-openjdk-1:1.8.0.31-1.b13.el6_6","java-1.6.0-ibm-1:1.6.0.16.3-1jpp.1.el6_6","java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el6_6","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el5_11","java-1.7.0-openjdk-1:1.7.0.75-2.5.4.0.el6_6","java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el7_0","java-1.8.0-oracle-1:1.8.0.31-1jpp.1.el6","java-1.7.0-openjdk-1:1.7.0.75-2.5.4.2.el7_0","java-1.7.0-oracle-1:1.7.0.75-1jpp.1.el6","java-1.7.0-openjdk-1:1.7.0.75-2.5.4.0.el5_11","java-1.7.1-ibm-1:1.7.1.2.10-1jpp.3.el6_6","java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el5_11","java-1.7.0-oracle-1:1.7.0.75-1jpp.1.el5_11","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el6","java-1.7.0-ibm-1:1.7.0.8.10-1jpp.4.el5","java-1.5.0-ibm-1:1.5.0.16.9-1jpp.1.el6_6","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el7","java-1.6.0-ibm-1:1.6.0.16.3-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.2.10-1jpp.3.el7_0","java-1.7.0-oracle-1:1.7.0.75-1jpp.2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6585.json"},{"CVE":"CVE-2014-6591","severity":"low","public_date":"2015-01-20T00:00:00Z","advisories":["RHSA-2015:0136","RHSA-2015:0069","RHSA-2015:0135","RHSA-2015:0079","RHSA-2015:0068","RHSA-2015:0134","RHSA-2015:0080","RHSA-2015:0067","RHSA-2015:0133","RHSA-2015:0264","RHSA-2015:0263","RHSA-2015:0086","RHSA-2015:0085"],"bugzilla":"1183646","bugzilla_description":"CVE-2014-6591 ICU: font parsing OOB read (OpenJDK 2D, 8056276)","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:N/A:N","CWE":"CWE-125","affected_packages":["java-1.8.0-openjdk-1:1.8.0.31-1.b13.el6_6","java-1.6.0-ibm-1:1.6.0.16.3-1jpp.1.el6_6","java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el6_6","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el5_11","java-1.7.0-openjdk-1:1.7.0.75-2.5.4.0.el6_6","java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el7_0","java-1.8.0-oracle-1:1.8.0.31-1jpp.1.el6","java-1.7.0-openjdk-1:1.7.0.75-2.5.4.2.el7_0","java-1.7.0-oracle-1:1.7.0.75-1jpp.1.el6","java-1.7.0-openjdk-1:1.7.0.75-2.5.4.0.el5_11","java-1.7.1-ibm-1:1.7.1.2.10-1jpp.3.el6_6","java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el5_11","java-1.7.0-oracle-1:1.7.0.75-1jpp.1.el5_11","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el6","java-1.7.0-ibm-1:1.7.0.8.10-1jpp.4.el5","java-1.5.0-ibm-1:1.5.0.16.9-1jpp.1.el6_6","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el7","java-1.6.0-ibm-1:1.6.0.16.3-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.2.10-1jpp.3.el7_0","java-1.7.0-oracle-1:1.7.0.75-1jpp.2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6591.json"},{"CVE":"CVE-2014-6549","severity":"critical","public_date":"2015-01-20T00:00:00Z","advisories":["RHSA-2015:0080","RHSA-2015:0069","RHSA-2015:0134","RHSA-2015:0133"],"bugzilla":"1183660","bugzilla_description":"CVE-2014-6549 OpenJDK: incorrect class loader permission check in ClassLoader getParent() (Libraries, 8055314)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.8.0-openjdk-1:1.8.0.31-1.b13.el6_6","java-1.7.1-ibm-1:1.7.1.2.10-1jpp.3.el6_6","java-1.7.0-ibm-1:1.7.0.8.10-1jpp.4.el5","java-1.8.0-oracle-1:1.8.0.31-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.2.10-1jpp.3.el7_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6549.json"},{"CVE":"CVE-2015-0437","severity":"critical","public_date":"2015-01-20T00:00:00Z","advisories":["RHSA-2015:0080","RHSA-2015:0069"],"bugzilla":"1183670","bugzilla_description":"CVE-2015-0437 OpenJDK: code generation issue (Hotspot, 8064524)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.8.0-openjdk-1:1.8.0.31-1.b13.el6_6","java-1.8.0-oracle-1:1.8.0.31-1jpp.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0437.json"},{"CVE":"CVE-2014-6587","severity":"low","public_date":"2015-01-20T00:00:00Z","advisories":["RHSA-2015:0080","RHSA-2015:0069","RHSA-2015:0135","RHSA-2015:0079","RHSA-2015:0068","RHSA-2015:0134","RHSA-2015:0067","RHSA-2015:0133","RHSA-2015:0264","RHSA-2015:0263","RHSA-2015:0086","RHSA-2015:0085"],"bugzilla":"1183715","bugzilla_description":"CVE-2014-6587 OpenJDK: MulticastSocket NULL pointer dereference (Libraries, 8056264)","cvss_score":4.1,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:P/I:P/A:P","CWE":"CWE-476","affected_packages":["java-1.8.0-openjdk-1:1.8.0.31-1.b13.el6_6","java-1.6.0-ibm-1:1.6.0.16.3-1jpp.1.el6_6","java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el6_6","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el5_11","java-1.7.0-openjdk-1:1.7.0.75-2.5.4.0.el6_6","java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el7_0","java-1.8.0-oracle-1:1.8.0.31-1jpp.1.el6","java-1.7.0-openjdk-1:1.7.0.75-2.5.4.2.el7_0","java-1.7.0-oracle-1:1.7.0.75-1jpp.1.el6","java-1.7.0-openjdk-1:1.7.0.75-2.5.4.0.el5_11","java-1.7.1-ibm-1:1.7.1.2.10-1jpp.3.el6_6","java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el5_11","java-1.7.0-oracle-1:1.7.0.75-1jpp.1.el5_11","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el6","java-1.7.0-ibm-1:1.7.0.8.10-1jpp.4.el5","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el7","java-1.6.0-ibm-1:1.6.0.16.3-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.2.10-1jpp.3.el7_0","java-1.7.0-oracle-1:1.7.0.75-1jpp.2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6587.json"},{"CVE":"CVE-2015-0403","severity":"important","public_date":"2015-01-20T00:00:00Z","advisories":["RHSA-2015:0080","RHSA-2015:0135","RHSA-2015:0079","RHSA-2015:0134","RHSA-2015:0133","RHSA-2015:0264","RHSA-2015:0263","RHSA-2015:0086"],"bugzilla":"1184275","bugzilla_description":"CVE-2015-0403 Oracle JDK: unspecified vulnerability fixed in 6u91, 7u75 and 8u31 (Deployment)","cvss_score":6.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":["java-1.7.1-ibm-1:1.7.1.2.10-1jpp.3.el6_6","java-1.6.0-ibm-1:1.6.0.16.3-1jpp.1.el6_6","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el5_11","java-1.7.0-oracle-1:1.7.0.75-1jpp.1.el5_11","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el6","java-1.7.0-ibm-1:1.7.0.8.10-1jpp.4.el5","java-1.8.0-oracle-1:1.8.0.31-1jpp.1.el6","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el7","java-1.6.0-ibm-1:1.6.0.16.3-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.2.10-1jpp.3.el7_0","java-1.7.0-oracle-1:1.7.0.75-1jpp.1.el6","java-1.7.0-oracle-1:1.7.0.75-1jpp.2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0403.json"},{"CVE":"CVE-2015-0421","severity":"important","public_date":"2015-01-20T00:00:00Z","advisories":["RHSA-2015:0080"],"bugzilla":"1184276","bugzilla_description":"CVE-2015-0421 Oracle JDK: unspecified vulnerability fixed in 8u31 (Install)","cvss_score":6.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":["java-1.8.0-oracle-1:1.8.0.31-1jpp.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0421.json"},{"CVE":"CVE-2015-0406","severity":"moderate","public_date":"2015-01-20T00:00:00Z","advisories":["RHSA-2015:0080","RHSA-2015:0135","RHSA-2015:0079","RHSA-2015:0134","RHSA-2015:0133","RHSA-2015:0264","RHSA-2015:0263","RHSA-2015:0086"],"bugzilla":"1184277","bugzilla_description":"CVE-2015-0406 Oracle JDK: unspecified vulnerability fixed in 6u91, 7u75 and 8u31 (Deployment)","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:P","CWE":null,"affected_packages":["java-1.7.1-ibm-1:1.7.1.2.10-1jpp.3.el6_6","java-1.6.0-ibm-1:1.6.0.16.3-1jpp.1.el6_6","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el5_11","java-1.7.0-oracle-1:1.7.0.75-1jpp.1.el5_11","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el6","java-1.7.0-ibm-1:1.7.0.8.10-1jpp.4.el5","java-1.8.0-oracle-1:1.8.0.31-1jpp.1.el6","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el7","java-1.6.0-ibm-1:1.6.0.16.3-1jpp.1.el6","java-1.7.1-ibm-1:1.7.1.2.10-1jpp.3.el7_0","java-1.7.0-oracle-1:1.7.0.75-1jpp.1.el6","java-1.7.0-oracle-1:1.7.0.75-1jpp.2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0406.json"},{"CVE":"CVE-2015-0413","severity":"low","public_date":"2015-01-20T00:00:00Z","advisories":["RHSA-2015:0080","RHSA-2015:0079"],"bugzilla":"1184278","bugzilla_description":"CVE-2015-0413 Oracle JDK: unspecified vulnerability fixed in 7u75 and 8u31 (Serviceability)","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.75-1jpp.1.el5_11","java-1.8.0-oracle-1:1.8.0.31-1jpp.1.el6","java-1.7.0-oracle-1:1.7.0.75-1jpp.1.el6","java-1.7.0-oracle-1:1.7.0.75-1jpp.2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0413.json"},{"CVE":"CVE-2015-2625","severity":"low","public_date":"2014-11-02T00:00:00Z","advisories":["RHSA-2015:1604","RHSA-2015:1526","RHSA-2015:1229","RHSA-2015:1228","RHSA-2015:1488","RHSA-2015:1486","RHSA-2015:1243","RHSA-2015:1485","RHSA-2015:1242","RHSA-2015:1241","RHSA-2015:1230"],"bugzilla":"1241965","bugzilla_description":"CVE-2015-2625 OpenJDK: name for reverse DNS lookup used in certificate identity check (JSSE, 8067694)","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:P/A:N","CWE":"CWE-295","affected_packages":["java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el7_1","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el7_1","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el6_6","java-1.7.0-oracle-1:1.7.0.85-1jpp.1.el5_11","java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el6_6","java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el6_6","java-1.7.1-ibm-1:1.7.1.3.10-1jpp.3.el6_7","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.3.el5_11","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el7_1","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el7_1","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el6_7","java-1.7.0-ibm-1:1.7.0.9.10-1jpp.2.el5","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.2.ael7b_1","java-1.7.0-openjdk-1:1.7.0.85-2.6.1.3.el6_6","java-1.8.0-openjdk-1:1.8.0.51-0.b16.el6_6","java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el5_11","java-1.6.0-ibm-1:1.6.0.16.7-1jpp.1.el6_7","java-1.6.0-sun-1:1.6.0.101-1jpp.1.el5_11","java-1.6.0-ibm-1:1.6.0.16.7-1jpp.1.el5","java-1.8.0-openjdk-1:1.8.0.51-1.b16.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2625.json"},{"CVE":"CVE-2014-6512","severity":"low","public_date":"2014-10-14T00:00:00Z","advisories":["RHSA-2014:1620","RHSA-2014:1882","RHSA-2014:1658","RHSA-2014:1636","RHSA-2014:1657","RHSA-2014:1877","RHSA-2014:1634","RHSA-2014:1876","RHSA-2014:1633","RHSA-2015:0264","RHSA-2014:1881","RHSA-2014:1880"],"bugzilla":"1071210","bugzilla_description":"CVE-2014-6512 OpenJDK: DatagramSocket connected socket missing source check (Libraries, 8039509)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-345","affected_packages":["java-1.6.0-sun-1:1.6.0.85-1jpp.2.el7","java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el5","java-1.7.1-ibm-1:1.7.1.2.0-1jpp.3.el6_6","java-1.6.0-ibm-1:1.6.0.16.2-1jpp.1.el6_6","java-1.7.0-openjdk-1:1.7.0.71-2.5.3.1.el5_11","java-1.6.0-sun-1:1.6.0.85-1jpp.2.el6","java-1.6.0-sun-1:1.6.0.85-1jpp.3.el5_11","java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el7","java-1.6.0-openjdk-1:1.6.0.33-1.13.5.0.el5_11","java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el6","java-1.7.1-ibm-1:1.7.1.2.0-1jpp.3.el7_0","java-1.7.0-openjdk-1:1.7.0.71-2.5.3.1.el7_0","java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el6_6","java-1.5.0-ibm-1:1.5.0.16.8-1jpp.1.el6_6","java-1.7.0-oracle-1:1.7.0.72-1jpp.4.el5_11","java-1.8.0-openjdk-0:1.8.0.25-1.b17.el6","java-1.7.0-openjdk-1:1.7.0.71-2.5.3.1.el6","java-1.6.0-openjdk-1:1.6.0.33-1.13.5.0.el7_0","java-1.6.0-openjdk-1:1.6.0.33-1.13.5.0.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6512.json"},{"CVE":"CVE-2014-6513","severity":"critical","public_date":"2014-10-14T00:00:00Z","advisories":[],"bugzilla":"1150118","bugzilla_description":"CVE-2014-6513 OpenJDK: splash image handling memory corruption (AWT, 8042609)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6513.json"},{"CVE":"CVE-2014-6506","severity":"important","public_date":"2014-10-14T00:00:00Z","advisories":["RHSA-2014:1620","RHSA-2014:1882","RHSA-2014:1658","RHSA-2014:1636","RHSA-2014:1657","RHSA-2014:1877","RHSA-2014:1634","RHSA-2014:1876","RHSA-2014:1633","RHSA-2015:0264","RHSA-2014:1881","RHSA-2014:1880"],"bugzilla":"1150155","bugzilla_description":"CVE-2014-6506 OpenJDK: insufficient permission checks when setting resource bundle on system logger (Libraries, 8041564)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-sun-1:1.6.0.85-1jpp.2.el7","java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el5","java-1.7.1-ibm-1:1.7.1.2.0-1jpp.3.el6_6","java-1.6.0-ibm-1:1.6.0.16.2-1jpp.1.el6_6","java-1.7.0-openjdk-1:1.7.0.71-2.5.3.1.el5_11","java-1.6.0-sun-1:1.6.0.85-1jpp.2.el6","java-1.6.0-sun-1:1.6.0.85-1jpp.3.el5_11","java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el7","java-1.6.0-openjdk-1:1.6.0.33-1.13.5.0.el5_11","java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el6","java-1.7.1-ibm-1:1.7.1.2.0-1jpp.3.el7_0","java-1.7.0-openjdk-1:1.7.0.71-2.5.3.1.el7_0","java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el6_6","java-1.5.0-ibm-1:1.5.0.16.8-1jpp.1.el6_6","java-1.7.0-oracle-1:1.7.0.72-1jpp.4.el5_11","java-1.8.0-openjdk-0:1.8.0.25-1.b17.el6","java-1.7.0-openjdk-1:1.7.0.71-2.5.3.1.el6","java-1.6.0-openjdk-1:1.6.0.33-1.13.5.0.el7_0","java-1.6.0-openjdk-1:1.6.0.33-1.13.5.0.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6506.json"},{"CVE":"CVE-2014-6504","severity":"moderate","public_date":"2014-10-14T00:00:00Z","advisories":["RHSA-2014:1620","RHSA-2014:1658","RHSA-2014:1636","RHSA-2014:1657","RHSA-2014:1634","RHSA-2014:1633"],"bugzilla":"1150182","bugzilla_description":"CVE-2014-6504 OpenJDK: incorrect optimization of range checks in C2 compiler (Hotspot, 8022783)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.6.0-sun-1:1.6.0.85-1jpp.2.el7","java-1.7.0-openjdk-1:1.7.0.71-2.5.3.1.el5_11","java-1.6.0-sun-1:1.6.0.85-1jpp.2.el6","java-1.6.0-sun-1:1.6.0.85-1jpp.3.el5_11","java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el7","java-1.6.0-openjdk-1:1.6.0.33-1.13.5.0.el5_11","java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el6","java-1.7.0-openjdk-1:1.7.0.71-2.5.3.1.el7_0","java-1.7.0-oracle-1:1.7.0.72-1jpp.4.el5_11","java-1.8.0-openjdk-0:1.8.0.25-1.b17.el6","java-1.7.0-openjdk-1:1.7.0.71-2.5.3.1.el6","java-1.6.0-openjdk-1:1.6.0.33-1.13.5.0.el7_0","java-1.6.0-openjdk-1:1.6.0.33-1.13.5.0.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6504.json"},{"CVE":"CVE-2014-6519","severity":"moderate","public_date":"2014-10-14T00:00:00Z","advisories":["RHSA-2014:1620","RHSA-2014:1636","RHSA-2014:1657","RHSA-2014:1634","RHSA-2014:1633"],"bugzilla":"1150273","bugzilla_description":"CVE-2014-6519 OpenJDK: missing BootstrapMethods bounds check (Hotspot, 8041717)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.71-2.5.3.1.el5_11","java-1.7.0-oracle-1:1.7.0.72-1jpp.4.el5_11","java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el7","java-1.6.0-openjdk-1:1.6.0.33-1.13.5.0.el5_11","java-1.8.0-openjdk-0:1.8.0.25-1.b17.el6","java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el6","java-1.7.0-openjdk-1:1.7.0.71-2.5.3.1.el6","java-1.6.0-openjdk-1:1.6.0.33-1.13.5.0.el7_0","java-1.7.0-openjdk-1:1.7.0.71-2.5.3.1.el7_0","java-1.6.0-openjdk-1:1.6.0.33-1.13.5.0.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6519.json"},{"CVE":"CVE-2014-6531","severity":"moderate","public_date":"2014-10-14T00:00:00Z","advisories":["RHSA-2014:1620","RHSA-2014:1882","RHSA-2014:1658","RHSA-2014:1636","RHSA-2014:1657","RHSA-2014:1877","RHSA-2014:1634","RHSA-2014:1876","RHSA-2014:1633","RHSA-2015:0264","RHSA-2014:1881","RHSA-2014:1880"],"bugzilla":"1150651","bugzilla_description":"CVE-2014-6531 OpenJDK: insufficient ResourceBundle name check (Libraries, 8044274)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.6.0-sun-1:1.6.0.85-1jpp.2.el7","java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el5","java-1.7.1-ibm-1:1.7.1.2.0-1jpp.3.el6_6","java-1.6.0-ibm-1:1.6.0.16.2-1jpp.1.el6_6","java-1.7.0-openjdk-1:1.7.0.71-2.5.3.1.el5_11","java-1.6.0-sun-1:1.6.0.85-1jpp.2.el6","java-1.6.0-sun-1:1.6.0.85-1jpp.3.el5_11","java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el7","java-1.6.0-openjdk-1:1.6.0.33-1.13.5.0.el5_11","java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el6","java-1.7.1-ibm-1:1.7.1.2.0-1jpp.3.el7_0","java-1.7.0-openjdk-1:1.7.0.71-2.5.3.1.el7_0","java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el6_6","java-1.5.0-ibm-1:1.5.0.16.8-1jpp.1.el6_6","java-1.7.0-oracle-1:1.7.0.72-1jpp.4.el5_11","java-1.8.0-openjdk-0:1.8.0.25-1.b17.el6","java-1.7.0-openjdk-1:1.7.0.71-2.5.3.1.el6","java-1.6.0-openjdk-1:1.6.0.33-1.13.5.0.el7_0","java-1.6.0-openjdk-1:1.6.0.33-1.13.5.0.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6531.json"},{"CVE":"CVE-2014-6502","severity":"low","public_date":"2014-10-14T00:00:00Z","advisories":["RHSA-2014:1620","RHSA-2014:1882","RHSA-2014:1658","RHSA-2014:1636","RHSA-2014:1657","RHSA-2014:1877","RHSA-2014:1634","RHSA-2014:1876","RHSA-2014:1633","RHSA-2015:0264","RHSA-2014:1881","RHSA-2014:1880"],"bugzilla":"1150669","bugzilla_description":"CVE-2014-6502 OpenJDK: LogRecord use of incorrect CL when loading ResourceBundle (Libraries, 8042797)","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.6.0-sun-1:1.6.0.85-1jpp.2.el7","java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el5","java-1.7.1-ibm-1:1.7.1.2.0-1jpp.3.el6_6","java-1.6.0-ibm-1:1.6.0.16.2-1jpp.1.el6_6","java-1.7.0-openjdk-1:1.7.0.71-2.5.3.1.el5_11","java-1.6.0-sun-1:1.6.0.85-1jpp.2.el6","java-1.6.0-sun-1:1.6.0.85-1jpp.3.el5_11","java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el7","java-1.6.0-openjdk-1:1.6.0.33-1.13.5.0.el5_11","java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el6","java-1.7.1-ibm-1:1.7.1.2.0-1jpp.3.el7_0","java-1.7.0-openjdk-1:1.7.0.71-2.5.3.1.el7_0","java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el6_6","java-1.5.0-ibm-1:1.5.0.16.8-1jpp.1.el6_6","java-1.7.0-oracle-1:1.7.0.72-1jpp.4.el5_11","java-1.8.0-openjdk-0:1.8.0.25-1.b17.el6","java-1.7.0-openjdk-1:1.7.0.71-2.5.3.1.el6","java-1.6.0-openjdk-1:1.6.0.33-1.13.5.0.el7_0","java-1.6.0-openjdk-1:1.6.0.33-1.13.5.0.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6502.json"},{"CVE":"CVE-2014-6457","severity":"moderate","public_date":"2014-10-14T00:00:00Z","advisories":["RHSA-2014:1620","RHSA-2014:1882","RHSA-2014:1658","RHSA-2014:1636","RHSA-2014:1657","RHSA-2014:1877","RHSA-2014:1634","RHSA-2014:1876","RHSA-2014:1633","RHSA-2015:0264","RHSA-2014:1881","RHSA-2014:1880"],"bugzilla":"1151046","bugzilla_description":"CVE-2014-6457 OpenJDK: Triple Handshake attack against TLS/SSL connections (JSSE, 8037066)","cvss_score":4.0,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["java-1.6.0-sun-1:1.6.0.85-1jpp.2.el7","java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el5","java-1.7.1-ibm-1:1.7.1.2.0-1jpp.3.el6_6","java-1.6.0-ibm-1:1.6.0.16.2-1jpp.1.el6_6","java-1.7.0-openjdk-1:1.7.0.71-2.5.3.1.el5_11","java-1.6.0-sun-1:1.6.0.85-1jpp.2.el6","java-1.6.0-sun-1:1.6.0.85-1jpp.3.el5_11","java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el7","java-1.6.0-openjdk-1:1.6.0.33-1.13.5.0.el5_11","java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el6","java-1.7.1-ibm-1:1.7.1.2.0-1jpp.3.el7_0","java-1.7.0-openjdk-1:1.7.0.71-2.5.3.1.el7_0","java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el6_6","java-1.5.0-ibm-1:1.5.0.16.8-1jpp.1.el6_6","java-1.7.0-oracle-1:1.7.0.72-1jpp.4.el5_11","java-1.8.0-openjdk-0:1.8.0.25-1.b17.el6","java-1.7.0-openjdk-1:1.7.0.71-2.5.3.1.el6","java-1.6.0-openjdk-1:1.6.0.33-1.13.5.0.el7_0","java-1.6.0-openjdk-1:1.6.0.33-1.13.5.0.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6457.json"},{"CVE":"CVE-2014-6558","severity":"low","public_date":"2014-10-14T00:00:00Z","advisories":["RHSA-2014:1620","RHSA-2014:1882","RHSA-2014:1658","RHSA-2014:1636","RHSA-2014:1657","RHSA-2014:1877","RHSA-2014:1634","RHSA-2014:1876","RHSA-2014:1633","RHSA-2015:0264","RHSA-2014:1881","RHSA-2014:1880"],"bugzilla":"1151063","bugzilla_description":"CVE-2014-6558 OpenJDK: CipherInputStream incorrect exception handling (Security, 8037846)","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.6.0-sun-1:1.6.0.85-1jpp.2.el7","java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el5","java-1.7.1-ibm-1:1.7.1.2.0-1jpp.3.el6_6","java-1.6.0-ibm-1:1.6.0.16.2-1jpp.1.el6_6","java-1.7.0-openjdk-1:1.7.0.71-2.5.3.1.el5_11","java-1.6.0-sun-1:1.6.0.85-1jpp.2.el6","java-1.6.0-sun-1:1.6.0.85-1jpp.3.el5_11","java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el7","java-1.6.0-openjdk-1:1.6.0.33-1.13.5.0.el5_11","java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el6","java-1.7.1-ibm-1:1.7.1.2.0-1jpp.3.el7_0","java-1.7.0-openjdk-1:1.7.0.71-2.5.3.1.el7_0","java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el6_6","java-1.5.0-ibm-1:1.5.0.16.8-1jpp.1.el6_6","java-1.7.0-oracle-1:1.7.0.72-1jpp.4.el5_11","java-1.8.0-openjdk-0:1.8.0.25-1.b17.el6","java-1.7.0-openjdk-1:1.7.0.71-2.5.3.1.el6","java-1.6.0-openjdk-1:1.6.0.33-1.13.5.0.el7_0","java-1.6.0-openjdk-1:1.6.0.33-1.13.5.0.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6558.json"},{"CVE":"CVE-2014-6517","severity":"moderate","public_date":"2014-10-14T00:00:00Z","advisories":["RHSA-2014:1620","RHSA-2014:1658","RHSA-2014:1636","RHSA-2014:1657","RHSA-2014:1634","RHSA-2014:1633"],"bugzilla":"1151364","bugzilla_description":"CVE-2014-6517 OpenJDK: StAX parser parameter entity XXE (JAXP, 8039533)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.6.0-sun-1:1.6.0.85-1jpp.2.el7","java-1.7.0-openjdk-1:1.7.0.71-2.5.3.1.el5_11","java-1.6.0-sun-1:1.6.0.85-1jpp.2.el6","java-1.6.0-sun-1:1.6.0.85-1jpp.3.el5_11","java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el7","java-1.6.0-openjdk-1:1.6.0.33-1.13.5.0.el5_11","java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el6","java-1.7.0-openjdk-1:1.7.0.71-2.5.3.1.el7_0","java-1.7.0-oracle-1:1.7.0.72-1jpp.4.el5_11","java-1.8.0-openjdk-0:1.8.0.25-1.b17.el6","java-1.7.0-openjdk-1:1.7.0.71-2.5.3.1.el6","java-1.6.0-openjdk-1:1.6.0.33-1.13.5.0.el7_0","java-1.6.0-openjdk-1:1.6.0.33-1.13.5.0.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6517.json"},{"CVE":"CVE-2014-6511","severity":"moderate","public_date":"2014-10-14T00:00:00Z","advisories":["RHSA-2014:1620","RHSA-2014:1882","RHSA-2014:1658","RHSA-2014:1636","RHSA-2014:1657","RHSA-2014:1877","RHSA-2014:1634","RHSA-2014:1876","RHSA-2014:1633","RHSA-2015:0264","RHSA-2014:1881","RHSA-2014:1880"],"bugzilla":"1151517","bugzilla_description":"CVE-2014-6511 ICU: Layout Engine ContextualSubstitution missing boundary checks (JDK 2D, 8041540)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.6.0-sun-1:1.6.0.85-1jpp.2.el7","java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el5","java-1.7.1-ibm-1:1.7.1.2.0-1jpp.3.el6_6","java-1.6.0-ibm-1:1.6.0.16.2-1jpp.1.el6_6","java-1.7.0-openjdk-1:1.7.0.71-2.5.3.1.el5_11","java-1.6.0-sun-1:1.6.0.85-1jpp.2.el6","java-1.6.0-sun-1:1.6.0.85-1jpp.3.el5_11","java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el7","java-1.6.0-openjdk-1:1.6.0.33-1.13.5.0.el5_11","java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el6","java-1.7.1-ibm-1:1.7.1.2.0-1jpp.3.el7_0","java-1.7.0-openjdk-1:1.7.0.71-2.5.3.1.el7_0","java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el6_6","java-1.5.0-ibm-1:1.5.0.16.8-1jpp.1.el6_6","java-1.7.0-oracle-1:1.7.0.72-1jpp.4.el5_11","java-1.8.0-openjdk-0:1.8.0.25-1.b17.el6","java-1.7.0-openjdk-1:1.7.0.71-2.5.3.1.el6","java-1.6.0-openjdk-1:1.6.0.33-1.13.5.0.el7_0","java-1.6.0-openjdk-1:1.6.0.33-1.13.5.0.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6511.json"},{"CVE":"CVE-2014-6562","severity":"critical","public_date":"2014-10-14T00:00:00Z","advisories":["RHSA-2014:1636"],"bugzilla":"1151988","bugzilla_description":"CVE-2014-6562 OpenJDK: incorrect handling of zip entries with NUL in name (Libraries, 8048025)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.8.0-openjdk-0:1.8.0.25-1.b17.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6562.json"},{"CVE":"CVE-2014-6468","severity":"low","public_date":"2014-10-14T00:00:00Z","advisories":["RHSA-2014:1636"],"bugzilla":"1152049","bugzilla_description":"CVE-2014-6468 OpenJDK: insufficient SharedArchiveFile checks (Hotspot, 8044269)","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":["java-1.8.0-openjdk-0:1.8.0.25-1.b17.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6468.json"},{"CVE":"CVE-2014-6532","severity":"critical","public_date":"2014-10-14T00:00:00Z","advisories":["RHSA-2014:1882","RHSA-2014:1658","RHSA-2014:1657","RHSA-2014:1877","RHSA-2014:1876","RHSA-2015:0264","RHSA-2014:1880"],"bugzilla":"1152756","bugzilla_description":"CVE-2014-6532 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-sun-1:1.6.0.85-1jpp.2.el7","java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el5","java-1.7.1-ibm-1:1.7.1.2.0-1jpp.3.el6_6","java-1.6.0-ibm-1:1.6.0.16.2-1jpp.1.el6_6","java-1.6.0-sun-1:1.6.0.85-1jpp.2.el6","java-1.7.0-oracle-1:1.7.0.72-1jpp.4.el5_11","java-1.6.0-sun-1:1.6.0.85-1jpp.3.el5_11","java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el7","java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el6","java-1.7.1-ibm-1:1.7.1.2.0-1jpp.3.el7_0","java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6532.json"},{"CVE":"CVE-2014-6503","severity":"critical","public_date":"2014-10-14T00:00:00Z","advisories":["RHSA-2014:1882","RHSA-2014:1658","RHSA-2014:1657","RHSA-2014:1877","RHSA-2014:1876","RHSA-2015:0264","RHSA-2014:1880"],"bugzilla":"1152757","bugzilla_description":"CVE-2014-6503 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-sun-1:1.6.0.85-1jpp.2.el7","java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el5","java-1.7.1-ibm-1:1.7.1.2.0-1jpp.3.el6_6","java-1.6.0-ibm-1:1.6.0.16.2-1jpp.1.el6_6","java-1.6.0-sun-1:1.6.0.85-1jpp.2.el6","java-1.7.0-oracle-1:1.7.0.72-1jpp.4.el5_11","java-1.6.0-sun-1:1.6.0.85-1jpp.3.el5_11","java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el7","java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el6","java-1.7.1-ibm-1:1.7.1.2.0-1jpp.3.el7_0","java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6503.json"},{"CVE":"CVE-2014-6456","severity":"critical","public_date":"2014-10-14T00:00:00Z","advisories":["RHSA-2014:1882","RHSA-2014:1657","RHSA-2014:1876","RHSA-2014:1880"],"bugzilla":"1152758","bugzilla_description":"CVE-2014-6456 Oracle JDK: unspecified vulnerability fixed in 7u71 and 8u25 (Deployment)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el5","java-1.7.1-ibm-1:1.7.1.2.0-1jpp.3.el6_6","java-1.7.0-oracle-1:1.7.0.72-1jpp.4.el5_11","java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el7","java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el6","java-1.7.1-ibm-1:1.7.1.2.0-1jpp.3.el7_0","java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6456.json"},{"CVE":"CVE-2014-6492","severity":"important","public_date":"2014-10-14T00:00:00Z","advisories":["RHSA-2014:1882","RHSA-2014:1658","RHSA-2014:1657","RHSA-2014:1877","RHSA-2014:1876","RHSA-2015:0264","RHSA-2014:1880"],"bugzilla":"1152759","bugzilla_description":"CVE-2014-6492 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-sun-1:1.6.0.85-1jpp.2.el7","java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el5","java-1.7.1-ibm-1:1.7.1.2.0-1jpp.3.el6_6","java-1.6.0-ibm-1:1.6.0.16.2-1jpp.1.el6_6","java-1.6.0-sun-1:1.6.0.85-1jpp.2.el6","java-1.7.0-oracle-1:1.7.0.72-1jpp.4.el5_11","java-1.6.0-sun-1:1.6.0.85-1jpp.3.el5_11","java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el7","java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el6","java-1.7.1-ibm-1:1.7.1.2.0-1jpp.3.el7_0","java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6492.json"},{"CVE":"CVE-2014-6493","severity":"important","public_date":"2014-10-14T00:00:00Z","advisories":["RHSA-2014:1882","RHSA-2014:1658","RHSA-2014:1657","RHSA-2014:1877","RHSA-2014:1876","RHSA-2015:0264","RHSA-2014:1880"],"bugzilla":"1152760","bugzilla_description":"CVE-2014-6493 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-sun-1:1.6.0.85-1jpp.2.el7","java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el5","java-1.7.1-ibm-1:1.7.1.2.0-1jpp.3.el6_6","java-1.6.0-ibm-1:1.6.0.16.2-1jpp.1.el6_6","java-1.6.0-sun-1:1.6.0.85-1jpp.2.el6","java-1.7.0-oracle-1:1.7.0.72-1jpp.4.el5_11","java-1.6.0-sun-1:1.6.0.85-1jpp.3.el5_11","java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el7","java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el6","java-1.7.1-ibm-1:1.7.1.2.0-1jpp.3.el7_0","java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6493.json"},{"CVE":"CVE-2014-4288","severity":"important","public_date":"2014-10-14T00:00:00Z","advisories":["RHSA-2014:1882","RHSA-2014:1658","RHSA-2014:1657","RHSA-2014:1877","RHSA-2014:1876","RHSA-2015:0264","RHSA-2014:1880"],"bugzilla":"1152761","bugzilla_description":"CVE-2014-4288 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-sun-1:1.6.0.85-1jpp.2.el7","java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el5","java-1.7.1-ibm-1:1.7.1.2.0-1jpp.3.el6_6","java-1.6.0-ibm-1:1.6.0.16.2-1jpp.1.el6_6","java-1.6.0-sun-1:1.6.0.85-1jpp.2.el6","java-1.7.0-oracle-1:1.7.0.72-1jpp.4.el5_11","java-1.6.0-sun-1:1.6.0.85-1jpp.3.el5_11","java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el7","java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el6","java-1.7.1-ibm-1:1.7.1.2.0-1jpp.3.el7_0","java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4288.json"},{"CVE":"CVE-2014-6466","severity":"moderate","public_date":"2014-10-14T00:00:00Z","advisories":[],"bugzilla":"1152762","bugzilla_description":"CVE-2014-6466 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6466.json"},{"CVE":"CVE-2014-6458","severity":"moderate","public_date":"2014-10-14T00:00:00Z","advisories":["RHSA-2014:1882","RHSA-2014:1658","RHSA-2014:1657","RHSA-2014:1877","RHSA-2014:1876","RHSA-2015:0264","RHSA-2014:1880"],"bugzilla":"1152763","bugzilla_description":"CVE-2014-6458 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":["java-1.6.0-sun-1:1.6.0.85-1jpp.2.el7","java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el5","java-1.7.1-ibm-1:1.7.1.2.0-1jpp.3.el6_6","java-1.6.0-ibm-1:1.6.0.16.2-1jpp.1.el6_6","java-1.6.0-sun-1:1.6.0.85-1jpp.2.el6","java-1.7.0-oracle-1:1.7.0.72-1jpp.4.el5_11","java-1.6.0-sun-1:1.6.0.85-1jpp.3.el5_11","java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el7","java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el6","java-1.7.1-ibm-1:1.7.1.2.0-1jpp.3.el7_0","java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6458.json"},{"CVE":"CVE-2014-6476","severity":"moderate","public_date":"2014-10-14T00:00:00Z","advisories":["RHSA-2014:1882","RHSA-2014:1657","RHSA-2014:1876","RHSA-2014:1880"],"bugzilla":"1152765","bugzilla_description":"CVE-2014-6476 Oracle JDK: unspecified vulnerability fixed in 7u71 and 8u25 (Deployment)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el5","java-1.7.1-ibm-1:1.7.1.2.0-1jpp.3.el6_6","java-1.7.0-oracle-1:1.7.0.72-1jpp.4.el5_11","java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el7","java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el6","java-1.7.1-ibm-1:1.7.1.2.0-1jpp.3.el7_0","java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6476.json"},{"CVE":"CVE-2014-6515","severity":"moderate","public_date":"2014-10-14T00:00:00Z","advisories":["RHSA-2014:1882","RHSA-2014:1658","RHSA-2014:1657","RHSA-2014:1877","RHSA-2014:1876","RHSA-2015:0264","RHSA-2014:1880"],"bugzilla":"1152766","bugzilla_description":"CVE-2014-6515 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.6.0-sun-1:1.6.0.85-1jpp.2.el7","java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el5","java-1.7.1-ibm-1:1.7.1.2.0-1jpp.3.el6_6","java-1.6.0-ibm-1:1.6.0.16.2-1jpp.1.el6_6","java-1.6.0-sun-1:1.6.0.85-1jpp.2.el6","java-1.7.0-oracle-1:1.7.0.72-1jpp.4.el5_11","java-1.6.0-sun-1:1.6.0.85-1jpp.3.el5_11","java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el7","java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el6","java-1.7.1-ibm-1:1.7.1.2.0-1jpp.3.el7_0","java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6515.json"},{"CVE":"CVE-2014-6527","severity":"low","public_date":"2014-10-14T00:00:00Z","advisories":["RHSA-2014:1882","RHSA-2014:1657","RHSA-2014:1876","RHSA-2014:1880"],"bugzilla":"1152767","bugzilla_description":"CVE-2014-6527 Oracle JDK: unspecified vulnerability fixed in 7u71 and 8u25 (Deployment)","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el5","java-1.7.1-ibm-1:1.7.1.2.0-1jpp.3.el6_6","java-1.7.0-oracle-1:1.7.0.72-1jpp.4.el5_11","java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el7","java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el6","java-1.7.1-ibm-1:1.7.1.2.0-1jpp.3.el7_0","java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6527.json"},{"CVE":"CVE-2014-3566","severity":"important","public_date":"2014-10-14T00:00:00Z","advisories":["RHSA-2015:1546","RHSA-2015:1545","RHSA-2015:0069","RHSA-2015:0079","RHSA-2015:0068","RHSA-2014:1881","RHSA-2014:1880","RHSA-2015:0080","RHSA-2014:1882","RHSA-2014:1877","RHSA-2014:1876","RHSA-2014:1920","RHSA-2015:0067","RHSA-2015:0012","RHSA-2015:0011","RHSA-2015:0264","RHSA-2015:0010","RHSA-2015:0086","RHSA-2015:0085","RHBA-2014:1857"],"bugzilla":"1152789","bugzilla_description":"CVE-2014-3566 SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","CWE":"(CWE-636|CWE-757)","affected_packages":["java-1.8.0-openjdk-1:1.8.0.31-1.b13.el6_6","java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el5","java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el6_6","java-1.7.1-ibm-1:1.7.1.2.0-1jpp.3.el6_6","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el5_11","java-1.7.0-openjdk-1:1.7.0.75-2.5.4.0.el6_6","java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el7_0","java-1.8.0-oracle-1:1.8.0.31-1jpp.1.el6","openshift-origin-node-proxy-0:1.16.4.2-1.el6op","java-1.7.1-ibm-1:1.7.1.2.0-1jpp.3.el7_0","java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el6_6","java-1.7.0-openjdk-1:1.7.0.75-2.5.4.2.el7_0","java-1.7.0-openjdk-1:1.7.0.75-2.5.4.0.el5_11","java-1.5.0-ibm-1:1.5.0.16.8-1jpp.1.el5","java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el5_11","java-1.6.0-ibm-1:1.6.0.16.2-1jpp.1.el5","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el6","java-1.5.0-ibm-1:1.5.0.16.8-1jpp.1.el6_6","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el7","openshift-origin-node-proxy-0:1.22.3.4-1.el6op","java-1.7.0-oracle-1:1.7.0.75-1jpp.2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3566.json"},{"CVE":"CVE-2014-4262","severity":"critical","public_date":"2014-07-15T00:00:00Z","advisories":["RHSA-2014:0908","RHSA-2014:1036","RHSA-2014:0902","RHSA-2014:1041","RHSA-2015:0264","RHSA-2014:0889","RHSA-2014:0890","RHSA-2014:0907","RHSA-2014:1033","RHSA-2014:1042"],"bugzilla":"1075795","bugzilla_description":"CVE-2014-4262 OpenJDK: AtomicReferenceFieldUpdater missing primitive type check (Libraries, 8039520)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.65-1jpp.2.el5_10","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.4.el6_5","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.4.el5_10","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.4.el7_0","java-1.7.0-oracle-1:1.7.0.65-1jpp.1.el6_5","java-1.7.1-ibm-1:1.7.1.1.1-1jpp.1.el7_0","java-1.7.0-openjdk-1:1.7.0.65-2.5.1.2.el6_5","java-1.6.0-ibm-1:1.6.0.16.1-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.65-2.5.1.2.el7_0","java-1.7.0-oracle-1:1.7.0.65-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.81-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.81-1jpp.1.el5_10","java-1.7.0-openjdk-1:1.7.0.65-2.5.1.2.el5_10","java-1.6.0-sun-1:1.6.0.81-1jpp.1.el7","java-1.5.0-ibm-1:1.5.0.16.7-1jpp.1.el6_5","java-1.7.0-ibm-1:1.7.0.7.1-1jpp.1.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4262.json"},{"CVE":"CVE-2014-4244","severity":"moderate","public_date":"2014-07-15T00:00:00Z","advisories":["RHSA-2014:0908","RHSA-2014:1036","RHSA-2014:0902","RHSA-2014:1041","RHSA-2015:0264","RHSA-2014:0889","RHSA-2014:0890","RHSA-2014:0907","RHSA-2014:1033","RHSA-2014:1042"],"bugzilla":"1119475","bugzilla_description":"CVE-2014-4244 OpenJDK: RSA blinding issues (Security, 8031346)","cvss_score":4.0,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.65-1jpp.2.el5_10","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.4.el6_5","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.4.el5_10","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.4.el7_0","java-1.7.0-oracle-1:1.7.0.65-1jpp.1.el6_5","java-1.7.1-ibm-1:1.7.1.1.1-1jpp.1.el7_0","java-1.7.0-openjdk-1:1.7.0.65-2.5.1.2.el6_5","java-1.6.0-ibm-1:1.6.0.16.1-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.65-2.5.1.2.el7_0","java-1.7.0-oracle-1:1.7.0.65-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.81-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.81-1jpp.1.el5_10","java-1.7.0-openjdk-1:1.7.0.65-2.5.1.2.el5_10","java-1.6.0-sun-1:1.6.0.81-1jpp.1.el7","java-1.5.0-ibm-1:1.5.0.16.7-1jpp.1.el6_5","java-1.7.0-ibm-1:1.7.0.7.1-1jpp.1.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4244.json"},{"CVE":"CVE-2014-4263","severity":"moderate","public_date":"2014-07-15T00:00:00Z","advisories":["RHSA-2014:0908","RHSA-2014:1036","RHSA-2014:0902","RHSA-2014:1041","RHSA-2015:0264","RHSA-2014:0889","RHSA-2014:0890","RHSA-2014:0907","RHSA-2014:1033","RHSA-2014:1042"],"bugzilla":"1119476","bugzilla_description":"CVE-2014-4263 OpenJDK: insufficient Diffie-Hellman public key validation (Security, 8037162)","cvss_score":4.0,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.65-1jpp.2.el5_10","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.4.el6_5","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.4.el5_10","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.4.el7_0","java-1.7.0-oracle-1:1.7.0.65-1jpp.1.el6_5","java-1.7.1-ibm-1:1.7.1.1.1-1jpp.1.el7_0","java-1.7.0-openjdk-1:1.7.0.65-2.5.1.2.el6_5","java-1.6.0-ibm-1:1.6.0.16.1-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.65-2.5.1.2.el7_0","java-1.7.0-oracle-1:1.7.0.65-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.81-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.81-1jpp.1.el5_10","java-1.7.0-openjdk-1:1.7.0.65-2.5.1.2.el5_10","java-1.6.0-sun-1:1.6.0.81-1jpp.1.el7","java-1.5.0-ibm-1:1.5.0.16.7-1jpp.1.el6_5","java-1.7.0-ibm-1:1.7.0.7.1-1jpp.1.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4263.json"},{"CVE":"CVE-2014-4221","severity":"moderate","public_date":"2014-07-15T00:00:00Z","advisories":["RHSA-2014:0902","RHSA-2014:1041","RHSA-2014:0889","RHSA-2014:0890","RHSA-2014:1042"],"bugzilla":"1119483","bugzilla_description":"CVE-2014-4221 OpenJDK: MethodHandles.Lookup insufficient modifiers checks (Libraries, 8035788)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.65-1jpp.2.el5_10","java-1.7.0-oracle-1:1.7.0.65-1jpp.1.el7","java-1.7.0-openjdk-1:1.7.0.65-2.5.1.2.el5_10","java-1.7.0-oracle-1:1.7.0.65-1jpp.1.el6_5","java-1.7.1-ibm-1:1.7.1.1.1-1jpp.1.el7_0","java-1.7.0-openjdk-1:1.7.0.65-2.5.1.2.el6_5","java-1.7.0-ibm-1:1.7.0.7.1-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.65-2.5.1.2.el7_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4221.json"},{"CVE":"CVE-2014-4219","severity":"critical","public_date":"2014-07-15T00:00:00Z","advisories":["RHSA-2014:0908","RHSA-2014:1036","RHSA-2014:0902","RHSA-2014:1041","RHSA-2015:0264","RHSA-2014:0889","RHSA-2014:0890","RHSA-2014:0907","RHSA-2014:1033","RHSA-2014:1042"],"bugzilla":"1119596","bugzilla_description":"CVE-2014-4219 OpenJDK: Bytecode verification does not prevent ctor calls to this() and super() (Hotspot, 8035119)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.65-1jpp.2.el5_10","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.4.el6_5","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.4.el5_10","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.4.el7_0","java-1.7.0-oracle-1:1.7.0.65-1jpp.1.el6_5","java-1.7.1-ibm-1:1.7.1.1.1-1jpp.1.el7_0","java-1.7.0-openjdk-1:1.7.0.65-2.5.1.2.el6_5","java-1.6.0-ibm-1:1.6.0.16.1-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.65-2.5.1.2.el7_0","java-1.7.0-oracle-1:1.7.0.65-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.81-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.81-1jpp.1.el5_10","java-1.7.0-openjdk-1:1.7.0.65-2.5.1.2.el5_10","java-1.6.0-sun-1:1.6.0.81-1jpp.1.el7","java-1.5.0-ibm-1:1.5.0.16.7-1jpp.1.el6_5","java-1.7.0-ibm-1:1.7.0.7.1-1jpp.1.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4219.json"},{"CVE":"CVE-2014-2490","severity":"critical","public_date":"2014-07-15T00:00:00Z","advisories":["RHSA-2014:0902","RHSA-2014:0889","RHSA-2014:0890","RHSA-2014:0907"],"bugzilla":"1119597","bugzilla_description":"CVE-2014-2490 OpenJDK: Event logger format string vulnerability (Hotspot, 8037076)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-134","affected_packages":["java-1.7.0-oracle-1:1.7.0.65-1jpp.2.el5_10","java-1.7.0-oracle-1:1.7.0.65-1jpp.1.el7","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.4.el6_5","java-1.7.0-openjdk-1:1.7.0.65-2.5.1.2.el5_10","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.4.el5_10","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.4.el7_0","java-1.7.0-oracle-1:1.7.0.65-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.65-2.5.1.2.el6_5","java-1.7.0-openjdk-1:1.7.0.65-2.5.1.2.el7_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2490.json"},{"CVE":"CVE-2014-4216","severity":"critical","public_date":"2014-07-15T00:00:00Z","advisories":["RHSA-2014:0908","RHSA-2014:0902","RHSA-2014:0889","RHSA-2014:0890","RHSA-2014:0907"],"bugzilla":"1119600","bugzilla_description":"CVE-2014-4216 OpenJDK: Incorrect generic signature attribute parsing (Hotspot, 8037076)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.65-1jpp.2.el5_10","java-1.7.0-oracle-1:1.7.0.65-1jpp.1.el7","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.4.el6_5","java-1.6.0-sun-1:1.6.0.81-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.81-1jpp.1.el5_10","java-1.7.0-openjdk-1:1.7.0.65-2.5.1.2.el5_10","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.4.el5_10","java-1.6.0-sun-1:1.6.0.81-1jpp.1.el7","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.4.el7_0","java-1.7.0-oracle-1:1.7.0.65-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.65-2.5.1.2.el6_5","java-1.7.0-openjdk-1:1.7.0.65-2.5.1.2.el7_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4216.json"},{"CVE":"CVE-2014-4223","severity":"critical","public_date":"2014-07-15T00:00:00Z","advisories":["RHSA-2014:0902","RHSA-2014:0889","RHSA-2014:0890"],"bugzilla":"1119602","bugzilla_description":"CVE-2014-4223 OpenJDK: Incorrect handling of invocations with exhausted ranks (Libraries, 8035793)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.65-1jpp.2.el5_10","java-1.7.0-oracle-1:1.7.0.65-1jpp.1.el7","java-1.7.0-openjdk-1:1.7.0.65-2.5.1.2.el5_10","java-1.7.0-oracle-1:1.7.0.65-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.65-2.5.1.2.el6_5","java-1.7.0-openjdk-1:1.7.0.65-2.5.1.2.el7_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4223.json"},{"CVE":"CVE-2014-4209","severity":"moderate","public_date":"2014-07-15T00:00:00Z","advisories":["RHSA-2014:0908","RHSA-2014:1036","RHSA-2014:0902","RHSA-2014:1041","RHSA-2015:0264","RHSA-2014:0889","RHSA-2014:0890","RHSA-2014:0907","RHSA-2014:1033","RHSA-2014:1042"],"bugzilla":"1119608","bugzilla_description":"CVE-2014-4209 OpenJDK: SubjectDelegator protection insufficient (JMX, 8029755)","cvss_score":6.4,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.65-1jpp.2.el5_10","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.4.el6_5","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.4.el5_10","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.4.el7_0","java-1.7.0-oracle-1:1.7.0.65-1jpp.1.el6_5","java-1.7.1-ibm-1:1.7.1.1.1-1jpp.1.el7_0","java-1.7.0-openjdk-1:1.7.0.65-2.5.1.2.el6_5","java-1.6.0-ibm-1:1.6.0.16.1-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.65-2.5.1.2.el7_0","java-1.7.0-oracle-1:1.7.0.65-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.81-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.81-1jpp.1.el5_10","java-1.7.0-openjdk-1:1.7.0.65-2.5.1.2.el5_10","java-1.6.0-sun-1:1.6.0.81-1jpp.1.el7","java-1.5.0-ibm-1:1.5.0.16.7-1jpp.1.el6_5","java-1.7.0-ibm-1:1.7.0.7.1-1jpp.1.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4209.json"},{"CVE":"CVE-2014-4218","severity":"moderate","public_date":"2014-07-15T00:00:00Z","advisories":["RHSA-2014:0908","RHSA-2014:1036","RHSA-2014:0902","RHSA-2014:1041","RHSA-2015:0264","RHSA-2014:0889","RHSA-2014:0890","RHSA-2014:0907","RHSA-2014:1033","RHSA-2014:1042"],"bugzilla":"1119611","bugzilla_description":"CVE-2014-4218 OpenJDK: Clone interfaces passed to proxy methods (Libraries, 8035009)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.65-1jpp.2.el5_10","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.4.el6_5","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.4.el5_10","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.4.el7_0","java-1.7.0-oracle-1:1.7.0.65-1jpp.1.el6_5","java-1.7.1-ibm-1:1.7.1.1.1-1jpp.1.el7_0","java-1.7.0-openjdk-1:1.7.0.65-2.5.1.2.el6_5","java-1.6.0-ibm-1:1.6.0.16.1-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.65-2.5.1.2.el7_0","java-1.7.0-oracle-1:1.7.0.65-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.81-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.81-1jpp.1.el5_10","java-1.7.0-openjdk-1:1.7.0.65-2.5.1.2.el5_10","java-1.6.0-sun-1:1.6.0.81-1jpp.1.el7","java-1.5.0-ibm-1:1.5.0.16.7-1jpp.1.el6_5","java-1.7.0-ibm-1:1.7.0.7.1-1jpp.1.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4218.json"},{"CVE":"CVE-2014-4252","severity":"moderate","public_date":"2014-07-15T00:00:00Z","advisories":["RHSA-2014:0908","RHSA-2014:1036","RHSA-2014:0902","RHSA-2014:1041","RHSA-2015:0264","RHSA-2014:0889","RHSA-2014:0890","RHSA-2014:0907","RHSA-2014:1033","RHSA-2014:1042"],"bugzilla":"1119613","bugzilla_description":"CVE-2014-4252 OpenJDK: Prevent instantiation of service with non-public constructor (Security, 8035004)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.65-1jpp.2.el5_10","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.4.el6_5","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.4.el5_10","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.4.el7_0","java-1.7.0-oracle-1:1.7.0.65-1jpp.1.el6_5","java-1.7.1-ibm-1:1.7.1.1.1-1jpp.1.el7_0","java-1.7.0-openjdk-1:1.7.0.65-2.5.1.2.el6_5","java-1.6.0-ibm-1:1.6.0.16.1-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.65-2.5.1.2.el7_0","java-1.7.0-oracle-1:1.7.0.65-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.81-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.81-1jpp.1.el5_10","java-1.7.0-openjdk-1:1.7.0.65-2.5.1.2.el5_10","java-1.6.0-sun-1:1.6.0.81-1jpp.1.el7","java-1.5.0-ibm-1:1.5.0.16.7-1jpp.1.el6_5","java-1.7.0-ibm-1:1.7.0.7.1-1jpp.1.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4252.json"},{"CVE":"CVE-2014-4266","severity":"moderate","public_date":"2014-07-15T00:00:00Z","advisories":["RHSA-2014:0902","RHSA-2014:1041","RHSA-2014:0889","RHSA-2014:0890","RHSA-2014:0907","RHSA-2014:1042"],"bugzilla":"1119615","bugzilla_description":"CVE-2014-4266 OpenJDK: InfoBuilder incorrect return values (Serviceability, 8033301)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.65-1jpp.2.el5_10","java-1.7.0-oracle-1:1.7.0.65-1jpp.1.el7","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.4.el6_5","java-1.7.0-openjdk-1:1.7.0.65-2.5.1.2.el5_10","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.4.el5_10","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.4.el7_0","java-1.7.0-oracle-1:1.7.0.65-1jpp.1.el6_5","java-1.7.1-ibm-1:1.7.1.1.1-1jpp.1.el7_0","java-1.7.0-openjdk-1:1.7.0.65-2.5.1.2.el6_5","java-1.7.0-ibm-1:1.7.0.7.1-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.65-2.5.1.2.el7_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4266.json"},{"CVE":"CVE-2014-4268","severity":"moderate","public_date":"2014-07-15T00:00:00Z","advisories":[],"bugzilla":"1119616","bugzilla_description":"CVE-2014-4268 OpenJDK: Missing file choser access restrictions (Swing, 8035699)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4268.json"},{"CVE":"CVE-2014-4264","severity":"moderate","public_date":"2014-07-15T00:00:00Z","advisories":["RHSA-2014:0902"],"bugzilla":"1119622","bugzilla_description":"CVE-2014-4264 OpenJDK: Incorrect TLS/EC management (Security, 8031340)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.65-1jpp.2.el5_10","java-1.7.0-oracle-1:1.7.0.65-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.65-1jpp.1.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4264.json"},{"CVE":"CVE-2014-2483","severity":"critical","public_date":"2014-07-15T00:00:00Z","advisories":["RHSA-2014:0902","RHSA-2014:0889","RHSA-2014:0890"],"bugzilla":"1119626","bugzilla_description":"CVE-2014-2483 OpenJDK: Restrict use of privileged annotations (Libraries, 8034985)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.65-1jpp.2.el5_10","java-1.7.0-oracle-1:1.7.0.65-1jpp.1.el7","java-1.7.0-openjdk-1:1.7.0.65-2.5.1.2.el5_10","java-1.7.0-oracle-1:1.7.0.65-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.65-2.5.1.2.el6_5","java-1.7.0-openjdk-1:1.7.0.65-2.5.1.2.el7_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2483.json"},{"CVE":"CVE-2014-4227","severity":"critical","public_date":"2014-07-15T00:00:00Z","advisories":["RHSA-2014:0908","RHSA-2014:0902","RHSA-2014:1041","RHSA-2015:0264","RHSA-2014:1033","RHSA-2014:1042"],"bugzilla":"1119912","bugzilla_description":"CVE-2014-4227 Oracle JDK: unspecified vulnerability fixed in 6u81, 7u65 and 8u11 (Deployment)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.65-1jpp.2.el5_10","java-1.7.0-oracle-1:1.7.0.65-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.81-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.81-1jpp.1.el5_10","java-1.6.0-sun-1:1.6.0.81-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.65-1jpp.1.el6_5","java-1.7.1-ibm-1:1.7.1.1.1-1jpp.1.el7_0","java-1.6.0-ibm-1:1.6.0.16.1-1jpp.1.el6_5","java-1.7.0-ibm-1:1.7.0.7.1-1jpp.1.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4227.json"},{"CVE":"CVE-2014-4265","severity":"moderate","public_date":"2014-07-15T00:00:00Z","advisories":["RHSA-2014:0908","RHSA-2014:0902","RHSA-2014:1041","RHSA-2015:0264","RHSA-2014:1033","RHSA-2014:1042"],"bugzilla":"1119913","bugzilla_description":"CVE-2014-4265 Oracle JDK: unspecified vulnerability fixed in 6u81, 7u65 and 8u11 (Deployment)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.65-1jpp.2.el5_10","java-1.7.0-oracle-1:1.7.0.65-1jpp.1.el7","java-1.6.0-sun-1:1.6.0.81-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.81-1jpp.1.el5_10","java-1.6.0-sun-1:1.6.0.81-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.65-1jpp.1.el6_5","java-1.7.1-ibm-1:1.7.1.1.1-1jpp.1.el7_0","java-1.6.0-ibm-1:1.6.0.16.1-1jpp.1.el6_5","java-1.7.0-ibm-1:1.7.0.7.1-1jpp.1.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4265.json"},{"CVE":"CVE-2014-4220","severity":"moderate","public_date":"2014-07-15T00:00:00Z","advisories":["RHSA-2014:0902","RHSA-2014:1041","RHSA-2014:1042"],"bugzilla":"1119914","bugzilla_description":"CVE-2014-4220 Oracle JDK: unspecified vulnerability fixed in 7u65 and 8u11 (Deployment)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.65-1jpp.2.el5_10","java-1.7.0-oracle-1:1.7.0.65-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.65-1jpp.1.el6_5","java-1.7.1-ibm-1:1.7.1.1.1-1jpp.1.el7_0","java-1.7.0-ibm-1:1.7.0.7.1-1jpp.1.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4220.json"},{"CVE":"CVE-2014-4208","severity":"low","public_date":"2014-07-15T00:00:00Z","advisories":["RHSA-2014:0902","RHSA-2014:1041","RHSA-2014:1042"],"bugzilla":"1119915","bugzilla_description":"CVE-2014-4208 Oracle JDK: unspecified vulnerability fixed in 7u65 and 8u11 (Deployment)","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.65-1jpp.2.el5_10","java-1.7.0-oracle-1:1.7.0.65-1jpp.1.el7","java-1.7.0-oracle-1:1.7.0.65-1jpp.1.el6_5","java-1.7.1-ibm-1:1.7.1.1.1-1jpp.1.el7_0","java-1.7.0-ibm-1:1.7.0.7.1-1jpp.1.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4208.json"},{"CVE":"CVE-2014-4247","severity":"critical","public_date":"2014-07-15T00:00:00Z","advisories":[],"bugzilla":"1119918","bugzilla_description":"CVE-2014-4247 Oracle JDK: unspecified vulnerability fixed in 8u11 (JavaFX)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4247.json"},{"CVE":"CVE-2015-3149","severity":"low","public_date":"2014-04-20T00:00:00Z","advisories":["RHSA-2015:1228"],"bugzilla":"1213365","bugzilla_description":"CVE-2015-3149 OpenJDK8: insecure hsperfdata temporary file handling, CVE-2015-0383 regression (Hotspot)","cvss_score":3.3,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:P/A:P","CWE":"CWE-377","affected_packages":["java-1.8.0-openjdk-1:1.8.0.51-0.b16.el6_6","java-1.8.0-openjdk-1:1.8.0.51-1.b16.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3149.json"},{"CVE":"CVE-2014-2398","severity":"low","public_date":"2014-04-15T00:00:00Z","advisories":["RHSA-2014:0685","RHSA-2014:0982","RHSA-2014:0675","RHSA-2014:0486","RHSA-2014:0414","RHSA-2014:0412","RHSA-2014:0413","RHSA-2014:0407","RHSA-2014:0408","RHSA-2014:0705","RHSA-2014:0406","RHSA-2014:0508","RHSA-2014:0509"],"bugzilla":"1086632","bugzilla_description":"CVE-2014-2398 OpenJDK: insufficient escaping of window title string (Javadoc, 8026736)","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el5_10","java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el6_5","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.3.el7_0","java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10","java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.5.0-ibm-1:1.5.0.16.6-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.2.el7_0","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.6.0-sun-1:1.6.0.75-1jpp.1.el6_5","java-1.7.0-ibm-1:1.7.0.7.0-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2398.json"},{"CVE":"CVE-2014-0453","severity":"moderate","public_date":"2014-04-15T00:00:00Z","advisories":["RHSA-2014:0685","RHSA-2014:0982","RHSA-2014:0675","RHSA-2014:0486","RHSA-2014:0414","RHSA-2014:0412","RHSA-2014:0413","RHSA-2014:0407","RHSA-2014:0408","RHSA-2014:0705","RHSA-2014:0406","RHSA-2014:0508","RHSA-2014:0509"],"bugzilla":"1086645","bugzilla_description":"CVE-2014-0453 OpenJDK: RSA unpadding timing issues (Security, 8027766)","cvss_score":4.0,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el5_10","java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el6_5","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.3.el7_0","java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10","java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.5.0-ibm-1:1.5.0.16.6-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.2.el7_0","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.6.0-sun-1:1.6.0.75-1jpp.1.el6_5","java-1.7.0-ibm-1:1.7.0.7.0-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0453.json"},{"CVE":"CVE-2014-0429","severity":"critical","public_date":"2014-04-15T00:00:00Z","advisories":["RHSA-2014:0685","RHSA-2014:0982","RHSA-2014:0675","RHSA-2014:0486","RHSA-2014:0414","RHSA-2014:0412","RHSA-2014:0413","RHSA-2014:0407","RHSA-2014:0408","RHSA-2014:0705","RHSA-2014:0406","RHSA-2014:0508","RHSA-2014:0509"],"bugzilla":"1087409","bugzilla_description":"CVE-2014-0429 OpenJDK: Incorrect mlib/raster image validation (2D, 8027841)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el5_10","java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el6_5","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.3.el7_0","java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10","java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.5.0-ibm-1:1.5.0.16.6-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.2.el7_0","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.7.0-ibm-1:1.7.0.7.0-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0429.json"},{"CVE":"CVE-2014-0457","severity":"critical","public_date":"2014-04-15T00:00:00Z","advisories":["RHSA-2014:0685","RHSA-2014:0982","RHSA-2014:0675","RHSA-2014:0486","RHSA-2014:0414","RHSA-2014:0412","RHSA-2014:0413","RHSA-2014:0407","RHSA-2014:0408","RHSA-2014:0705","RHSA-2014:0406","RHSA-2014:0508","RHSA-2014:0509"],"bugzilla":"1087411","bugzilla_description":"CVE-2014-0457 OpenJDK: ServiceLoader Exception handling security bypass (Libraries, 8031394)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el5_10","java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el6_5","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.3.el7_0","java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10","java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.5.0-ibm-1:1.5.0.16.6-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.2.el7_0","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.7.0-ibm-1:1.7.0.7.0-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0457.json"},{"CVE":"CVE-2014-0456","severity":"critical","public_date":"2014-04-15T00:00:00Z","advisories":["RHSA-2014:0685","RHSA-2014:0675","RHSA-2014:0414","RHSA-2014:0412","RHSA-2014:0413","RHSA-2014:0407","RHSA-2014:0408","RHSA-2014:0406"],"bugzilla":"1087413","bugzilla_description":"CVE-2014-0456 OpenJDK: System.arraycopy() element race condition (Hotspot, 8029858)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el5_10","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.2.el7_0","java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el6_5","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.1.el6_5","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.3.el7_0","java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0456.json"},{"CVE":"CVE-2014-2421","severity":"critical","public_date":"2014-04-15T00:00:00Z","advisories":["RHSA-2014:0685","RHSA-2014:0982","RHSA-2014:0675","RHSA-2014:0486","RHSA-2014:0414","RHSA-2014:0412","RHSA-2014:0413","RHSA-2014:0407","RHSA-2014:0408","RHSA-2014:0705","RHSA-2014:0406","RHSA-2014:0508","RHSA-2014:0509"],"bugzilla":"1087417","bugzilla_description":"CVE-2014-2421 OpenJDK: JPEG decoder input stream handling (2D, 8029854)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el5_10","java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el6_5","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.3.el7_0","java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10","java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.5.0-ibm-1:1.5.0.16.6-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.2.el7_0","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.7.0-ibm-1:1.7.0.7.0-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2421.json"},{"CVE":"CVE-2014-2397","severity":"critical","public_date":"2014-04-15T00:00:00Z","advisories":["RHSA-2014:0685","RHSA-2014:0675","RHSA-2014:0412","RHSA-2014:0413","RHSA-2014:0407","RHSA-2014:0408","RHSA-2014:0406"],"bugzilla":"1087423","bugzilla_description":"CVE-2014-2397 OpenJDK: classfile parser invalid BootstrapMethods attribute length (Hotspot, 8034926)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el5_10","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.2.el7_0","java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el6_5","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.3.el7_0","java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2397.json"},{"CVE":"CVE-2014-0455","severity":"critical","public_date":"2014-04-15T00:00:00Z","advisories":["RHSA-2014:0675","RHSA-2014:0486","RHSA-2014:0412","RHSA-2014:0413","RHSA-2014:0407","RHSA-2014:0705","RHSA-2014:0406"],"bugzilla":"1087424","bugzilla_description":"CVE-2014-0455 OpenJDK: MethodHandle variable argument lists handling (Libraries, 8029844)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.2.el7_0","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5","java-1.7.0-ibm-1:1.7.0.7.0-1jpp.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0455.json"},{"CVE":"CVE-2014-0461","severity":"critical","public_date":"2014-04-15T00:00:00Z","advisories":["RHSA-2014:0685","RHSA-2014:0982","RHSA-2014:0675","RHSA-2014:0486","RHSA-2014:0414","RHSA-2014:0412","RHSA-2014:0413","RHSA-2014:0407","RHSA-2014:0408","RHSA-2014:0705","RHSA-2014:0406","RHSA-2014:0508"],"bugzilla":"1087426","bugzilla_description":"CVE-2014-0461 OpenJDK: Better ScriptEngineManager ScriptEngine management (Libraries, 8036794)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el5_10","java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.2.el7_0","java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el6_5","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.3.el7_0","java-1.7.0-ibm-1:1.7.0.7.0-1jpp.1.el6_5","java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0461.json"},{"CVE":"CVE-2014-2412","severity":"important","public_date":"2014-04-15T00:00:00Z","advisories":["RHSA-2014:0685","RHSA-2014:0982","RHSA-2014:0675","RHSA-2014:0486","RHSA-2014:0414","RHSA-2014:0412","RHSA-2014:0413","RHSA-2014:0407","RHSA-2014:0408","RHSA-2014:0705","RHSA-2014:0406","RHSA-2014:0508","RHSA-2014:0509"],"bugzilla":"1087427","bugzilla_description":"CVE-2014-2412 OpenJDK: AWT thread context handling (AWT, 8025010)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el5_10","java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el6_5","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.3.el7_0","java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10","java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.5.0-ibm-1:1.5.0.16.6-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.2.el7_0","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.7.0-ibm-1:1.7.0.7.0-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2412.json"},{"CVE":"CVE-2014-0451","severity":"important","public_date":"2014-04-15T00:00:00Z","advisories":["RHSA-2014:0685","RHSA-2014:0982","RHSA-2014:0675","RHSA-2014:0486","RHSA-2014:0414","RHSA-2014:0412","RHSA-2014:0413","RHSA-2014:0407","RHSA-2014:0408","RHSA-2014:0705","RHSA-2014:0406","RHSA-2014:0508","RHSA-2014:0509"],"bugzilla":"1087428","bugzilla_description":"CVE-2014-0451 OpenJDK: AWT incorrect FlavorMap seperation (AWT, 8026797)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el5_10","java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el6_5","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.3.el7_0","java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10","java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.5.0-ibm-1:1.5.0.16.6-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.2.el7_0","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.7.0-ibm-1:1.7.0.7.0-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0451.json"},{"CVE":"CVE-2014-0458","severity":"important","public_date":"2014-04-15T00:00:00Z","advisories":["RHSA-2014:0685","RHSA-2014:0982","RHSA-2014:0675","RHSA-2014:0486","RHSA-2014:0414","RHSA-2014:0412","RHSA-2014:0413","RHSA-2014:0407","RHSA-2014:0408","RHSA-2014:0705","RHSA-2014:0406","RHSA-2014:0508"],"bugzilla":"1087430","bugzilla_description":"CVE-2014-0458 OpenJDK: Activation framework default command map caching (JAX-WS, 8025152)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el5_10","java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.2.el7_0","java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el6_5","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.3.el7_0","java-1.7.0-ibm-1:1.7.0.7.0-1jpp.1.el6_5","java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0458.json"},{"CVE":"CVE-2014-2414","severity":"important","public_date":"2014-04-15T00:00:00Z","advisories":["RHSA-2014:0685","RHSA-2014:0982","RHSA-2014:0675","RHSA-2014:0486","RHSA-2014:0414","RHSA-2014:0412","RHSA-2014:0413","RHSA-2014:0407","RHSA-2014:0408","RHSA-2014:0705","RHSA-2014:0406","RHSA-2014:0508"],"bugzilla":"1087431","bugzilla_description":"CVE-2014-2414 OpenJDK: incorrect caching of data initialized via TCCL (JAXB, 8025030)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el5_10","java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.2.el7_0","java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el6_5","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.3.el7_0","java-1.7.0-ibm-1:1.7.0.7.0-1jpp.1.el6_5","java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2414.json"},{"CVE":"CVE-2014-2423","severity":"important","public_date":"2014-04-15T00:00:00Z","advisories":["RHSA-2014:0685","RHSA-2014:0982","RHSA-2014:0675","RHSA-2014:0486","RHSA-2014:0414","RHSA-2014:0412","RHSA-2014:0413","RHSA-2014:0407","RHSA-2014:0408","RHSA-2014:0705","RHSA-2014:0406","RHSA-2014:0508"],"bugzilla":"1087434","bugzilla_description":"CVE-2014-2423 OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026188)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el5_10","java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.2.el7_0","java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el6_5","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.3.el7_0","java-1.7.0-ibm-1:1.7.0.7.0-1jpp.1.el6_5","java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2423.json"},{"CVE":"CVE-2014-0452","severity":"important","public_date":"2014-04-15T00:00:00Z","advisories":["RHSA-2014:0685","RHSA-2014:0982","RHSA-2014:0675","RHSA-2014:0486","RHSA-2014:0414","RHSA-2014:0412","RHSA-2014:0413","RHSA-2014:0407","RHSA-2014:0408","RHSA-2014:0705","RHSA-2014:0406","RHSA-2014:0508"],"bugzilla":"1087436","bugzilla_description":"CVE-2014-0452 OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026801)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el5_10","java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.2.el7_0","java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el6_5","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.3.el7_0","java-1.7.0-ibm-1:1.7.0.7.0-1jpp.1.el6_5","java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0452.json"},{"CVE":"CVE-2014-2402","severity":"important","public_date":"2014-04-15T00:00:00Z","advisories":["RHSA-2014:0675","RHSA-2014:0486","RHSA-2014:0412","RHSA-2014:0413","RHSA-2014:0407","RHSA-2014:0705","RHSA-2014:0406"],"bugzilla":"1087438","bugzilla_description":"CVE-2014-2402 OpenJDK: Incorrect NIO channel separation (Libraries, 8026716)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.2.el7_0","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5","java-1.7.0-ibm-1:1.7.0.7.0-1jpp.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2402.json"},{"CVE":"CVE-2014-0446","severity":"important","public_date":"2014-04-15T00:00:00Z","advisories":["RHSA-2014:0685","RHSA-2014:0982","RHSA-2014:0675","RHSA-2014:0486","RHSA-2014:0414","RHSA-2014:0412","RHSA-2014:0413","RHSA-2014:0407","RHSA-2014:0408","RHSA-2014:0705","RHSA-2014:0406","RHSA-2014:0508","RHSA-2014:0509"],"bugzilla":"1087439","bugzilla_description":"CVE-2014-0446 OpenJDK: Protect logger handlers (Libraries, 8029740)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el5_10","java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el6_5","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.3.el7_0","java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10","java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.5.0-ibm-1:1.5.0.16.6-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.2.el7_0","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.7.0-ibm-1:1.7.0.7.0-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0446.json"},{"CVE":"CVE-2014-0454","severity":"important","public_date":"2014-04-15T00:00:00Z","advisories":["RHSA-2014:0675","RHSA-2014:0486","RHSA-2014:0412","RHSA-2014:0413","RHSA-2014:0407","RHSA-2014:0705","RHSA-2014:0406"],"bugzilla":"1087440","bugzilla_description":"CVE-2014-0454 OpenJDK: Prevent SIGNATURE_PRIMITIVE_SET from being modified (Security, 8029745)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.2.el7_0","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5","java-1.7.0-ibm-1:1.7.0.7.0-1jpp.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0454.json"},{"CVE":"CVE-2014-2427","severity":"important","public_date":"2014-04-15T00:00:00Z","advisories":["RHSA-2014:0685","RHSA-2014:0982","RHSA-2014:0675","RHSA-2014:0486","RHSA-2014:0414","RHSA-2014:0412","RHSA-2014:0413","RHSA-2014:0407","RHSA-2014:0408","RHSA-2014:0705","RHSA-2014:0406","RHSA-2014:0508","RHSA-2014:0509"],"bugzilla":"1087441","bugzilla_description":"CVE-2014-2427 OpenJDK: remove insecure Java Sound provider caching (Sound, 8026163)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el5_10","java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el6_5","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.3.el7_0","java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10","java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.5.0-ibm-1:1.5.0.16.6-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.2.el7_0","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.7.0-ibm-1:1.7.0.7.0-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2427.json"},{"CVE":"CVE-2014-0460","severity":"moderate","public_date":"2014-04-15T00:00:00Z","advisories":["RHSA-2014:0685","RHSA-2014:0982","RHSA-2014:0675","RHSA-2014:0486","RHSA-2014:0414","RHSA-2014:0412","RHSA-2014:0413","RHSA-2014:0407","RHSA-2014:0408","RHSA-2014:0705","RHSA-2014:0406","RHSA-2014:0508","RHSA-2014:0509"],"bugzilla":"1087442","bugzilla_description":"CVE-2014-0460 OpenJDK: missing randomization of JNDI DNS client query IDs (JNDI, 8030731)","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el5_10","java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el6_5","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.3.el7_0","java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10","java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.5.0-ibm-1:1.5.0.16.6-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.2.el7_0","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.7.0-ibm-1:1.7.0.7.0-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0460.json"},{"CVE":"CVE-2014-2403","severity":"moderate","public_date":"2014-04-15T00:00:00Z","advisories":["RHSA-2014:0685","RHSA-2014:0675","RHSA-2014:0414","RHSA-2014:0412","RHSA-2014:0413","RHSA-2014:0407","RHSA-2014:0408","RHSA-2014:0406"],"bugzilla":"1087443","bugzilla_description":"CVE-2014-2403 OpenJDK: JAXP CharInfo file access restriction (JAXP, 8029282)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el5_10","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.2.el7_0","java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el6_5","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.1.el6_5","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.3.el7_0","java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2403.json"},{"CVE":"CVE-2014-0459","severity":"moderate","public_date":"2014-04-15T00:00:00Z","advisories":["RHSA-2014:0675","RHSA-2014:0486","RHSA-2014:0412","RHSA-2014:0413","RHSA-2014:0407","RHSA-2014:0705","RHSA-2014:0406"],"bugzilla":"1087444","bugzilla_description":"CVE-2014-0459 lcms: insufficient ICC profile version validation (OpenJDK 2D, 8031335)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.2.el7_0","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5","java-1.7.0-ibm-1:1.7.0.7.0-1jpp.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0459.json"},{"CVE":"CVE-2014-2413","severity":"moderate","public_date":"2014-04-15T00:00:00Z","advisories":["RHSA-2014:0675","RHSA-2014:0412","RHSA-2014:0413","RHSA-2014:0407","RHSA-2014:0406"],"bugzilla":"1087446","bugzilla_description":"CVE-2014-2413 OpenJDK: method handle call hierachy bypass (Libraries, 8032686)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.55-2.4.7.2.el7_0","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2413.json"},{"CVE":"CVE-2014-0432","severity":"critical","public_date":"2014-04-15T00:00:00Z","advisories":["RHSA-2014:0412","RHSA-2014:0413"],"bugzilla":"1088023","bugzilla_description":"CVE-2014-0432 Oracle JDK: unspecified vulnerability fixed in 7u55 and 8u5 (Libraries)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0432.json"},{"CVE":"CVE-2014-0448","severity":"important","public_date":"2014-04-15T00:00:00Z","advisories":["RHSA-2014:0486","RHSA-2014:0412","RHSA-2014:0413","RHSA-2014:0705"],"bugzilla":"1088024","bugzilla_description":"CVE-2014-0448 Oracle JDK: unspecified vulnerability fixed in 7u55 and 8u5 (Deployment)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5","java-1.7.0-ibm-1:1.7.0.7.0-1jpp.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0448.json"},{"CVE":"CVE-2014-2428","severity":"important","public_date":"2014-04-15T00:00:00Z","advisories":["RHSA-2014:0982","RHSA-2014:0486","RHSA-2014:0414","RHSA-2014:0412","RHSA-2014:0413","RHSA-2014:0705","RHSA-2014:0508"],"bugzilla":"1088025","bugzilla_description":"CVE-2014-2428 Oracle JDK: unspecified vulnerability fixed in 6u75, 7u55 and 8u5 (Deployment)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.1.el6_5","java-1.7.0-ibm-1:1.7.0.7.0-1jpp.1.el6_5","java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2428.json"},{"CVE":"CVE-2014-2422","severity":"important","public_date":"2014-04-15T00:00:00Z","advisories":["RHSA-2014:0412","RHSA-2014:0413"],"bugzilla":"1088026","bugzilla_description":"CVE-2014-2422 Oracle JDK: unspecified vulnerability fixed in 7u55 and 8u5 (JavaFX)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2422.json"},{"CVE":"CVE-2014-2409","severity":"moderate","public_date":"2014-04-15T00:00:00Z","advisories":["RHSA-2014:0982","RHSA-2014:0486","RHSA-2014:0414","RHSA-2014:0412","RHSA-2014:0413","RHSA-2014:0705","RHSA-2014:0508"],"bugzilla":"1088027","bugzilla_description":"CVE-2014-2409 Oracle JDK: unspecified vulnerability fixed in 6u75, 7u55 and 8u5 (Deployment)","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.1.el6_5","java-1.7.0-ibm-1:1.7.0.7.0-1jpp.1.el6_5","java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2409.json"},{"CVE":"CVE-2014-0449","severity":"moderate","public_date":"2014-04-15T00:00:00Z","advisories":["RHSA-2014:0982","RHSA-2014:0486","RHSA-2014:0414","RHSA-2014:0412","RHSA-2014:0413","RHSA-2014:0705","RHSA-2014:0508"],"bugzilla":"1088028","bugzilla_description":"CVE-2014-0449 Oracle JDK: unspecified vulnerability fixed in 6u75, 7u55 and 8u5 (Deployment)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.1.el6_5","java-1.7.0-ibm-1:1.7.0.7.0-1jpp.1.el6_5","java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0449.json"},{"CVE":"CVE-2014-2401","severity":"moderate","public_date":"2014-04-15T00:00:00Z","advisories":["RHSA-2014:0982","RHSA-2014:0486","RHSA-2014:0414","RHSA-2014:0412","RHSA-2014:0413","RHSA-2014:0705","RHSA-2014:0508","RHSA-2014:0509"],"bugzilla":"1088030","bugzilla_description":"CVE-2014-2401 Oracle JDK: unspecified vulnerability fixed in 5.0u75, 6u75, 7u55 and 8u5 (2D)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.5.0-ibm-1:1.5.0.16.6-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.1.el6_5","java-1.7.0-ibm-1:1.7.0.7.0-1jpp.1.el6_5","java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2401.json"},{"CVE":"CVE-2014-2420","severity":"low","public_date":"2014-04-15T00:00:00Z","advisories":["RHSA-2014:0982","RHSA-2014:0486","RHSA-2014:0414","RHSA-2014:0412","RHSA-2014:0413","RHSA-2014:0705","RHSA-2014:0508"],"bugzilla":"1088031","bugzilla_description":"CVE-2014-2420 Oracle JDK: unspecified vulnerability fixed in 6u75, 7u55 and 8u5 (Deployment)","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.1.el6_5","java-1.7.0-ibm-1:1.7.0.7.0-1jpp.1.el6_5","java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2420.json"},{"CVE":"CVE-2014-0463","severity":"critical","public_date":"2014-04-15T00:00:00Z","advisories":[],"bugzilla":"1088039","bugzilla_description":"Oracle JDK: unspecified vulnerabilities fixed in 8u5 (JavaFX, Scripting)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0463.json"},{"CVE":"CVE-2014-0464","severity":"critical","public_date":"2014-04-15T00:00:00Z","advisories":[],"bugzilla":"1088039","bugzilla_description":"Oracle JDK: unspecified vulnerabilities fixed in 8u5 (JavaFX, Scripting)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0464.json"},{"CVE":"CVE-2014-2410","severity":"critical","public_date":"2014-04-15T00:00:00Z","advisories":[],"bugzilla":"1088039","bugzilla_description":"Oracle JDK: unspecified vulnerabilities fixed in 8u5 (JavaFX, Scripting)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2410.json"},{"CVE":"CVE-2014-1876","severity":"low","public_date":"2014-02-03T00:00:00Z","advisories":["RHSA-2014:0685","RHSA-2014:0982","RHSA-2014:0675","RHSA-2014:0486","RHSA-2014:0414","RHSA-2014:0412","RHSA-2014:0413","RHSA-2014:0407","RHSA-2014:0408","RHSA-2014:0705","RHSA-2014:0406","RHSA-2014:0508","RHSA-2014:0509"],"bugzilla":"1060907","bugzilla_description":"CVE-2014-1876 OpenJDK: insecure temporary file use in unpack200 (Libraries, 8033618)","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-377","affected_packages":["java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el5_10","java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el6_5","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5","java-1.6.0-openjdk-1:1.6.0.0-6.1.13.3.el7_0","java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10","java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.5.0-ibm-1:1.5.0.16.6-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.2.el7_0","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.6.0-sun-1:1.6.0.75-1jpp.1.el6_5","java-1.7.0-ibm-1:1.7.0.7.0-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1876.json"},{"CVE":"CVE-2013-4578","severity":"low","public_date":"2014-01-14T00:00:00Z","advisories":["RHSA-2014:0135","RHSA-2014:0026","RHSA-2014:0136","RHSA-2014:0134","RHSA-2014:0414","RHSA-2014:0027","RHSA-2014:0030","RHSA-2014:0097"],"bugzilla":"1031471","bugzilla_description":"CVE-2013-4578 OpenJDK: jarsigner does not detect unsigned bytecode injected into signed jars","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.5.0-ibm-1:1.5.0.16.5-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5","java-1.7.0-ibm-1:1.7.0.6.1-1jpp.1.el6_5","java-1.6.0-ibm-1:1.6.0.15.1-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10","java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.6.0-sun-1:1.6.0.75-1jpp.1.el6_5","java-1.6.0-openjdk-1:1.6.0.0-3.1.13.1.el6_5","java-1.6.0-openjdk-1:1.6.0.0-3.1.13.1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4578.json"},{"CVE":"CVE-2014-0428","severity":"critical","public_date":"2014-01-14T00:00:00Z","advisories":["RHSA-2014:0982","RHSA-2014:0135","RHSA-2014:0026","RHSA-2014:0136","RHSA-2014:0134","RHSA-2014:0414","RHSA-2014:0027","RHSA-2014:0705","RHSA-2014:0030","RHSA-2014:0097"],"bugzilla":"1051519","bugzilla_description":"CVE-2014-0428 OpenJDK: insufficient security checks in IIOP streams (CORBA, 8025767)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.5.0-ibm-1:1.5.0.16.5-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5","java-1.7.0-ibm-1:1.7.0.6.1-1jpp.1.el6_5","java-1.6.0-ibm-1:1.6.0.15.1-1jpp.1.el6_5","java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10","java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.6.0-openjdk-1:1.6.0.0-3.1.13.1.el6_5","java-1.6.0-openjdk-1:1.6.0.0-3.1.13.1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0428.json"},{"CVE":"CVE-2014-0422","severity":"critical","public_date":"2014-01-14T00:00:00Z","advisories":["RHSA-2014:0982","RHSA-2014:0135","RHSA-2014:0026","RHSA-2014:0136","RHSA-2014:0134","RHSA-2014:0414","RHSA-2014:0027","RHSA-2014:0705","RHSA-2014:0030","RHSA-2014:0097"],"bugzilla":"1051528","bugzilla_description":"CVE-2014-0422 OpenJDK: insufficient package access checks in the Naming component (JNDI, 8025758)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.5.0-ibm-1:1.5.0.16.5-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5","java-1.7.0-ibm-1:1.7.0.6.1-1jpp.1.el6_5","java-1.6.0-ibm-1:1.6.0.15.1-1jpp.1.el6_5","java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10","java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.6.0-openjdk-1:1.6.0.0-3.1.13.1.el6_5","java-1.6.0-openjdk-1:1.6.0.0-3.1.13.1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0422.json"},{"CVE":"CVE-2013-5893","severity":"critical","public_date":"2014-01-14T00:00:00Z","advisories":["RHSA-2014:0026","RHSA-2014:0027","RHSA-2014:0030"],"bugzilla":"1051549","bugzilla_description":"CVE-2013-5893 OpenJDK: JVM method processing issues (Libraries, 8029507)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5","java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10","java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5893.json"},{"CVE":"CVE-2014-0373","severity":"important","public_date":"2014-01-14T00:00:00Z","advisories":["RHSA-2014:0982","RHSA-2014:0135","RHSA-2014:0026","RHSA-2014:0136","RHSA-2014:0134","RHSA-2014:0414","RHSA-2014:0027","RHSA-2014:0705","RHSA-2014:0030","RHSA-2014:0097"],"bugzilla":"1051699","bugzilla_description":"CVE-2014-0373 OpenJDK: SnmpStatusException handling issues (Serviceability, 7068126)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.5.0-ibm-1:1.5.0.16.5-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5","java-1.7.0-ibm-1:1.7.0.6.1-1jpp.1.el6_5","java-1.6.0-ibm-1:1.6.0.15.1-1jpp.1.el6_5","java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10","java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.6.0-openjdk-1:1.6.0.0-3.1.13.1.el6_5","java-1.6.0-openjdk-1:1.6.0.0-3.1.13.1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0373.json"},{"CVE":"CVE-2013-5878","severity":"important","public_date":"2014-01-14T00:00:00Z","advisories":["RHSA-2014:0982","RHSA-2014:0135","RHSA-2014:0026","RHSA-2014:0134","RHSA-2014:0414","RHSA-2014:0027","RHSA-2014:0705","RHSA-2014:0030","RHSA-2014:0097"],"bugzilla":"1051823","bugzilla_description":"CVE-2013-5878 OpenJDK: null xmlns handling issue (Security, 8025026)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5","java-1.7.0-ibm-1:1.7.0.6.1-1jpp.1.el6_5","java-1.6.0-ibm-1:1.6.0.15.1-1jpp.1.el6_5","java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10","java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.6.0-openjdk-1:1.6.0.0-3.1.13.1.el6_5","java-1.6.0-openjdk-1:1.6.0.0-3.1.13.1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5878.json"},{"CVE":"CVE-2013-5884","severity":"moderate","public_date":"2014-01-14T00:00:00Z","advisories":["RHSA-2014:0982","RHSA-2014:0135","RHSA-2014:0026","RHSA-2014:0134","RHSA-2014:0414","RHSA-2014:0027","RHSA-2014:0705","RHSA-2014:0030","RHSA-2014:0097"],"bugzilla":"1051911","bugzilla_description":"CVE-2013-5884 OpenJDK: insufficient security checks in CORBA stub factories (CORBA, 8026193)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5","java-1.7.0-ibm-1:1.7.0.6.1-1jpp.1.el6_5","java-1.6.0-ibm-1:1.6.0.15.1-1jpp.1.el6_5","java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10","java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.6.0-openjdk-1:1.6.0.0-3.1.13.1.el6_5","java-1.6.0-openjdk-1:1.6.0.0-3.1.13.1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5884.json"},{"CVE":"CVE-2014-0416","severity":"moderate","public_date":"2014-01-14T00:00:00Z","advisories":["RHSA-2014:0982","RHSA-2014:0135","RHSA-2014:0026","RHSA-2014:0136","RHSA-2014:0134","RHSA-2014:0414","RHSA-2014:0027","RHSA-2014:0705","RHSA-2014:0030","RHSA-2014:0097"],"bugzilla":"1051912","bugzilla_description":"CVE-2014-0416 OpenJDK: insecure subject principals set handling (JAAS, 8024306)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.5.0-ibm-1:1.5.0.16.5-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5","java-1.7.0-ibm-1:1.7.0.6.1-1jpp.1.el6_5","java-1.6.0-ibm-1:1.6.0.15.1-1jpp.1.el6_5","java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10","java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.6.0-openjdk-1:1.6.0.0-3.1.13.1.el6_5","java-1.6.0-openjdk-1:1.6.0.0-3.1.13.1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0416.json"},{"CVE":"CVE-2014-0376","severity":"moderate","public_date":"2014-01-14T00:00:00Z","advisories":["RHSA-2014:0982","RHSA-2014:0135","RHSA-2014:0026","RHSA-2014:0136","RHSA-2014:0134","RHSA-2014:0414","RHSA-2014:0027","RHSA-2014:0705","RHSA-2014:0030","RHSA-2014:0097"],"bugzilla":"1051923","bugzilla_description":"CVE-2014-0376 OpenJDK: document builder missing security checks (JAXP, 8027201, 8025018)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.5.0-ibm-1:1.5.0.16.5-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5","java-1.7.0-ibm-1:1.7.0.6.1-1jpp.1.el6_5","java-1.6.0-ibm-1:1.6.0.15.1-1jpp.1.el6_5","java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10","java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.6.0-openjdk-1:1.6.0.0-3.1.13.1.el6_5","java-1.6.0-openjdk-1:1.6.0.0-3.1.13.1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0376.json"},{"CVE":"CVE-2013-5907","severity":"critical","public_date":"2014-01-14T00:00:00Z","advisories":["RHSA-2014:0982","RHSA-2014:0135","RHSA-2014:0026","RHSA-2014:0136","RHSA-2014:0134","RHSA-2014:0414","RHSA-2014:0027","RHSA-2014:0705","RHSA-2014:0030","RHSA-2014:0097"],"bugzilla":"1052915","bugzilla_description":"CVE-2013-5907 ICU: Layout Engine LookupProcessor insufficient input checks (JDK 2D, 8025034)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.5.0-ibm-1:1.5.0.16.5-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5","java-1.7.0-ibm-1:1.7.0.6.1-1jpp.1.el6_5","java-1.6.0-ibm-1:1.6.0.15.1-1jpp.1.el6_5","java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10","java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.6.0-openjdk-1:1.6.0.0-3.1.13.1.el6_5","java-1.6.0-openjdk-1:1.6.0.0-3.1.13.1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5907.json"},{"CVE":"CVE-2014-0368","severity":"moderate","public_date":"2014-01-14T00:00:00Z","advisories":["RHSA-2014:0982","RHSA-2014:0135","RHSA-2014:0026","RHSA-2014:0136","RHSA-2014:0134","RHSA-2014:0414","RHSA-2014:0027","RHSA-2014:0705","RHSA-2014:0030","RHSA-2014:0097"],"bugzilla":"1052919","bugzilla_description":"CVE-2014-0368 OpenJDK: insufficient Socket checkListen checks (Networking, 8011786)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.5.0-ibm-1:1.5.0.16.5-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5","java-1.7.0-ibm-1:1.7.0.6.1-1jpp.1.el6_5","java-1.6.0-ibm-1:1.6.0.15.1-1jpp.1.el6_5","java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10","java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.6.0-openjdk-1:1.6.0.0-3.1.13.1.el6_5","java-1.6.0-openjdk-1:1.6.0.0-3.1.13.1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0368.json"},{"CVE":"CVE-2013-5910","severity":"moderate","public_date":"2014-01-14T00:00:00Z","advisories":["RHSA-2014:0982","RHSA-2014:0135","RHSA-2014:0026","RHSA-2014:0134","RHSA-2014:0414","RHSA-2014:0027","RHSA-2014:0705","RHSA-2014:0030","RHSA-2014:0097"],"bugzilla":"1052942","bugzilla_description":"CVE-2013-5910 OpenJDK: XML canonicalizer mutable strings passed to untrusted code (Security, 8026417)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5","java-1.7.0-ibm-1:1.7.0.6.1-1jpp.1.el6_5","java-1.6.0-ibm-1:1.6.0.15.1-1jpp.1.el6_5","java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10","java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.6.0-openjdk-1:1.6.0.0-3.1.13.1.el6_5","java-1.6.0-openjdk-1:1.6.0.0-3.1.13.1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5910.json"},{"CVE":"CVE-2014-0411","severity":"moderate","public_date":"2014-01-14T00:00:00Z","advisories":["RHSA-2014:0982","RHSA-2014:0135","RHSA-2014:0026","RHSA-2014:0136","RHSA-2014:0134","RHSA-2014:0414","RHSA-2014:0027","RHSA-2014:0705","RHSA-2014:0030","RHSA-2014:0097"],"bugzilla":"1053010","bugzilla_description":"CVE-2014-0411 OpenJDK: TLS/SSL handshake timing issues (JSSE, 8023069)","cvss_score":4.0,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["java-1.5.0-ibm-1:1.5.0.16.5-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5","java-1.7.0-ibm-1:1.7.0.6.1-1jpp.1.el6_5","java-1.6.0-ibm-1:1.6.0.15.1-1jpp.1.el6_5","java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10","java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.6.0-openjdk-1:1.6.0.0-3.1.13.1.el6_5","java-1.6.0-openjdk-1:1.6.0.0-3.1.13.1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0411.json"},{"CVE":"CVE-2014-0423","severity":"moderate","public_date":"2014-01-14T00:00:00Z","advisories":["RHSA-2014:0982","RHSA-2014:0135","RHSA-2014:0026","RHSA-2014:0136","RHSA-2014:0134","RHSA-2014:0414","RHSA-2014:0027","RHSA-2014:0705","RHSA-2014:0030","RHSA-2014:0097"],"bugzilla":"1053066","bugzilla_description":"CVE-2014-0423 OpenJDK: XXE issue in decoder (Beans, 8023245)","cvss_score":5.5,"cvss_scoring_vector":"AV:N/AC:L/Au:S/C:P/I:N/A:P","CWE":null,"affected_packages":["java-1.5.0-ibm-1:1.5.0.16.5-1jpp.1.el6_5","java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5","java-1.7.0-ibm-1:1.7.0.6.1-1jpp.1.el6_5","java-1.6.0-ibm-1:1.6.0.15.1-1jpp.1.el6_5","java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10","java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.6.0-openjdk-1:1.6.0.0-3.1.13.1.el6_5","java-1.6.0-openjdk-1:1.6.0.0-3.1.13.1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0423.json"},{"CVE":"CVE-2013-5896","severity":"moderate","public_date":"2014-01-14T00:00:00Z","advisories":["RHSA-2014:0982","RHSA-2014:0135","RHSA-2014:0026","RHSA-2014:0134","RHSA-2014:0414","RHSA-2014:0027","RHSA-2014:0705","RHSA-2014:0030","RHSA-2014:0097"],"bugzilla":"1053266","bugzilla_description":"CVE-2013-5896 OpenJDK: com.sun.corba.se. should be restricted package (CORBA, 8025022)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5","java-1.7.0-ibm-1:1.7.0.6.1-1jpp.1.el6_5","java-1.6.0-ibm-1:1.6.0.15.1-1jpp.1.el6_5","java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10","java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.6.0-openjdk-1:1.6.0.0-3.1.13.1.el6_5","java-1.6.0-openjdk-1:1.6.0.0-3.1.13.1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5896.json"},{"CVE":"CVE-2014-0408","severity":"critical","public_date":"2014-01-14T00:00:00Z","advisories":[],"bugzilla":"1053286","bugzilla_description":"CVE-2014-0408 OpenJDK: JObjC code issues (Hotspot, 8021266)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0408.json"},{"CVE":"CVE-2014-0410","severity":"critical","public_date":"2014-01-14T00:00:00Z","advisories":["RHSA-2014:0982","RHSA-2014:0135","RHSA-2014:0134","RHSA-2014:0414","RHSA-2014:0705","RHSA-2014:0030"],"bugzilla":"1053495","bugzilla_description":"CVE-2014-0410 Oracle JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.6.1-1jpp.1.el6_5","java-1.6.0-ibm-1:1.6.0.15.1-1jpp.1.el6_5","java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0410.json"},{"CVE":"CVE-2014-0415","severity":"critical","public_date":"2014-01-14T00:00:00Z","advisories":["RHSA-2014:0982","RHSA-2014:0135","RHSA-2014:0134","RHSA-2014:0414","RHSA-2014:0705","RHSA-2014:0030"],"bugzilla":"1053496","bugzilla_description":"CVE-2014-0415 Oracle JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.6.1-1jpp.1.el6_5","java-1.6.0-ibm-1:1.6.0.15.1-1jpp.1.el6_5","java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0415.json"},{"CVE":"CVE-2014-0385","severity":"critical","public_date":"2014-01-14T00:00:00Z","advisories":[],"bugzilla":"1053498","bugzilla_description":"CVE-2014-0385 Oracle JDK: unspecified vulnerability fixed in 7u51 (Install)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0385.json"},{"CVE":"CVE-2013-5889","severity":"critical","public_date":"2014-01-14T00:00:00Z","advisories":["RHSA-2014:0982","RHSA-2014:0135","RHSA-2014:0134","RHSA-2014:0414","RHSA-2014:0705","RHSA-2014:0030"],"bugzilla":"1053499","bugzilla_description":"CVE-2013-5889 Oracle JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.6.1-1jpp.1.el6_5","java-1.6.0-ibm-1:1.6.0.15.1-1jpp.1.el6_5","java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5889.json"},{"CVE":"CVE-2014-0417","severity":"critical","public_date":"2014-01-14T00:00:00Z","advisories":["RHSA-2014:0982","RHSA-2014:0135","RHSA-2014:0136","RHSA-2014:0134","RHSA-2014:0414","RHSA-2014:0705","RHSA-2014:0030"],"bugzilla":"1053501","bugzilla_description":"CVE-2014-0417 Oracle JDK: unspecified vulnerability fixed in 5.0u71, 6u71 and 7u51 (2D)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.5.0-ibm-1:1.5.0.16.5-1jpp.1.el6_5","java-1.7.0-ibm-1:1.7.0.6.1-1jpp.1.el6_5","java-1.6.0-ibm-1:1.6.0.15.1-1jpp.1.el6_5","java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0417.json"},{"CVE":"CVE-2014-0387","severity":"important","public_date":"2014-01-14T00:00:00Z","advisories":["RHSA-2014:0982","RHSA-2014:0135","RHSA-2014:0134","RHSA-2014:0414","RHSA-2014:0705","RHSA-2014:0030"],"bugzilla":"1053502","bugzilla_description":"CVE-2014-0387 Oracle JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.6.1-1jpp.1.el6_5","java-1.6.0-ibm-1:1.6.0.15.1-1jpp.1.el6_5","java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0387.json"},{"CVE":"CVE-2014-0424","severity":"important","public_date":"2014-01-14T00:00:00Z","advisories":["RHSA-2014:0982","RHSA-2014:0135","RHSA-2014:0134","RHSA-2014:0414","RHSA-2014:0705","RHSA-2014:0030"],"bugzilla":"1053504","bugzilla_description":"CVE-2014-0424 Oracle JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.6.1-1jpp.1.el6_5","java-1.6.0-ibm-1:1.6.0.15.1-1jpp.1.el6_5","java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0424.json"},{"CVE":"CVE-2013-5904","severity":"important","public_date":"2014-01-14T00:00:00Z","advisories":["RHSA-2014:0030"],"bugzilla":"1053506","bugzilla_description":"CVE-2013-5904 Oracle JDK: unspecified vulnerability fixed in 7u51 (Deployment)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5904.json"},{"CVE":"CVE-2014-0403","severity":"moderate","public_date":"2014-01-14T00:00:00Z","advisories":["RHSA-2014:0982","RHSA-2014:0135","RHSA-2014:0134","RHSA-2014:0414","RHSA-2014:0705","RHSA-2014:0030"],"bugzilla":"1053507","bugzilla_description":"CVE-2014-0403 Oracle JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.6.1-1jpp.1.el6_5","java-1.6.0-ibm-1:1.6.0.15.1-1jpp.1.el6_5","java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0403.json"},{"CVE":"CVE-2014-0375","severity":"moderate","public_date":"2014-01-14T00:00:00Z","advisories":["RHSA-2014:0982","RHSA-2014:0135","RHSA-2014:0134","RHSA-2014:0414","RHSA-2014:0705","RHSA-2014:0030"],"bugzilla":"1053508","bugzilla_description":"CVE-2014-0375 Oracle JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.6.1-1jpp.1.el6_5","java-1.6.0-ibm-1:1.6.0.15.1-1jpp.1.el6_5","java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0375.json"},{"CVE":"CVE-2013-5905","severity":"moderate","public_date":"2014-01-14T00:00:00Z","advisories":["RHSA-2014:0414","RHSA-2014:0030"],"bugzilla":"1053509","bugzilla_description":"CVE-2013-5905 Oracle JDK: unspecified vulnerability fixed in 5.0u71, 6u71 and 7u51 (Install)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5905.json"},{"CVE":"CVE-2013-5906","severity":"moderate","public_date":"2014-01-14T00:00:00Z","advisories":["RHSA-2014:0414","RHSA-2014:0030"],"bugzilla":"1053510","bugzilla_description":"CVE-2013-5906 Oracle JDK: unspecified vulnerability fixed in 5.0u71, 6u71 and 7u51 (Install)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5906.json"},{"CVE":"CVE-2013-5902","severity":"moderate","public_date":"2014-01-14T00:00:00Z","advisories":["RHSA-2014:0414","RHSA-2014:0030"],"bugzilla":"1053512","bugzilla_description":"CVE-2013-5902 Oracle JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5902.json"},{"CVE":"CVE-2014-0418","severity":"moderate","public_date":"2014-01-14T00:00:00Z","advisories":["RHSA-2014:0414","RHSA-2014:0030"],"bugzilla":"1053513","bugzilla_description":"CVE-2014-0418 Oracle JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0418.json"},{"CVE":"CVE-2013-5887","severity":"moderate","public_date":"2014-01-14T00:00:00Z","advisories":["RHSA-2014:0982","RHSA-2014:0135","RHSA-2014:0134","RHSA-2014:0414","RHSA-2014:0705","RHSA-2014:0030"],"bugzilla":"1053515","bugzilla_description":"CVE-2013-5887 Oracle JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.6.1-1jpp.1.el6_5","java-1.6.0-ibm-1:1.6.0.15.1-1jpp.1.el6_5","java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5887.json"},{"CVE":"CVE-2013-5899","severity":"moderate","public_date":"2014-01-14T00:00:00Z","advisories":["RHSA-2014:0982","RHSA-2014:0135","RHSA-2014:0134","RHSA-2014:0414","RHSA-2014:0705","RHSA-2014:0030"],"bugzilla":"1053516","bugzilla_description":"CVE-2013-5899 Oracle JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.6.1-1jpp.1.el6_5","java-1.6.0-ibm-1:1.6.0.15.1-1jpp.1.el6_5","java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5899.json"},{"CVE":"CVE-2013-5888","severity":"moderate","public_date":"2014-01-14T00:00:00Z","advisories":["RHSA-2014:0982","RHSA-2014:0135","RHSA-2014:0134","RHSA-2014:0414","RHSA-2014:0705","RHSA-2014:0030"],"bugzilla":"1053517","bugzilla_description":"CVE-2013-5888 Oracle JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)","cvss_score":4.6,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.6.1-1jpp.1.el6_5","java-1.6.0-ibm-1:1.6.0.15.1-1jpp.1.el6_5","java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5888.json"},{"CVE":"CVE-2013-5898","severity":"moderate","public_date":"2014-01-14T00:00:00Z","advisories":["RHSA-2014:0982","RHSA-2014:0135","RHSA-2014:0134","RHSA-2014:0414","RHSA-2014:0705","RHSA-2014:0030"],"bugzilla":"1053518","bugzilla_description":"CVE-2013-5898 Oracle JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)","cvss_score":4.0,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.6.1-1jpp.1.el6_5","java-1.6.0-ibm-1:1.6.0.15.1-1jpp.1.el6_5","java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5898.json"},{"CVE":"CVE-2013-5870","severity":"important","public_date":"2014-01-14T00:00:00Z","advisories":["RHSA-2014:0030"],"bugzilla":"1053540","bugzilla_description":"CVE-2013-5870 CVE-2013-5895 CVE-2014-0382 Oracle JDK: multiple unspecified vulnerabilities fixed in 7u51 (JavaFX)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5870.json"},{"CVE":"CVE-2013-5895","severity":"important","public_date":"2014-01-14T00:00:00Z","advisories":["RHSA-2014:0030"],"bugzilla":"1053540","bugzilla_description":"CVE-2013-5870 CVE-2013-5895 CVE-2014-0382 Oracle JDK: multiple unspecified vulnerabilities fixed in 7u51 (JavaFX)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5895.json"},{"CVE":"CVE-2014-0382","severity":"important","public_date":"2014-01-14T00:00:00Z","advisories":["RHSA-2014:0030"],"bugzilla":"1053540","bugzilla_description":"CVE-2013-5870 CVE-2013-5895 CVE-2014-0382 Oracle JDK: multiple unspecified vulnerabilities fixed in 7u51 (JavaFX)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0382.json"},{"CVE":"CVE-2013-6954","severity":"low","public_date":"2013-12-19T00:00:00Z","advisories":["RHSA-2014:0982","RHSA-2014:0486","RHSA-2014:0414","RHSA-2014:0412","RHSA-2014:0413","RHSA-2014:0705","RHSA-2014:0508"],"bugzilla":"1045561","bugzilla_description":"CVE-2013-6954 libpng: unhandled zero-length PLTE chunk or NULL palette","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.1.el6_5","java-1.7.0-ibm-1:1.7.0.7.0-1jpp.1.el6_5","java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6954.json"},{"CVE":"CVE-2013-6629","severity":"moderate","public_date":"2013-11-12T00:00:00Z","advisories":["RHSA-2014:0982","RHSA-2014:0486","RHSA-2014:0414","RHSA-2013:1803","RHSA-2013:1804","RHSA-2014:0412","RHSA-2014:0413","RHSA-2014:0705","RHSA-2014:0508","RHSA-2014:0509"],"bugzilla":"1031734","bugzilla_description":"CVE-2013-6629 libjpeg: information leak (read of uninitialized memory)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-456","affected_packages":["java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0","java-1.5.0-ibm-1:1.5.0.16.6-1jpp.1.el6_5","libjpeg-0:6b-38","libjpeg-turbo-0:1.2.1-3.el6_5","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.6.0-sun-1:1.6.0.75-1jpp.1.el6_5","java-1.7.0-ibm-1:1.7.0.7.0-1jpp.1.el6_5","java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6_5","java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6629.json"},{"CVE":"CVE-2013-5803","severity":"low","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1451","RHSA-2013:1440","RHSA-2013:1508","RHSA-2013:1509","RHSA-2014:0414","RHSA-2013:1507","RHSA-2013:1505","RHSA-2013:1447","RHSA-2013:1793"],"bugzilla":"1018713","bugzilla_description":"CVE-2013-5803 OpenJDK: insufficient checks of KDC replies (JGSS, 8014341)","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.45-2.4.3.1.el5_10","java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.42.1.11.14.el5_10","java-1.6.0-openjdk-1:1.6.0.0-1.65.1.11.14.el6_4","java-1.7.0-openjdk-1:1.7.0.45-2.4.3.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.5.0-ibm-1:1.5.0.16.4-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4","java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5803.json"},{"CVE":"CVE-2013-5772","severity":"low","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1451","RHSA-2013:1440","RHSA-2013:1508","RHSA-2014:0414","RHSA-2013:1507","RHSA-2013:1505","RHSA-2013:1447","RHSA-2013:1793"],"bugzilla":"1018717","bugzilla_description":"CVE-2013-5772 OpenJDK: insufficient html escaping in jhat (jhat, 8011081)","cvss_score":4.0,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.45-2.4.3.1.el5_10","java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.42.1.11.14.el5_10","java-1.6.0-openjdk-1:1.6.0.0-1.65.1.11.14.el6_4","java-1.7.0-openjdk-1:1.7.0.45-2.4.3.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4","java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5772.json"},{"CVE":"CVE-2013-5797","severity":"low","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1451","RHSA-2013:1440","RHSA-2013:1508","RHSA-2013:1509","RHSA-2014:0414","RHSA-2013:1507","RHSA-2013:1505","RHSA-2013:1447","RHSA-2013:1793"],"bugzilla":"1018720","bugzilla_description":"CVE-2013-5797 OpenJDK: insufficient escaping of window title string (Javadoc, 8016675)","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.45-2.4.3.1.el5_10","java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.42.1.11.14.el5_10","java-1.6.0-openjdk-1:1.6.0.0-1.65.1.11.14.el6_4","java-1.7.0-openjdk-1:1.7.0.45-2.4.3.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.5.0-ibm-1:1.5.0.16.4-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4","java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5797.json"},{"CVE":"CVE-2013-5784","severity":"moderate","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1451","RHSA-2013:1440","RHSA-2013:1508","RHSA-2014:0414","RHSA-2013:1507","RHSA-2013:1505","RHSA-2013:1447","RHSA-2013:1793"],"bugzilla":"1018727","bugzilla_description":"CVE-2013-5784 OpenJDK: insufficient InterfaceImplementor security checks (Scripting, 8017299)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.45-2.4.3.1.el5_10","java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.42.1.11.14.el5_10","java-1.6.0-openjdk-1:1.6.0.0-1.65.1.11.14.el6_4","java-1.7.0-openjdk-1:1.7.0.45-2.4.3.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4","java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5784.json"},{"CVE":"CVE-2013-5790","severity":"moderate","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1451","RHSA-2013:1440","RHSA-2013:1509","RHSA-2014:0414","RHSA-2013:1507","RHSA-2013:1505","RHSA-2013:1447"],"bugzilla":"1018736","bugzilla_description":"CVE-2013-5790 OpenJDK: insufficient security checks (Beans, 8012071)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.45-2.4.3.1.el5_10","java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.42.1.11.14.el5_10","java-1.6.0-openjdk-1:1.6.0.0-1.65.1.11.14.el6_4","java-1.7.0-openjdk-1:1.7.0.45-2.4.3.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.5.0-ibm-1:1.5.0.16.4-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5790.json"},{"CVE":"CVE-2013-5849","severity":"moderate","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1451","RHSA-2013:1440","RHSA-2013:1508","RHSA-2013:1509","RHSA-2014:0414","RHSA-2013:1507","RHSA-2013:1505","RHSA-2013:1447","RHSA-2013:1793"],"bugzilla":"1018750","bugzilla_description":"CVE-2013-5849 OpenJDK: insufficient DataFlavor security checks (AWT, 8012277)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.45-2.4.3.1.el5_10","java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.42.1.11.14.el5_10","java-1.6.0-openjdk-1:1.6.0.0-1.65.1.11.14.el6_4","java-1.7.0-openjdk-1:1.7.0.45-2.4.3.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.5.0-ibm-1:1.5.0.16.4-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4","java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5849.json"},{"CVE":"CVE-2013-5800","severity":"moderate","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1451","RHSA-2013:1440","RHSA-2013:1507","RHSA-2013:1447"],"bugzilla":"1018755","bugzilla_description":"CVE-2013-5800 OpenJDK: default keytab path information leak (JGSS, 8022931)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.45-2.4.3.1.el5_10","java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.7.0-openjdk-1:1.7.0.45-2.4.3.2.el6_4","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5800.json"},{"CVE":"CVE-2013-5805","severity":"critical","public_date":"2013-10-15T00:00:00Z","advisories":[],"bugzilla":"1018761","bugzilla_description":"CVE-2013-5805 CVE-2013-5806 OpenJDK: insufficient access checks in MacOS code (Swing, 8021275, 8021282)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5805.json"},{"CVE":"CVE-2013-5806","severity":"critical","public_date":"2013-10-15T00:00:00Z","advisories":[],"bugzilla":"1018761","bugzilla_description":"CVE-2013-5805 CVE-2013-5806 OpenJDK: insufficient access checks in MacOS code (Swing, 8021275, 8021282)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5806.json"},{"CVE":"CVE-2013-5780","severity":"moderate","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1451","RHSA-2013:1440","RHSA-2013:1508","RHSA-2013:1509","RHSA-2014:0414","RHSA-2013:1507","RHSA-2013:1505","RHSA-2013:1447","RHSA-2013:1793"],"bugzilla":"1018785","bugzilla_description":"CVE-2013-5780 OpenJDK: key data leak via toString() methods (Libraries, 8011071)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.45-2.4.3.1.el5_10","java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.42.1.11.14.el5_10","java-1.6.0-openjdk-1:1.6.0.0-1.65.1.11.14.el6_4","java-1.7.0-openjdk-1:1.7.0.45-2.4.3.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.5.0-ibm-1:1.5.0.16.4-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4","java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5780.json"},{"CVE":"CVE-2013-5840","severity":"moderate","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1451","RHSA-2013:1440","RHSA-2013:1508","RHSA-2013:1509","RHSA-2014:0414","RHSA-2013:1507","RHSA-2013:1505","RHSA-2013:1447","RHSA-2013:1793"],"bugzilla":"1018831","bugzilla_description":"CVE-2013-5840 OpenJDK: getDeclaringClass() information leak (Libraries, 8014349)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.45-2.4.3.1.el5_10","java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.42.1.11.14.el5_10","java-1.6.0-openjdk-1:1.6.0.0-1.65.1.11.14.el6_4","java-1.7.0-openjdk-1:1.7.0.45-2.4.3.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.5.0-ibm-1:1.5.0.16.4-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4","java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5840.json"},{"CVE":"CVE-2013-5820","severity":"moderate","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1451","RHSA-2013:1440","RHSA-2013:1508","RHSA-2014:0414","RHSA-2013:1507","RHSA-2013:1505","RHSA-2013:1447","RHSA-2013:1793"],"bugzilla":"1018972","bugzilla_description":"CVE-2013-5820 OpenJDK: insufficient security checks (JAXWS, 8017505)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.45-2.4.3.1.el5_10","java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.42.1.11.14.el5_10","java-1.6.0-openjdk-1:1.6.0.0-1.65.1.11.14.el6_4","java-1.7.0-openjdk-1:1.7.0.45-2.4.3.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4","java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5820.json"},{"CVE":"CVE-2013-5851","severity":"moderate","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1451","RHSA-2013:1440","RHSA-2013:1508","RHSA-2013:1507","RHSA-2013:1447","RHSA-2013:1793"],"bugzilla":"1018977","bugzilla_description":"CVE-2013-5851 OpenJDK: XML stream factory finder information leak (JAXP, 8013502)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.45-2.4.3.1.el5_10","java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.7.0-openjdk-1:1.7.0.45-2.4.3.2.el6_4","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4","java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5851.json"},{"CVE":"CVE-2013-5778","severity":"moderate","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1451","RHSA-2013:1440","RHSA-2013:1508","RHSA-2013:1509","RHSA-2014:0414","RHSA-2013:1507","RHSA-2013:1505","RHSA-2013:1447","RHSA-2013:1793"],"bugzilla":"1018984","bugzilla_description":"CVE-2013-5778 OpenJDK: image conversion out of bounds read (2D, 8014102)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-125","affected_packages":["java-1.7.0-openjdk-1:1.7.0.45-2.4.3.1.el5_10","java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.42.1.11.14.el5_10","java-1.6.0-openjdk-1:1.6.0.0-1.65.1.11.14.el6_4","java-1.7.0-openjdk-1:1.7.0.45-2.4.3.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.5.0-ibm-1:1.5.0.16.4-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4","java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5778.json"},{"CVE":"CVE-2013-5782","severity":"critical","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1451","RHSA-2013:1440","RHSA-2013:1508","RHSA-2013:1509","RHSA-2014:0414","RHSA-2013:1507","RHSA-2013:1505","RHSA-2013:1447","RHSA-2013:1793"],"bugzilla":"1019108","bugzilla_description":"CVE-2013-5782 OpenJDK: Incorrect awt_getPixelByte/awt_getPixelShort/awt_setPixelByte/awt_setPixelShort image raster checks (2D, 8014093)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.45-2.4.3.1.el5_10","java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.42.1.11.14.el5_10","java-1.6.0-openjdk-1:1.6.0.0-1.65.1.11.14.el6_4","java-1.7.0-openjdk-1:1.7.0.45-2.4.3.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.5.0-ibm-1:1.5.0.16.4-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4","java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5782.json"},{"CVE":"CVE-2013-5830","severity":"critical","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1451","RHSA-2013:1440","RHSA-2013:1508","RHSA-2013:1509","RHSA-2014:0414","RHSA-2013:1507","RHSA-2013:1505","RHSA-2013:1447","RHSA-2013:1793"],"bugzilla":"1019110","bugzilla_description":"CVE-2013-5830 OpenJDK: checkPackageAccess missing security check (Libraries, 8017291)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.45-2.4.3.1.el5_10","java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.42.1.11.14.el5_10","java-1.6.0-openjdk-1:1.6.0.0-1.65.1.11.14.el6_4","java-1.7.0-openjdk-1:1.7.0.45-2.4.3.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.5.0-ibm-1:1.5.0.16.4-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4","java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5830.json"},{"CVE":"CVE-2013-5809","severity":"critical","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1451","RHSA-2013:1440","RHSA-2013:1508","RHSA-2013:1509","RHSA-2014:0414","RHSA-2013:1507","RHSA-2013:1505","RHSA-2013:1447","RHSA-2013:1793"],"bugzilla":"1019113","bugzilla_description":"CVE-2013-5809 OpenJDK: JPEGImageReader and JPEGImageWriter missing band size checks (2D, 8013510)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.45-2.4.3.1.el5_10","java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.42.1.11.14.el5_10","java-1.6.0-openjdk-1:1.6.0.0-1.65.1.11.14.el6_4","java-1.7.0-openjdk-1:1.7.0.45-2.4.3.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.5.0-ibm-1:1.5.0.16.4-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4","java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5809.json"},{"CVE":"CVE-2013-5829","severity":"critical","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1451","RHSA-2013:1440","RHSA-2013:1508","RHSA-2013:1509","RHSA-2014:0414","RHSA-2013:1507","RHSA-2013:1505","RHSA-2013:1447","RHSA-2013:1793"],"bugzilla":"1019115","bugzilla_description":"CVE-2013-5829 OpenJDK: Java2d Disposer security bypass (2D, 8017287)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.45-2.4.3.1.el5_10","java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.42.1.11.14.el5_10","java-1.6.0-openjdk-1:1.6.0.0-1.65.1.11.14.el6_4","java-1.7.0-openjdk-1:1.7.0.45-2.4.3.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.5.0-ibm-1:1.5.0.16.4-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4","java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5829.json"},{"CVE":"CVE-2013-5814","severity":"critical","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1451","RHSA-2013:1440","RHSA-2013:1508","RHSA-2013:1509","RHSA-2014:0414","RHSA-2013:1507","RHSA-2013:1505","RHSA-2013:1447","RHSA-2013:1793"],"bugzilla":"1019117","bugzilla_description":"CVE-2013-5814 OpenJDK: RMIConnection stub missing permission check (CORBA, 8011157)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.45-2.4.3.1.el5_10","java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.42.1.11.14.el5_10","java-1.6.0-openjdk-1:1.6.0.0-1.65.1.11.14.el6_4","java-1.7.0-openjdk-1:1.7.0.45-2.4.3.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.5.0-ibm-1:1.5.0.16.4-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4","java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5814.json"},{"CVE":"CVE-2013-5817","severity":"critical","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1451","RHSA-2013:1440","RHSA-2013:1508","RHSA-2013:1509","RHSA-2014:0414","RHSA-2013:1507","RHSA-2013:1505","RHSA-2013:1447","RHSA-2013:1793"],"bugzilla":"1019118","bugzilla_description":"CVE-2013-5817 OpenJDK: VersionHelper12 does not honor modifyThreadGroup restriction (JNDI, 8013739)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.45-2.4.3.1.el5_10","java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.42.1.11.14.el5_10","java-1.6.0-openjdk-1:1.6.0.0-1.65.1.11.14.el6_4","java-1.7.0-openjdk-1:1.7.0.45-2.4.3.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.5.0-ibm-1:1.5.0.16.4-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4","java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5817.json"},{"CVE":"CVE-2013-5842","severity":"critical","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1451","RHSA-2013:1440","RHSA-2013:1508","RHSA-2013:1509","RHSA-2014:0414","RHSA-2013:1507","RHSA-2013:1505","RHSA-2013:1447","RHSA-2013:1793"],"bugzilla":"1019123","bugzilla_description":"CVE-2013-5842 OpenJDK: ObjectInputStream/ObjectOutputStream missing checks (Libraries, 8014987)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.45-2.4.3.1.el5_10","java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.42.1.11.14.el5_10","java-1.6.0-openjdk-1:1.6.0.0-1.65.1.11.14.el6_4","java-1.7.0-openjdk-1:1.7.0.45-2.4.3.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.5.0-ibm-1:1.5.0.16.4-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4","java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5842.json"},{"CVE":"CVE-2013-5850","severity":"critical","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1451","RHSA-2013:1440","RHSA-2013:1508","RHSA-2014:0414","RHSA-2013:1507","RHSA-2013:1505","RHSA-2013:1447","RHSA-2013:1793"],"bugzilla":"1019127","bugzilla_description":"CVE-2013-5850 OpenJDK: Missing CORBA security checks (Libraries, 8017196)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.45-2.4.3.1.el5_10","java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.42.1.11.14.el5_10","java-1.6.0-openjdk-1:1.6.0.0-1.65.1.11.14.el6_4","java-1.7.0-openjdk-1:1.7.0.45-2.4.3.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4","java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5850.json"},{"CVE":"CVE-2013-5802","severity":"important","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1451","RHSA-2013:1440","RHSA-2013:1508","RHSA-2013:1509","RHSA-2014:0414","RHSA-2013:1507","RHSA-2013:1505","RHSA-2013:1447","RHSA-2013:1793"],"bugzilla":"1019130","bugzilla_description":"CVE-2013-5802 OpenJDK: javax.xml.transform.TransformerFactory does not properly honor XMLConstants.FEATURE_SECURE_PROCESSING (JAXP, 8012425)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5_10","java-1.7.0-openjdk-1:1.7.0.45-2.4.3.1.el5_10","java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.42.1.11.14.el5_10","java-1.6.0-openjdk-1:1.6.0.0-1.65.1.11.14.el6_4","java-1.7.0-openjdk-1:1.7.0.45-2.4.3.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.6.0-sun-1:1.6.0.75-1jpp.1.el6_5","java-1.5.0-ibm-1:1.5.0.16.4-1jpp.1.el5_10","java-1.5.0-ibm-1:1.5.0.16.4-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el5_10","java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5802.json"},{"CVE":"CVE-2013-5804","severity":"moderate","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1451","RHSA-2013:1440","RHSA-2013:1508","RHSA-2013:1509","RHSA-2014:0414","RHSA-2013:1507","RHSA-2013:1505","RHSA-2013:1447","RHSA-2013:1793"],"bugzilla":"1019131","bugzilla_description":"CVE-2013-5804 OpenJDK: javac does not ignore certain ignorable characters (Javadoc, 8016653)","cvss_score":6.4,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.45-2.4.3.1.el5_10","java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.42.1.11.14.el5_10","java-1.6.0-openjdk-1:1.6.0.0-1.65.1.11.14.el6_4","java-1.7.0-openjdk-1:1.7.0.45-2.4.3.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.5.0-ibm-1:1.5.0.16.4-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4","java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5804.json"},{"CVE":"CVE-2013-3829","severity":"moderate","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1451","RHSA-2013:1440","RHSA-2013:1508","RHSA-2013:1509","RHSA-2014:0414","RHSA-2013:1507","RHSA-2013:1505","RHSA-2013:1447","RHSA-2013:1793"],"bugzilla":"1019133","bugzilla_description":"CVE-2013-3829 OpenJDK: java.util.TimeZone does not restrict setting of default time zone (Libraries, 8001029)","cvss_score":6.4,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.45-2.4.3.1.el5_10","java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.42.1.11.14.el5_10","java-1.6.0-openjdk-1:1.6.0.0-1.65.1.11.14.el6_4","java-1.7.0-openjdk-1:1.7.0.45-2.4.3.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.5.0-ibm-1:1.5.0.16.4-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4","java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3829.json"},{"CVE":"CVE-2013-5783","severity":"moderate","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1451","RHSA-2013:1440","RHSA-2013:1508","RHSA-2013:1509","RHSA-2014:0414","RHSA-2013:1507","RHSA-2013:1505","RHSA-2013:1447","RHSA-2013:1793"],"bugzilla":"1019137","bugzilla_description":"CVE-2013-5783 OpenJDK: JTable not properly performing certain access checks (Swing, 8013744)","cvss_score":6.4,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.45-2.4.3.1.el5_10","java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.42.1.11.14.el5_10","java-1.6.0-openjdk-1:1.6.0.0-1.65.1.11.14.el6_4","java-1.7.0-openjdk-1:1.7.0.45-2.4.3.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.5.0-ibm-1:1.5.0.16.4-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4","java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5783.json"},{"CVE":"CVE-2013-5825","severity":"moderate","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1451","RHSA-2013:1440","RHSA-2013:1508","RHSA-2013:1509","RHSA-2014:0414","RHSA-2013:1507","RHSA-2013:1505","RHSA-2013:1447","RHSA-2013:1793"],"bugzilla":"1019139","bugzilla_description":"CVE-2013-5825 OpenJDK: XML parsing Denial of Service (JAXP, 8014530)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.45-2.4.3.1.el5_10","java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.42.1.11.14.el5_10","java-1.6.0-openjdk-1:1.6.0.0-1.65.1.11.14.el6_4","java-1.7.0-openjdk-1:1.7.0.45-2.4.3.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.5.0-ibm-1:1.5.0.16.4-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4","java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5825.json"},{"CVE":"CVE-2013-5823","severity":"moderate","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1451","RHSA-2013:1440","RHSA-2013:1508","RHSA-2014:0414","RHSA-2013:1507","RHSA-2013:1505","RHSA-2013:1447","RHSA-2013:1793"],"bugzilla":"1019145","bugzilla_description":"CVE-2013-5823 OpenJDK: com.sun.org.apache.xml.internal.security.utils.UnsyncByteArrayOutputStream Denial of Service (Security, 8021290)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.45-2.4.3.1.el5_10","java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.42.1.11.14.el5_10","java-1.6.0-openjdk-1:1.6.0.0-1.65.1.11.14.el6_4","java-1.7.0-openjdk-1:1.7.0.45-2.4.3.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4","java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5823.json"},{"CVE":"CVE-2013-5774","severity":"moderate","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1451","RHSA-2013:1440","RHSA-2013:1508","RHSA-2013:1509","RHSA-2014:0414","RHSA-2013:1507","RHSA-2013:1505","RHSA-2013:1447","RHSA-2013:1793"],"bugzilla":"1019147","bugzilla_description":"CVE-2013-5774 OpenJDK: Inet6Address class IPv6 address processing errors (Libraries, 8015743)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.45-2.4.3.1.el5_10","java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.42.1.11.14.el5_10","java-1.6.0-openjdk-1:1.6.0.0-1.65.1.11.14.el6_4","java-1.7.0-openjdk-1:1.7.0.45-2.4.3.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.5.0-ibm-1:1.5.0.16.4-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4","java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5774.json"},{"CVE":"CVE-2013-4002","severity":"moderate","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1451","RHSA-2013:1440","RHSA-2015:0765","RHSA-2015:0720","RHSA-2015:0269","RHSA-2015:0235","RHSA-2015:0675","RHSA-2015:0234","RHSA-2015:0773","RHSA-2013:1081","RHSA-2013:1060","RHSA-2014:0414","RHSA-2014:1823","RHSA-2014:1822","RHSA-2014:1821","RHSA-2013:1505","RHSA-2013:1447","RHSA-2014:1319","RHSA-2013:1059","RHSA-2014:1818"],"bugzilla":"1019176","bugzilla_description":"CVE-2013-4002 Xerces-J2 OpenJDK: XML parsing Denial of Service (JAXP, 8017298)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-20","affected_packages":["java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.45-2.4.3.1.el5_10","java-1.7.0-openjdk-1:1.7.0.45-2.4.3.2.el6_4","xerces-j2-0:2.7.1-12.7.el6_5","xerces-j2-0:2.11.0-17.el7_0","java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el5_9","java-1.5.0-ibm-1:1.5.0.16.3-1jpp.1.el5_9","java-1.7.0-ibm-1:1.7.0.5.0-1jpp.2.el5_9","java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.42.1.11.14.el5_10","java-1.7.0-ibm-1:1.7.0.5.0-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.65.1.11.14.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.6.0-sun-1:1.6.0.75-1jpp.1.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4002.json"},{"CVE":"CVE-2013-5838","severity":"critical","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1451","RHSA-2013:1440","RHSA-2013:1507","RHSA-2013:1447"],"bugzilla":"1019300","bugzilla_description":"CVE-2013-5838 OpenJDK: Vulnerability in Libraries component (Libraries, 7023639)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.45-2.4.3.1.el5_10","java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.7.0-openjdk-1:1.7.0.45-2.4.3.2.el6_4","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el5_10","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5838.json"},{"CVE":"CVE-2013-5824","severity":"critical","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1440","RHSA-2013:1508","RHSA-2014:0414","RHSA-2013:1507","RHSA-2013:1793"],"bugzilla":"1019691","bugzilla_description":"CVE-2013-5824 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4","java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5824.json"},{"CVE":"CVE-2013-5788","severity":"critical","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1440","RHSA-2013:1507"],"bugzilla":"1019692","bugzilla_description":"CVE-2013-5788 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5788.json"},{"CVE":"CVE-2013-5787","severity":"critical","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1440","RHSA-2013:1508","RHSA-2014:0414","RHSA-2013:1507","RHSA-2013:1793"],"bugzilla":"1019693","bugzilla_description":"CVE-2013-5787 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4","java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5787.json"},{"CVE":"CVE-2013-5789","severity":"critical","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1440","RHSA-2013:1508","RHSA-2014:0414","RHSA-2013:1507","RHSA-2013:1793"],"bugzilla":"1019697","bugzilla_description":"CVE-2013-5789 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4","java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5789.json"},{"CVE":"CVE-2013-5843","severity":"critical","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1440","RHSA-2013:1508","RHSA-2013:1509","RHSA-2014:0414","RHSA-2013:1507","RHSA-2013:1793"],"bugzilla":"1019701","bugzilla_description":"CVE-2013-5843 Oracle JDK: unspecified vulnerability fixed in 7u45 (2D)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.5.0-ibm-1:1.5.0.16.4-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4","java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5843.json"},{"CVE":"CVE-2013-5832","severity":"critical","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1440","RHSA-2013:1508","RHSA-2014:0414","RHSA-2013:1507","RHSA-2013:1793"],"bugzilla":"1019702","bugzilla_description":"CVE-2013-5832 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4","java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5832.json"},{"CVE":"CVE-2013-5852","severity":"moderate","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1440","RHSA-2014:0414"],"bugzilla":"1019705","bugzilla_description":"CVE-2013-5852 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5852.json"},{"CVE":"CVE-2013-5812","severity":"moderate","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1440","RHSA-2013:1508","RHSA-2014:0414","RHSA-2013:1507","RHSA-2013:1793"],"bugzilla":"1019706","bugzilla_description":"CVE-2013-5812 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)","cvss_score":6.4,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:N/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4","java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5812.json"},{"CVE":"CVE-2013-5801","severity":"moderate","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1440","RHSA-2013:1508","RHSA-2013:1509","RHSA-2014:0414","RHSA-2013:1507","RHSA-2013:1793"],"bugzilla":"1019710","bugzilla_description":"CVE-2013-5801 Oracle JDK: unspecified vulnerability fixed in 7u45 (2D)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.5.0-ibm-1:1.5.0.16.4-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4","java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5801.json"},{"CVE":"CVE-2013-5776","severity":"moderate","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1440","RHSA-2013:1508","RHSA-2014:0414","RHSA-2013:1507","RHSA-2013:1793"],"bugzilla":"1019712","bugzilla_description":"CVE-2013-5776 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4","java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5776.json"},{"CVE":"CVE-2013-5818","severity":"moderate","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1440","RHSA-2013:1508","RHSA-2014:0414","RHSA-2013:1507","RHSA-2013:1793"],"bugzilla":"1019713","bugzilla_description":"CVE-2013-5818 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4","java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5818.json"},{"CVE":"CVE-2013-5819","severity":"moderate","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1440","RHSA-2013:1508","RHSA-2014:0414","RHSA-2013:1507","RHSA-2013:1793"],"bugzilla":"1019715","bugzilla_description":"CVE-2013-5819 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4","java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5819.json"},{"CVE":"CVE-2013-5831","severity":"moderate","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1440","RHSA-2013:1508","RHSA-2014:0414","RHSA-2013:1507","RHSA-2013:1793"],"bugzilla":"1019716","bugzilla_description":"CVE-2013-5831 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4","java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5831.json"},{"CVE":"CVE-2013-5848","severity":"moderate","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1440","RHSA-2013:1508","RHSA-2014:0414","RHSA-2013:1507","RHSA-2013:1793"],"bugzilla":"1019720","bugzilla_description":"CVE-2013-5848 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4","java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5848.json"},{"CVE":"CVE-2013-5775","severity":"critical","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1440"],"bugzilla":"1019722","bugzilla_description":"CVE-2013-5846 CVE-2013-5810 CVE-2013-5844 CVE-2013-5777 CVE-2013-5775 CVE-2013-5854 Oracle JDK: multiple unspecified vulnerabilities fixed in 7u45 (JavaFX)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5775.json"},{"CVE":"CVE-2013-5777","severity":"critical","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1440"],"bugzilla":"1019722","bugzilla_description":"CVE-2013-5846 CVE-2013-5810 CVE-2013-5844 CVE-2013-5777 CVE-2013-5775 CVE-2013-5854 Oracle JDK: multiple unspecified vulnerabilities fixed in 7u45 (JavaFX)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5777.json"},{"CVE":"CVE-2013-5810","severity":"critical","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1440"],"bugzilla":"1019722","bugzilla_description":"CVE-2013-5846 CVE-2013-5810 CVE-2013-5844 CVE-2013-5777 CVE-2013-5775 CVE-2013-5854 Oracle JDK: multiple unspecified vulnerabilities fixed in 7u45 (JavaFX)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5810.json"},{"CVE":"CVE-2013-5844","severity":"critical","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1440"],"bugzilla":"1019722","bugzilla_description":"CVE-2013-5846 CVE-2013-5810 CVE-2013-5844 CVE-2013-5777 CVE-2013-5775 CVE-2013-5854 Oracle JDK: multiple unspecified vulnerabilities fixed in 7u45 (JavaFX)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5844.json"},{"CVE":"CVE-2013-5846","severity":"critical","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1440"],"bugzilla":"1019722","bugzilla_description":"CVE-2013-5846 CVE-2013-5810 CVE-2013-5844 CVE-2013-5777 CVE-2013-5775 CVE-2013-5854 Oracle JDK: multiple unspecified vulnerabilities fixed in 7u45 (JavaFX)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5846.json"},{"CVE":"CVE-2013-5854","severity":"critical","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1440"],"bugzilla":"1019722","bugzilla_description":"CVE-2013-5846 CVE-2013-5810 CVE-2013-5844 CVE-2013-5777 CVE-2013-5775 CVE-2013-5854 Oracle JDK: multiple unspecified vulnerabilities fixed in 7u45 (JavaFX)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5854.json"},{"CVE":"CVE-2013-1571","severity":"moderate","public_date":"2013-06-18T00:00:00Z","advisories":["RHSA-2013:0958","RHSA-2014:0414","RHSA-2013:0957","RHSA-2013:1081","RHSA-2013:1060","RHSA-2013:1456","RHSA-2013:0963","RHSA-2013:1014","RHSA-2013:1455","RHSA-2013:1059"],"bugzilla":"973474","bugzilla_description":"CVE-2013-1571 OpenJDK: Frame injection in generated HTML (Javadoc, 8012375)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.3.el6_4","java-1.5.0-ibm-1:1.5.0.16.3-1jpp.1.el6_4","java-1.7.0-oracle-1:1.7.0.25-1jpp.1.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.41.1.11.11.90.el5_9","java-1.7.0-ibm-1:1.7.0.5.0-1jpp.2.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.4.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.62.1.11.11.90.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.6.0-sun-1:1.6.0.75-1jpp.1.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1571.json"},{"CVE":"CVE-2013-2470","severity":"critical","public_date":"2013-06-18T00:00:00Z","advisories":["RHSA-2013:0958","RHSA-2014:0414","RHSA-2013:0957","RHSA-2013:1081","RHSA-2013:1060","RHSA-2013:1456","RHSA-2013:0963","RHSA-2013:1014","RHSA-2013:1455","RHSA-2013:1059"],"bugzilla":"975099","bugzilla_description":"CVE-2013-2470 OpenJDK: ImagingLib byte lookup processing (2D, 8011243)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.3.el6_4","java-1.5.0-ibm-1:1.5.0.16.3-1jpp.1.el6_4","java-1.7.0-oracle-1:1.7.0.25-1jpp.1.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.41.1.11.11.90.el5_9","java-1.7.0-ibm-1:1.7.0.5.0-1jpp.2.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.4.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.62.1.11.11.90.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2470.json"},{"CVE":"CVE-2013-2471","severity":"critical","public_date":"2013-06-18T00:00:00Z","advisories":["RHSA-2013:0958","RHSA-2014:0414","RHSA-2013:0957","RHSA-2013:1081","RHSA-2013:1060","RHSA-2013:1456","RHSA-2013:0963","RHSA-2013:1014","RHSA-2013:1455","RHSA-2013:1059"],"bugzilla":"975102","bugzilla_description":"CVE-2013-2471 OpenJDK: Incorrect IntegerComponentRaster size checks (2D, 8011248)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.3.el6_4","java-1.5.0-ibm-1:1.5.0.16.3-1jpp.1.el6_4","java-1.7.0-oracle-1:1.7.0.25-1jpp.1.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.41.1.11.11.90.el5_9","java-1.7.0-ibm-1:1.7.0.5.0-1jpp.2.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.4.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.62.1.11.11.90.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2471.json"},{"CVE":"CVE-2013-2472","severity":"critical","public_date":"2013-06-18T00:00:00Z","advisories":["RHSA-2013:0958","RHSA-2014:0414","RHSA-2013:0957","RHSA-2013:1081","RHSA-2013:1060","RHSA-2013:1456","RHSA-2013:0963","RHSA-2013:1014","RHSA-2013:1455","RHSA-2013:1059"],"bugzilla":"975107","bugzilla_description":"CVE-2013-2472 OpenJDK: Incorrect ShortBandedRaster size checks (2D, 8011253)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.3.el6_4","java-1.5.0-ibm-1:1.5.0.16.3-1jpp.1.el6_4","java-1.7.0-oracle-1:1.7.0.25-1jpp.1.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.41.1.11.11.90.el5_9","java-1.7.0-ibm-1:1.7.0.5.0-1jpp.2.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.4.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.62.1.11.11.90.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2472.json"},{"CVE":"CVE-2013-2473","severity":"critical","public_date":"2013-06-18T00:00:00Z","advisories":["RHSA-2013:0958","RHSA-2014:0414","RHSA-2013:0957","RHSA-2013:1081","RHSA-2013:1060","RHSA-2013:1456","RHSA-2013:0963","RHSA-2013:1014","RHSA-2013:1455","RHSA-2013:1059"],"bugzilla":"975110","bugzilla_description":"CVE-2013-2473 OpenJDK: Incorrect ByteBandedRaster size checks (2D, 8011257)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.3.el6_4","java-1.5.0-ibm-1:1.5.0.16.3-1jpp.1.el6_4","java-1.7.0-oracle-1:1.7.0.25-1jpp.1.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.41.1.11.11.90.el5_9","java-1.7.0-ibm-1:1.7.0.5.0-1jpp.2.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.4.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.62.1.11.11.90.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2473.json"},{"CVE":"CVE-2013-2463","severity":"critical","public_date":"2013-06-18T00:00:00Z","advisories":["RHSA-2013:0958","RHSA-2014:0414","RHSA-2013:0957","RHSA-2013:1081","RHSA-2013:1060","RHSA-2013:1456","RHSA-2013:0963","RHSA-2013:1014","RHSA-2013:1455","RHSA-2013:1059"],"bugzilla":"975115","bugzilla_description":"CVE-2013-2463 OpenJDK: Incorrect image attribute verification (2D, 8012438)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.3.el6_4","java-1.5.0-ibm-1:1.5.0.16.3-1jpp.1.el6_4","java-1.7.0-oracle-1:1.7.0.25-1jpp.1.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.41.1.11.11.90.el5_9","java-1.7.0-ibm-1:1.7.0.5.0-1jpp.2.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.4.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.62.1.11.11.90.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2463.json"},{"CVE":"CVE-2013-2465","severity":"critical","public_date":"2013-06-18T00:00:00Z","advisories":["RHSA-2013:0958","RHSA-2014:0414","RHSA-2013:0957","RHSA-2013:1081","RHSA-2013:1060","RHSA-2013:1456","RHSA-2013:0963","RHSA-2013:1014","RHSA-2013:1455","RHSA-2013:1059"],"bugzilla":"975118","bugzilla_description":"CVE-2013-2465 OpenJDK: Incorrect image channel verification (2D, 8012597)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.3.el6_4","java-1.5.0-ibm-1:1.5.0.16.3-1jpp.1.el6_4","java-1.7.0-oracle-1:1.7.0.25-1jpp.1.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.41.1.11.11.90.el5_9","java-1.7.0-ibm-1:1.7.0.5.0-1jpp.2.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.4.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.62.1.11.11.90.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2465.json"},{"CVE":"CVE-2013-2469","severity":"critical","public_date":"2013-06-18T00:00:00Z","advisories":["RHSA-2013:0958","RHSA-2014:0414","RHSA-2013:0957","RHSA-2013:1081","RHSA-2013:1060","RHSA-2013:1456","RHSA-2013:0963","RHSA-2013:1014","RHSA-2013:1455","RHSA-2013:1059"],"bugzilla":"975120","bugzilla_description":"CVE-2013-2469 OpenJDK: Incorrect image layout verification (2D, 8012601)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.3.el6_4","java-1.5.0-ibm-1:1.5.0.16.3-1jpp.1.el6_4","java-1.7.0-oracle-1:1.7.0.25-1jpp.1.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.41.1.11.11.90.el5_9","java-1.7.0-ibm-1:1.7.0.5.0-1jpp.2.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.4.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.62.1.11.11.90.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2469.json"},{"CVE":"CVE-2013-2459","severity":"critical","public_date":"2013-06-18T00:00:00Z","advisories":["RHSA-2013:0958","RHSA-2014:0414","RHSA-2013:0957","RHSA-2013:1081","RHSA-2013:1060","RHSA-2013:1456","RHSA-2013:0963","RHSA-2013:1014","RHSA-2013:1455","RHSA-2013:1059"],"bugzilla":"975121","bugzilla_description":"CVE-2013-2459 OpenJDK: Various AWT integer overflow checks (AWT, 8009071)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-190","affected_packages":["java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.3.el6_4","java-1.5.0-ibm-1:1.5.0.16.3-1jpp.1.el6_4","java-1.7.0-oracle-1:1.7.0.25-1jpp.1.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.41.1.11.11.90.el5_9","java-1.7.0-ibm-1:1.7.0.5.0-1jpp.2.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.4.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.62.1.11.11.90.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2459.json"},{"CVE":"CVE-2013-2460","severity":"critical","public_date":"2013-06-18T00:00:00Z","advisories":["RHSA-2013:0958","RHSA-2013:0957","RHSA-2013:1060","RHSA-2013:0963"],"bugzilla":"975122","bugzilla_description":"CVE-2013-2460 OpenJDK: tracing insufficient access checks (Serviceability, 8010209)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.25-2.3.10.3.el6_4","java-1.7.0-oracle-1:1.7.0.25-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.5.0-1jpp.2.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.4.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2460.json"},{"CVE":"CVE-2013-2445","severity":"moderate","public_date":"2013-06-18T00:00:00Z","advisories":["RHSA-2013:0958","RHSA-2014:0414","RHSA-2013:0957","RHSA-2013:0963","RHSA-2013:1014"],"bugzilla":"975124","bugzilla_description":"CVE-2013-2445 OpenJDK: Better handling of memory allocation errors (Hotspot, 7158805)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.25-2.3.10.3.el6_4","java-1.7.0-oracle-1:1.7.0.25-1jpp.1.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.41.1.11.11.90.el5_9","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.4.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.62.1.11.11.90.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2445.json"},{"CVE":"CVE-2013-2448","severity":"moderate","public_date":"2013-06-18T00:00:00Z","advisories":["RHSA-2013:0958","RHSA-2014:0414","RHSA-2013:0957","RHSA-2013:1081","RHSA-2013:1060","RHSA-2013:1456","RHSA-2013:0963","RHSA-2013:1014","RHSA-2013:1455","RHSA-2013:1059"],"bugzilla":"975125","bugzilla_description":"CVE-2013-2448 OpenJDK: Better access restrictions (Sound, 8006328)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.3.el6_4","java-1.5.0-ibm-1:1.5.0.16.3-1jpp.1.el6_4","java-1.7.0-oracle-1:1.7.0.25-1jpp.1.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.41.1.11.11.90.el5_9","java-1.7.0-ibm-1:1.7.0.5.0-1jpp.2.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.4.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.62.1.11.11.90.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2448.json"},{"CVE":"CVE-2013-2461","severity":"important","public_date":"2013-06-18T00:00:00Z","advisories":["RHSA-2013:0958","RHSA-2014:0414","RHSA-2013:0957","RHSA-2013:0963","RHSA-2013:1014"],"bugzilla":"975126","bugzilla_description":"CVE-2013-2461 OpenJDK: Missing check for valid DOMCanonicalizationMethod canonicalization algorithm (Libraries, 8014281)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.25-2.3.10.3.el6_4","java-1.7.0-oracle-1:1.7.0.25-1jpp.1.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.41.1.11.11.90.el5_9","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.4.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.62.1.11.11.90.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2461.json"},{"CVE":"CVE-2013-2407","severity":"moderate","public_date":"2013-06-18T00:00:00Z","advisories":["RHSA-2013:0958","RHSA-2014:0414","RHSA-2013:0957","RHSA-2013:1060","RHSA-2013:1456","RHSA-2013:0963","RHSA-2013:1014","RHSA-2013:1455","RHSA-2013:1059"],"bugzilla":"975127","bugzilla_description":"CVE-2013-2407 OpenJDK: Integrate Apache Santuario, rework class loader (Libraries, 6741606, 8008744)","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:P","CWE":null,"affected_packages":["java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.3.el6_4","java-1.7.0-oracle-1:1.7.0.25-1jpp.1.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.41.1.11.11.90.el5_9","java-1.7.0-ibm-1:1.7.0.5.0-1jpp.2.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.4.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.62.1.11.11.90.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2407.json"},{"CVE":"CVE-2013-2454","severity":"moderate","public_date":"2013-06-18T00:00:00Z","advisories":["RHSA-2013:0958","RHSA-2014:0414","RHSA-2013:0957","RHSA-2013:1081","RHSA-2013:1060","RHSA-2013:1456","RHSA-2013:0963","RHSA-2013:1455","RHSA-2013:1059"],"bugzilla":"975129","bugzilla_description":"CVE-2013-2454 OpenJDK: SerialJavaObject package restriction (JDBC, 8009554)","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.3.el6_4","java-1.5.0-ibm-1:1.5.0.16.3-1jpp.1.el6_4","java-1.7.0-oracle-1:1.7.0.25-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.5.0-1jpp.2.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.4.el5_9","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2454.json"},{"CVE":"CVE-2013-2458","severity":"moderate","public_date":"2013-06-18T00:00:00Z","advisories":["RHSA-2013:0958","RHSA-2013:0957","RHSA-2013:1060","RHSA-2013:0963"],"bugzilla":"975130","bugzilla_description":"CVE-2013-2458 OpenJDK: Method handles (Libraries, 8009424)","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.25-2.3.10.3.el6_4","java-1.7.0-oracle-1:1.7.0.25-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.5.0-1jpp.2.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.4.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2458.json"},{"CVE":"CVE-2013-2444","severity":"moderate","public_date":"2013-06-18T00:00:00Z","advisories":["RHSA-2013:0958","RHSA-2014:0414","RHSA-2013:0957","RHSA-2013:1081","RHSA-2013:1060","RHSA-2013:1456","RHSA-2013:0963","RHSA-2013:1014","RHSA-2013:1455","RHSA-2013:1059"],"bugzilla":"975131","bugzilla_description":"CVE-2013-2444 OpenJDK: Resource denial of service (AWT, 8001038)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.3.el6_4","java-1.5.0-ibm-1:1.5.0.16.3-1jpp.1.el6_4","java-1.7.0-oracle-1:1.7.0.25-1jpp.1.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.41.1.11.11.90.el5_9","java-1.7.0-ibm-1:1.7.0.5.0-1jpp.2.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.4.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.62.1.11.11.90.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2444.json"},{"CVE":"CVE-2013-2446","severity":"moderate","public_date":"2013-06-18T00:00:00Z","advisories":["RHSA-2013:0958","RHSA-2014:0414","RHSA-2013:0957","RHSA-2013:1081","RHSA-2013:1060","RHSA-2013:1456","RHSA-2013:0963","RHSA-2013:1014","RHSA-2013:1455","RHSA-2013:1059"],"bugzilla":"975132","bugzilla_description":"CVE-2013-2446 OpenJDK: output stream access restrictions (CORBA, 8000642)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.3.el6_4","java-1.5.0-ibm-1:1.5.0.16.3-1jpp.1.el6_4","java-1.7.0-oracle-1:1.7.0.25-1jpp.1.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.41.1.11.11.90.el5_9","java-1.7.0-ibm-1:1.7.0.5.0-1jpp.2.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.4.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.62.1.11.11.90.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2446.json"},{"CVE":"CVE-2013-2457","severity":"moderate","public_date":"2013-06-18T00:00:00Z","advisories":["RHSA-2013:0958","RHSA-2014:0414","RHSA-2013:0957","RHSA-2013:1081","RHSA-2013:1060","RHSA-2013:1456","RHSA-2013:0963","RHSA-2013:1014","RHSA-2013:1455","RHSA-2013:1059"],"bugzilla":"975133","bugzilla_description":"CVE-2013-2457 OpenJDK: Proper class checking (JMX, 8008120)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.3.el6_4","java-1.5.0-ibm-1:1.5.0.16.3-1jpp.1.el6_4","java-1.7.0-oracle-1:1.7.0.25-1jpp.1.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.41.1.11.11.90.el5_9","java-1.7.0-ibm-1:1.7.0.5.0-1jpp.2.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.4.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.62.1.11.11.90.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2457.json"},{"CVE":"CVE-2013-2453","severity":"moderate","public_date":"2013-06-18T00:00:00Z","advisories":["RHSA-2013:0958","RHSA-2014:0414","RHSA-2013:0957","RHSA-2013:1060","RHSA-2013:1456","RHSA-2013:0963","RHSA-2013:1014","RHSA-2013:1455","RHSA-2013:1059"],"bugzilla":"975134","bugzilla_description":"CVE-2013-2453 OpenJDK: MBeanServer Introspector package access (JMX, 8008124)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.3.el6_4","java-1.7.0-oracle-1:1.7.0.25-1jpp.1.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.41.1.11.11.90.el5_9","java-1.7.0-ibm-1:1.7.0.5.0-1jpp.2.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.4.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.62.1.11.11.90.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2453.json"},{"CVE":"CVE-2013-2443","severity":"moderate","public_date":"2013-06-18T00:00:00Z","advisories":["RHSA-2013:0958","RHSA-2014:0414","RHSA-2013:0957","RHSA-2013:1081","RHSA-2013:1456","RHSA-2013:0963","RHSA-2013:1014","RHSA-2013:1455","RHSA-2013:1059"],"bugzilla":"975137","bugzilla_description":"CVE-2013-2443 OpenJDK: AccessControlContext check order issue (Libraries, 8001330)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.3.el6_4","java-1.5.0-ibm-1:1.5.0.16.3-1jpp.1.el6_4","java-1.7.0-oracle-1:1.7.0.25-1jpp.1.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.41.1.11.11.90.el5_9","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.4.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.62.1.11.11.90.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.6.0-sun-1:1.6.0.75-1jpp.1.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2443.json"},{"CVE":"CVE-2013-2452","severity":"moderate","public_date":"2013-06-18T00:00:00Z","advisories":["RHSA-2013:0958","RHSA-2014:0414","RHSA-2013:0957","RHSA-2013:1081","RHSA-2013:1060","RHSA-2013:1456","RHSA-2013:0963","RHSA-2013:1014","RHSA-2013:1455","RHSA-2013:1059"],"bugzilla":"975138","bugzilla_description":"CVE-2013-2452 OpenJDK: Unique VMIDs (Libraries, 8001033)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.3.el6_4","java-1.5.0-ibm-1:1.5.0.16.3-1jpp.1.el6_4","java-1.7.0-oracle-1:1.7.0.25-1jpp.1.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.41.1.11.11.90.el5_9","java-1.7.0-ibm-1:1.7.0.5.0-1jpp.2.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.4.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.62.1.11.11.90.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2452.json"},{"CVE":"CVE-2013-2455","severity":"moderate","public_date":"2013-06-18T00:00:00Z","advisories":["RHSA-2013:0958","RHSA-2014:0414","RHSA-2013:0957","RHSA-2013:1081","RHSA-2013:1060","RHSA-2013:1456","RHSA-2013:0963","RHSA-2013:1014","RHSA-2013:1455","RHSA-2013:1059"],"bugzilla":"975139","bugzilla_description":"CVE-2013-2455 OpenJDK: getEnclosing* checks (Libraries, 8007812)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.3.el6_4","java-1.5.0-ibm-1:1.5.0.16.3-1jpp.1.el6_4","java-1.7.0-oracle-1:1.7.0.25-1jpp.1.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.41.1.11.11.90.el5_9","java-1.7.0-ibm-1:1.7.0.5.0-1jpp.2.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.4.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.62.1.11.11.90.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2455.json"},{"CVE":"CVE-2013-2447","severity":"moderate","public_date":"2013-06-18T00:00:00Z","advisories":["RHSA-2013:0958","RHSA-2014:0414","RHSA-2013:0957","RHSA-2013:1081","RHSA-2013:1060","RHSA-2013:1456","RHSA-2013:0963","RHSA-2013:1014","RHSA-2013:1455","RHSA-2013:1059"],"bugzilla":"975140","bugzilla_description":"CVE-2013-2447 OpenJDK: Prevent revealing the local address (Networking, 8001318)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.3.el6_4","java-1.5.0-ibm-1:1.5.0.16.3-1jpp.1.el6_4","java-1.7.0-oracle-1:1.7.0.25-1jpp.1.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.41.1.11.11.90.el5_9","java-1.7.0-ibm-1:1.7.0.5.0-1jpp.2.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.4.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.62.1.11.11.90.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2447.json"},{"CVE":"CVE-2013-2450","severity":"moderate","public_date":"2013-06-18T00:00:00Z","advisories":["RHSA-2013:0958","RHSA-2014:0414","RHSA-2013:0957","RHSA-2013:1081","RHSA-2013:1060","RHSA-2013:1456","RHSA-2013:0963","RHSA-2013:1014","RHSA-2013:1455","RHSA-2013:1059"],"bugzilla":"975141","bugzilla_description":"CVE-2013-2450 OpenJDK: ObjectStreamClass circular reference denial of service (Serialization, 8000638)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.3.el6_4","java-1.5.0-ibm-1:1.5.0.16.3-1jpp.1.el6_4","java-1.7.0-oracle-1:1.7.0.25-1jpp.1.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.41.1.11.11.90.el5_9","java-1.7.0-ibm-1:1.7.0.5.0-1jpp.2.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.4.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.62.1.11.11.90.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2450.json"},{"CVE":"CVE-2013-2456","severity":"moderate","public_date":"2013-06-18T00:00:00Z","advisories":["RHSA-2013:0958","RHSA-2014:0414","RHSA-2013:0957","RHSA-2013:1081","RHSA-2013:1060","RHSA-2013:1456","RHSA-2013:0963","RHSA-2013:1014","RHSA-2013:1455","RHSA-2013:1059"],"bugzilla":"975142","bugzilla_description":"CVE-2013-2456 OpenJDK: ObjectOutputStream access checks (Serialization, 8008132)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.3.el6_4","java-1.5.0-ibm-1:1.5.0.16.3-1jpp.1.el6_4","java-1.7.0-oracle-1:1.7.0.25-1jpp.1.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.41.1.11.11.90.el5_9","java-1.7.0-ibm-1:1.7.0.5.0-1jpp.2.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.4.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.62.1.11.11.90.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2456.json"},{"CVE":"CVE-2013-2412","severity":"moderate","public_date":"2013-06-18T00:00:00Z","advisories":["RHSA-2013:0958","RHSA-2014:0414","RHSA-2013:0957","RHSA-2013:1060","RHSA-2013:1456","RHSA-2013:0963","RHSA-2013:1014","RHSA-2013:1455","RHSA-2013:1059"],"bugzilla":"975144","bugzilla_description":"CVE-2013-2412 OpenJDK: JConsole SSL support (Serviceability, 8003703)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.3.el6_4","java-1.7.0-oracle-1:1.7.0.25-1jpp.1.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.41.1.11.11.90.el5_9","java-1.7.0-ibm-1:1.7.0.5.0-1jpp.2.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.4.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.62.1.11.11.90.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2412.json"},{"CVE":"CVE-2013-2449","severity":"moderate","public_date":"2013-06-18T00:00:00Z","advisories":["RHSA-2013:0958","RHSA-2013:0957","RHSA-2013:1060","RHSA-2013:0963"],"bugzilla":"975145","bugzilla_description":"CVE-2013-2449 OpenJDK: GnomeFileTypeDetector path access check (Libraries, 8004288)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.25-2.3.10.3.el6_4","java-1.7.0-oracle-1:1.7.0.25-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.5.0-1jpp.2.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.4.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2449.json"},{"CVE":"CVE-2013-2451","severity":"low","public_date":"2013-06-18T00:00:00Z","advisories":["RHSA-2014:0414","RHSA-2013:1060","RHSA-2013:1456","RHSA-2013:0963","RHSA-2013:1455","RHSA-2013:1059"],"bugzilla":"975146","bugzilla_description":"CVE-2013-2451 OpenJDK: exclusive port binding (Networking, 7170730)","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4","java-1.7.0-oracle-1:1.7.0.25-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.5.0-1jpp.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2451.json"},{"CVE":"CVE-2013-1500","severity":"low","public_date":"2013-06-18T00:00:00Z","advisories":["RHSA-2013:0958","RHSA-2014:0414","RHSA-2013:0957","RHSA-2013:1081","RHSA-2013:1060","RHSA-2013:1456","RHSA-2013:0963","RHSA-2013:1014","RHSA-2013:1455","RHSA-2013:1059"],"bugzilla":"975148","bugzilla_description":"CVE-2013-1500 OpenJDK: Insecure shared memory permissions (2D, 8001034)","cvss_score":3.6,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.3.el6_4","java-1.5.0-ibm-1:1.5.0.16.3-1jpp.1.el6_4","java-1.7.0-oracle-1:1.7.0.25-1jpp.1.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.41.1.11.11.90.el5_9","java-1.7.0-ibm-1:1.7.0.5.0-1jpp.2.el6_4","java-1.7.0-openjdk-1:1.7.0.25-2.3.10.4.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.62.1.11.11.90.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1500.json"},{"CVE":"CVE-2013-2464","severity":"critical","public_date":"2013-06-18T00:00:00Z","advisories":["RHSA-2014:0414","RHSA-2013:1081","RHSA-2013:1060","RHSA-2013:1456","RHSA-2013:0963","RHSA-2013:1455","RHSA-2013:1059"],"bugzilla":"975757","bugzilla_description":"CVE-2013-2464 Oracle JDK: unspecified vulnerability fixed in 7u25 (2D)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4","java-1.5.0-ibm-1:1.5.0.16.3-1jpp.1.el6_4","java-1.7.0-oracle-1:1.7.0.25-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.5.0-1jpp.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2464.json"},{"CVE":"CVE-2013-2468","severity":"critical","public_date":"2013-06-18T00:00:00Z","advisories":["RHSA-2014:0414","RHSA-2013:1060","RHSA-2013:1456","RHSA-2013:0963","RHSA-2013:1455","RHSA-2013:1059"],"bugzilla":"975761","bugzilla_description":"CVE-2013-2468 Oracle JDK: unspecified vulnerability fixed in 7u25 (Deployment)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4","java-1.7.0-oracle-1:1.7.0.25-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.5.0-1jpp.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2468.json"},{"CVE":"CVE-2013-2466","severity":"critical","public_date":"2013-06-18T00:00:00Z","advisories":["RHSA-2014:0414","RHSA-2013:1060","RHSA-2013:1456","RHSA-2013:0963","RHSA-2013:1455","RHSA-2013:1059"],"bugzilla":"975764","bugzilla_description":"CVE-2013-2466 Oracle JDK: unspecified vulnerability fixed in 7u25 (Deployment)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4","java-1.7.0-oracle-1:1.7.0.25-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.5.0-1jpp.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2466.json"},{"CVE":"CVE-2013-3743","severity":"critical","public_date":"2013-06-18T00:00:00Z","advisories":["RHSA-2014:0414","RHSA-2013:1081","RHSA-2013:1456","RHSA-2013:1455","RHSA-2013:1059"],"bugzilla":"975767","bugzilla_description":"CVE-2013-3743 Oracle JDK: unspecified vulnerability fixed in 6u51 and 5u51 (AWT)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4","java-1.5.0-ibm-1:1.5.0.16.3-1jpp.1.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3743.json"},{"CVE":"CVE-2013-2462","severity":"critical","public_date":"2013-06-18T00:00:00Z","advisories":["RHSA-2013:1060","RHSA-2013:0963"],"bugzilla":"975769","bugzilla_description":"CVE-2013-2462 Oracle JDK: unspecified vulnerability fixed in 7u25 (Deployment)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.25-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.5.0-1jpp.2.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2462.json"},{"CVE":"CVE-2013-2442","severity":"important","public_date":"2013-06-18T00:00:00Z","advisories":["RHSA-2014:0414","RHSA-2013:1060","RHSA-2013:1456","RHSA-2013:0963","RHSA-2013:1455","RHSA-2013:1059"],"bugzilla":"975770","bugzilla_description":"CVE-2013-2442 Oracle JDK: unspecified vulnerability fixed in 7u25 (Deployment)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4","java-1.7.0-oracle-1:1.7.0.25-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.5.0-1jpp.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2442.json"},{"CVE":"CVE-2013-2467","severity":"important","public_date":"2013-06-18T00:00:00Z","advisories":[],"bugzilla":"975772","bugzilla_description":"CVE-2013-2467 Oracle JDK: unspecified vulnerability fixed in 5u51 (Install)","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2467.json"},{"CVE":"CVE-2013-2437","severity":"moderate","public_date":"2013-06-18T00:00:00Z","advisories":["RHSA-2014:0414","RHSA-2013:1060","RHSA-2013:1456","RHSA-2013:0963","RHSA-2013:1455","RHSA-2013:1059"],"bugzilla":"975773","bugzilla_description":"CVE-2013-2437 Oracle JDK: unspecified vulnerability fixed in 7u25 (Deployment)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4","java-1.7.0-oracle-1:1.7.0.25-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.5.0-1jpp.2.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2437.json"},{"CVE":"CVE-2013-2400","severity":"moderate","public_date":"2013-06-18T00:00:00Z","advisories":["RHSA-2013:1060","RHSA-2013:0963"],"bugzilla":"975774","bugzilla_description":"CVE-2013-2400 Oracle JDK: unspecified vulnerability fixed in 7u25 (Deployment)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.25-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.5.0-1jpp.2.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2400.json"},{"CVE":"CVE-2013-3744","severity":"moderate","public_date":"2013-06-18T00:00:00Z","advisories":["RHSA-2013:1060","RHSA-2013:0963"],"bugzilla":"975775","bugzilla_description":"CVE-2013-3744 Oracle JDK: unspecified vulnerability fixed in 7u25 (Deployment)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.25-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.5.0-1jpp.2.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3744.json"},{"CVE":"CVE-2013-0401","severity":"critical","public_date":"2013-04-16T00:00:00Z","advisories":["RHSA-2013:0823","RHSA-2013:0757","RHSA-2013:0822","RHSA-2013:0855","RHSA-2013:0758","RHSA-2013:0752","RHSA-2013:1456","RHSA-2013:0770","RHSA-2013:1455","RHSA-2013:0751"],"bugzilla":"920245","bugzilla_description":"CVE-2013-0401 OpenJDK: sun.awt.datatransfer.ClassLoaderObjectInputStream class may incorrectly invoke the system class loader (CanSecWest 2013, AWT, 8009305)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el5_9","java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6","java-1.5.0-ibm-1:1.5.0.16.2-1jpp.1.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.40.1.11.11.el5_9","java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el6_4","java-1.6.0-sun-1:1.6.0.45-1jpp.1.el6","java-1.5.0-ibm-1:1.5.0.16.2-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.4.2-1jpp.1.el5_9","java-1.6.0-ibm-1:1.6.0.13.2-1jpp.1.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.61.1.11.11.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0401.json"},{"CVE":"CVE-2013-1488","severity":"critical","public_date":"2013-04-16T00:00:00Z","advisories":["RHSA-2013:0757","RHSA-2013:0822","RHSA-2013:0752","RHSA-2013:0770","RHSA-2013:0751"],"bugzilla":"920247","bugzilla_description":"CVE-2013-1488 OpenJDK: JDBC driver manager improper toString calls (CanSecWest 2013, Libraries, 8009814)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el5_9","java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6","java-1.6.0-openjdk-1:1.6.0.0-1.40.1.11.11.el5_9","java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el6_4","java-1.7.0-ibm-1:1.7.0.4.2-1jpp.1.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.61.1.11.11.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1488.json"},{"CVE":"CVE-2013-1537","severity":"critical","public_date":"2013-04-16T00:00:00Z","advisories":["RHSA-2013:0823","RHSA-2013:0757","RHSA-2013:0822","RHSA-2013:0855","RHSA-2013:0758","RHSA-2013:0752","RHSA-2013:1456","RHSA-2013:0770","RHSA-2013:1455","RHSA-2013:0751"],"bugzilla":"952387","bugzilla_description":"CVE-2013-1537 OpenJDK: remote code loading enabled by default (RMI, 8001040)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el5_9","java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6","java-1.5.0-ibm-1:1.5.0.16.2-1jpp.1.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.40.1.11.11.el5_9","java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el6_4","java-1.6.0-sun-1:1.6.0.45-1jpp.1.el6","java-1.5.0-ibm-1:1.5.0.16.2-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.4.2-1jpp.1.el5_9","java-1.6.0-ibm-1:1.6.0.13.2-1jpp.1.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.61.1.11.11.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1537.json"},{"CVE":"CVE-2013-2415","severity":"low","public_date":"2013-04-16T00:00:00Z","advisories":["RHSA-2013:0757","RHSA-2013:0822","RHSA-2013:0752","RHSA-2013:0770","RHSA-2013:0751"],"bugzilla":"952389","bugzilla_description":"CVE-2013-2415 OpenJDK: temporary files created with insecure permissions (JAX-WS, 8003542)","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-732","affected_packages":["java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el5_9","java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6","java-1.6.0-openjdk-1:1.6.0.0-1.40.1.11.11.el5_9","java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el6_4","java-1.7.0-ibm-1:1.7.0.4.2-1jpp.1.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.61.1.11.11.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2415.json"},{"CVE":"CVE-2013-2423","severity":"moderate","public_date":"2013-04-16T00:00:00Z","advisories":["RHSA-2013:0757","RHSA-2013:0822","RHSA-2013:0752","RHSA-2013:0751"],"bugzilla":"952398","bugzilla_description":"CVE-2013-2423 OpenJDK: incorrect setter access checks in MethodHandles (Hostspot, 8009677)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el5_9","java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6","java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el6_4","java-1.7.0-ibm-1:1.7.0.4.2-1jpp.1.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2423.json"},{"CVE":"CVE-2013-2424","severity":"moderate","public_date":"2013-04-16T00:00:00Z","advisories":["RHSA-2013:0823","RHSA-2013:0757","RHSA-2013:0822","RHSA-2013:0855","RHSA-2013:0758","RHSA-2013:0752","RHSA-2013:1456","RHSA-2013:0770","RHSA-2013:1455","RHSA-2013:0751"],"bugzilla":"952509","bugzilla_description":"CVE-2013-2424 OpenJDK: MBeanInstantiator insufficient class access checks (JMX, 8006435)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el5_9","java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6","java-1.5.0-ibm-1:1.5.0.16.2-1jpp.1.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.40.1.11.11.el5_9","java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el6_4","java-1.6.0-sun-1:1.6.0.45-1jpp.1.el6","java-1.5.0-ibm-1:1.5.0.16.2-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.4.2-1jpp.1.el5_9","java-1.6.0-ibm-1:1.6.0.13.2-1jpp.1.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.61.1.11.11.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2424.json"},{"CVE":"CVE-2013-2429","severity":"important","public_date":"2013-04-16T00:00:00Z","advisories":["RHSA-2013:0823","RHSA-2013:0757","RHSA-2013:0822","RHSA-2013:0855","RHSA-2013:0758","RHSA-2013:0752","RHSA-2013:1456","RHSA-2013:0770","RHSA-2013:1455","RHSA-2013:0751"],"bugzilla":"952521","bugzilla_description":"CVE-2013-2429 OpenJDK: JPEGImageWriter state corruption (ImageIO, 8007918)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el5_9","java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6","java-1.5.0-ibm-1:1.5.0.16.2-1jpp.1.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.40.1.11.11.el5_9","java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el6_4","java-1.6.0-sun-1:1.6.0.45-1jpp.1.el6","java-1.5.0-ibm-1:1.5.0.16.2-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.4.2-1jpp.1.el5_9","java-1.6.0-ibm-1:1.6.0.13.2-1jpp.1.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.61.1.11.11.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2429.json"},{"CVE":"CVE-2013-2430","severity":"important","public_date":"2013-04-16T00:00:00Z","advisories":["RHSA-2013:0823","RHSA-2013:0757","RHSA-2013:0822","RHSA-2013:0855","RHSA-2013:0758","RHSA-2013:0752","RHSA-2013:1456","RHSA-2013:0770","RHSA-2013:1455","RHSA-2013:0751"],"bugzilla":"952524","bugzilla_description":"CVE-2013-2430 OpenJDK: JPEGImageReader state corruption (ImageIO, 8007667)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el5_9","java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6","java-1.5.0-ibm-1:1.5.0.16.2-1jpp.1.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.40.1.11.11.el5_9","java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el6_4","java-1.6.0-sun-1:1.6.0.45-1jpp.1.el6","java-1.5.0-ibm-1:1.5.0.16.2-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.4.2-1jpp.1.el5_9","java-1.6.0-ibm-1:1.6.0.13.2-1jpp.1.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.61.1.11.11.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2430.json"},{"CVE":"CVE-2013-2436","severity":"critical","public_date":"2013-04-16T00:00:00Z","advisories":["RHSA-2013:0757","RHSA-2013:0822","RHSA-2013:0752","RHSA-2013:0751"],"bugzilla":"952550","bugzilla_description":"CVE-2013-2436 OpenJDK: Wrapper.convert insufficient type checks (Libraries, 8009049)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el5_9","java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6","java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el6_4","java-1.7.0-ibm-1:1.7.0.4.2-1jpp.1.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2436.json"},{"CVE":"CVE-2013-2420","severity":"critical","public_date":"2013-04-16T00:00:00Z","advisories":["RHSA-2013:0823","RHSA-2013:0757","RHSA-2013:0822","RHSA-2013:0855","RHSA-2013:0758","RHSA-2013:0752","RHSA-2013:1456","RHSA-2013:0770","RHSA-2013:1455","RHSA-2013:0751"],"bugzilla":"952638","bugzilla_description":"CVE-2013-2420 OpenJDK: image processing vulnerability (2D, 8007617)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el5_9","java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6","java-1.5.0-ibm-1:1.5.0.16.2-1jpp.1.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.40.1.11.11.el5_9","java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el6_4","java-1.6.0-sun-1:1.6.0.45-1jpp.1.el6","java-1.5.0-ibm-1:1.5.0.16.2-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.4.2-1jpp.1.el5_9","java-1.6.0-ibm-1:1.6.0.13.2-1jpp.1.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.61.1.11.11.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2420.json"},{"CVE":"CVE-2013-1558","severity":"critical","public_date":"2013-04-16T00:00:00Z","advisories":["RHSA-2013:0757","RHSA-2013:0822","RHSA-2013:0758","RHSA-2013:0752","RHSA-2013:0770","RHSA-2013:0751"],"bugzilla":"952640","bugzilla_description":"CVE-2013-1558 OpenJDK: java.beans.ThreadGroupContext missing restrictions (Beans, 7200507)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el5_9","java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6","java-1.6.0-openjdk-1:1.6.0.0-1.40.1.11.11.el5_9","java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el6_4","java-1.6.0-sun-1:1.6.0.45-1jpp.1.el6","java-1.7.0-ibm-1:1.7.0.4.2-1jpp.1.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.61.1.11.11.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1558.json"},{"CVE":"CVE-2013-2422","severity":"critical","public_date":"2013-04-16T00:00:00Z","advisories":["RHSA-2013:0823","RHSA-2013:0757","RHSA-2013:0822","RHSA-2013:0758","RHSA-2013:0752","RHSA-2013:1456","RHSA-2013:0770","RHSA-2013:1455","RHSA-2013:0751"],"bugzilla":"952642","bugzilla_description":"CVE-2013-2422 OpenJDK: MethodUtil trampoline class incorrect restrictions (Libraries, 8009857)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el5_9","java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6","java-1.6.0-openjdk-1:1.6.0.0-1.40.1.11.11.el5_9","java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el6_4","java-1.6.0-sun-1:1.6.0.45-1jpp.1.el6","java-1.7.0-ibm-1:1.7.0.4.2-1jpp.1.el5_9","java-1.6.0-ibm-1:1.6.0.13.2-1jpp.1.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.61.1.11.11.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2422.json"},{"CVE":"CVE-2013-2431","severity":"critical","public_date":"2013-04-16T00:00:00Z","advisories":["RHSA-2013:0757","RHSA-2013:0752","RHSA-2013:0770","RHSA-2013:0751"],"bugzilla":"952645","bugzilla_description":"CVE-2013-2431 OpenJDK: Hotspot intrinsic frames vulnerability (Hotspot, 8004336)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el5_9","java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6","java-1.6.0-openjdk-1:1.6.0.0-1.40.1.11.11.el5_9","java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.61.1.11.11.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2431.json"},{"CVE":"CVE-2013-1518","severity":"critical","public_date":"2013-04-16T00:00:00Z","advisories":["RHSA-2013:0757","RHSA-2013:0758","RHSA-2013:0752","RHSA-2013:0770","RHSA-2013:0751"],"bugzilla":"952646","bugzilla_description":"CVE-2013-1518 OpenJDK: JAXP missing security restrictions (JAXP, 6657673)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el5_9","java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6","java-1.6.0-openjdk-1:1.6.0.0-1.40.1.11.11.el5_9","java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el6_4","java-1.6.0-sun-1:1.6.0.45-1jpp.1.el6","java-1.6.0-openjdk-1:1.6.0.0-1.61.1.11.11.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1518.json"},{"CVE":"CVE-2013-1557","severity":"critical","public_date":"2013-04-16T00:00:00Z","advisories":["RHSA-2013:0823","RHSA-2013:0757","RHSA-2013:0822","RHSA-2013:0855","RHSA-2013:0758","RHSA-2013:0752","RHSA-2013:1456","RHSA-2013:0770","RHSA-2013:1455","RHSA-2013:0751"],"bugzilla":"952648","bugzilla_description":"CVE-2013-1557 OpenJDK: LogStream.setDefaultStream() missing security restrictions (RMI, 8001329)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el5_9","java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6","java-1.5.0-ibm-1:1.5.0.16.2-1jpp.1.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.40.1.11.11.el5_9","java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el6_4","java-1.6.0-sun-1:1.6.0.45-1jpp.1.el6","java-1.5.0-ibm-1:1.5.0.16.2-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.4.2-1jpp.1.el5_9","java-1.6.0-ibm-1:1.6.0.13.2-1jpp.1.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.61.1.11.11.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1557.json"},{"CVE":"CVE-2013-2421","severity":"critical","public_date":"2013-04-16T00:00:00Z","advisories":["RHSA-2013:0757","RHSA-2013:0752","RHSA-2013:0770","RHSA-2013:0751"],"bugzilla":"952649","bugzilla_description":"CVE-2013-2421 OpenJDK: Hotspot MethodHandle lookup error (Hotspot, 8009699)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el5_9","java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6","java-1.6.0-openjdk-1:1.6.0.0-1.40.1.11.11.el5_9","java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.61.1.11.11.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2421.json"},{"CVE":"CVE-2013-2426","severity":"critical","public_date":"2013-04-16T00:00:00Z","advisories":["RHSA-2013:0757","RHSA-2013:0822","RHSA-2013:0752","RHSA-2013:0770","RHSA-2013:0751"],"bugzilla":"952653","bugzilla_description":"CVE-2013-2426 OpenJDK: ConcurrentHashMap incorrectly calls defaultReadObject() method (Libraries, 8009063)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el5_9","java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6","java-1.6.0-openjdk-1:1.6.0.0-1.40.1.11.11.el5_9","java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el6_4","java-1.7.0-ibm-1:1.7.0.4.2-1jpp.1.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.61.1.11.11.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2426.json"},{"CVE":"CVE-2013-2419","severity":"moderate","public_date":"2013-04-16T00:00:00Z","advisories":["RHSA-2013:0823","RHSA-2013:0757","RHSA-2013:0822","RHSA-2013:0855","RHSA-2013:0758","RHSA-2013:0752","RHSA-2013:1456","RHSA-2013:0770","RHSA-2013:1455","RHSA-2013:0751"],"bugzilla":"952656","bugzilla_description":"CVE-2013-2419 ICU: Layout Engine font processing errors (JDK 2D, 8001031)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el5_9","java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6","java-1.5.0-ibm-1:1.5.0.16.2-1jpp.1.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.40.1.11.11.el5_9","java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el6_4","java-1.6.0-sun-1:1.6.0.45-1jpp.1.el6","java-1.5.0-ibm-1:1.5.0.16.2-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.4.2-1jpp.1.el5_9","java-1.6.0-ibm-1:1.6.0.13.2-1jpp.1.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.61.1.11.11.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2419.json"},{"CVE":"CVE-2013-2417","severity":"moderate","public_date":"2013-04-16T00:00:00Z","advisories":["RHSA-2013:0823","RHSA-2013:0757","RHSA-2013:0822","RHSA-2013:0855","RHSA-2013:0758","RHSA-2013:0752","RHSA-2013:1456","RHSA-2013:0770","RHSA-2013:1455","RHSA-2013:0751"],"bugzilla":"952657","bugzilla_description":"CVE-2013-2417 OpenJDK: Network InetAddress serialization information disclosure (Networking, 8000724)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el5_9","java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6","java-1.5.0-ibm-1:1.5.0.16.2-1jpp.1.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.40.1.11.11.el5_9","java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el6_4","java-1.6.0-sun-1:1.6.0.45-1jpp.1.el6","java-1.5.0-ibm-1:1.5.0.16.2-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.4.2-1jpp.1.el5_9","java-1.6.0-ibm-1:1.6.0.13.2-1jpp.1.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.61.1.11.11.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2417.json"},{"CVE":"CVE-2013-2383","severity":"critical","public_date":"2013-04-16T00:00:00Z","advisories":["RHSA-2013:0823","RHSA-2013:0757","RHSA-2013:0822","RHSA-2013:0855","RHSA-2013:0758","RHSA-2013:0752","RHSA-2013:1456","RHSA-2013:0770","RHSA-2013:1455","RHSA-2013:0751"],"bugzilla":"952708","bugzilla_description":"CVE-2013-2383 ICU: Layout Engine font layout and glyph table errors (JDK 2D, 8004986)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el5_9","java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6","java-1.5.0-ibm-1:1.5.0.16.2-1jpp.1.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.40.1.11.11.el5_9","java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el6_4","java-1.6.0-sun-1:1.6.0.45-1jpp.1.el6","java-1.5.0-ibm-1:1.5.0.16.2-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.4.2-1jpp.1.el5_9","java-1.6.0-ibm-1:1.6.0.13.2-1jpp.1.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.61.1.11.11.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2383.json"},{"CVE":"CVE-2013-2384","severity":"critical","public_date":"2013-04-16T00:00:00Z","advisories":["RHSA-2013:0823","RHSA-2013:0757","RHSA-2013:0822","RHSA-2013:0855","RHSA-2013:0758","RHSA-2013:0752","RHSA-2013:1456","RHSA-2013:0770","RHSA-2013:1455","RHSA-2013:0751"],"bugzilla":"952709","bugzilla_description":"CVE-2013-2384 ICU: Layout Engine font layout and glyph table errors (JDK 2D, 8004987)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el5_9","java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6","java-1.5.0-ibm-1:1.5.0.16.2-1jpp.1.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.40.1.11.11.el5_9","java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el6_4","java-1.6.0-sun-1:1.6.0.45-1jpp.1.el6","java-1.5.0-ibm-1:1.5.0.16.2-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.4.2-1jpp.1.el5_9","java-1.6.0-ibm-1:1.6.0.13.2-1jpp.1.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.61.1.11.11.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2384.json"},{"CVE":"CVE-2013-1569","severity":"critical","public_date":"2013-04-16T00:00:00Z","advisories":["RHSA-2013:0823","RHSA-2013:0757","RHSA-2013:0822","RHSA-2013:0855","RHSA-2013:0758","RHSA-2013:0752","RHSA-2013:1456","RHSA-2013:0770","RHSA-2013:1455","RHSA-2013:0751"],"bugzilla":"952711","bugzilla_description":"CVE-2013-1569 ICU: Layout Engine font layout and glyph table errors (JDK 2D, 8004994)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el5_9","java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6","java-1.5.0-ibm-1:1.5.0.16.2-1jpp.1.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.40.1.11.11.el5_9","java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el6_4","java-1.6.0-sun-1:1.6.0.45-1jpp.1.el6","java-1.5.0-ibm-1:1.5.0.16.2-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.4.2-1jpp.1.el5_9","java-1.6.0-ibm-1:1.6.0.13.2-1jpp.1.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.61.1.11.11.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1569.json"},{"CVE":"CVE-2013-1561","severity":"critical","public_date":"2013-04-16T00:00:00Z","advisories":["RHSA-2013:0757"],"bugzilla":"953135","bugzilla_description":"Oracle JDK: multiple unspecified JavaFX vulnerabilities fixed in 7u21 (JavaFX)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1561.json"},{"CVE":"CVE-2013-1564","severity":"critical","public_date":"2013-04-16T00:00:00Z","advisories":["RHSA-2013:0757"],"bugzilla":"953135","bugzilla_description":"Oracle JDK: multiple unspecified JavaFX vulnerabilities fixed in 7u21 (JavaFX)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1564.json"},{"CVE":"CVE-2013-2414","severity":"critical","public_date":"2013-04-16T00:00:00Z","advisories":["RHSA-2013:0757"],"bugzilla":"953135","bugzilla_description":"Oracle JDK: multiple unspecified JavaFX vulnerabilities fixed in 7u21 (JavaFX)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2414.json"},{"CVE":"CVE-2013-2427","severity":"critical","public_date":"2013-04-16T00:00:00Z","advisories":["RHSA-2013:0757"],"bugzilla":"953135","bugzilla_description":"Oracle JDK: multiple unspecified JavaFX vulnerabilities fixed in 7u21 (JavaFX)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2427.json"},{"CVE":"CVE-2013-2428","severity":"critical","public_date":"2013-04-16T00:00:00Z","advisories":["RHSA-2013:0757"],"bugzilla":"953135","bugzilla_description":"Oracle JDK: multiple unspecified JavaFX vulnerabilities fixed in 7u21 (JavaFX)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2428.json"},{"CVE":"CVE-2013-2438","severity":"critical","public_date":"2013-04-16T00:00:00Z","advisories":["RHSA-2013:0757","RHSA-2013:0822"],"bugzilla":"953135","bugzilla_description":"Oracle JDK: multiple unspecified JavaFX vulnerabilities fixed in 7u21 (JavaFX)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6","java-1.7.0-ibm-1:1.7.0.4.2-1jpp.1.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2438.json"},{"CVE":"CVE-2013-1540","severity":"moderate","public_date":"2013-04-16T00:00:00Z","advisories":["RHSA-2013:0823","RHSA-2013:0757","RHSA-2013:0822","RHSA-2013:0758","RHSA-2013:1456","RHSA-2013:1455"],"bugzilla":"953166","bugzilla_description":"CVE-2013-1540 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6","java-1.6.0-sun-1:1.6.0.45-1jpp.1.el6","java-1.7.0-ibm-1:1.7.0.4.2-1jpp.1.el5_9","java-1.6.0-ibm-1:1.6.0.13.2-1jpp.1.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1540.json"},{"CVE":"CVE-2013-1563","severity":"moderate","public_date":"2013-04-16T00:00:00Z","advisories":["RHSA-2013:0823","RHSA-2013:0757","RHSA-2013:0822","RHSA-2013:0758","RHSA-2013:1456","RHSA-2013:1455"],"bugzilla":"953172","bugzilla_description":"CVE-2013-1563 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Install)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6","java-1.6.0-sun-1:1.6.0.45-1jpp.1.el6","java-1.7.0-ibm-1:1.7.0.4.2-1jpp.1.el5_9","java-1.6.0-ibm-1:1.6.0.13.2-1jpp.1.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1563.json"},{"CVE":"CVE-2013-2394","severity":"important","public_date":"2013-04-16T00:00:00Z","advisories":["RHSA-2013:0823","RHSA-2013:0757","RHSA-2013:0822","RHSA-2013:0855","RHSA-2013:0758","RHSA-2013:1456","RHSA-2013:1455"],"bugzilla":"953265","bugzilla_description":"CVE-2013-2394 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (2D)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6","java-1.5.0-ibm-1:1.5.0.16.2-1jpp.1.el5_9","java-1.6.0-sun-1:1.6.0.45-1jpp.1.el6","java-1.5.0-ibm-1:1.5.0.16.2-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.4.2-1jpp.1.el5_9","java-1.6.0-ibm-1:1.6.0.13.2-1jpp.1.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2394.json"},{"CVE":"CVE-2013-2416","severity":"moderate","public_date":"2013-04-16T00:00:00Z","advisories":["RHSA-2013:0757","RHSA-2013:0822"],"bugzilla":"953266","bugzilla_description":"CVE-2013-2416 Oracle JDK: unspecified vulnerability fixed in 7u21 (Deployment)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6","java-1.7.0-ibm-1:1.7.0.4.2-1jpp.1.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2416.json"},{"CVE":"CVE-2013-2418","severity":"moderate","public_date":"2013-04-16T00:00:00Z","advisories":["RHSA-2013:0823","RHSA-2013:0757","RHSA-2013:0822","RHSA-2013:0758","RHSA-2013:1456","RHSA-2013:1455"],"bugzilla":"953267","bugzilla_description":"CVE-2013-2418 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)","cvss_score":4.6,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6","java-1.6.0-sun-1:1.6.0.45-1jpp.1.el6","java-1.7.0-ibm-1:1.7.0.4.2-1jpp.1.el5_9","java-1.6.0-ibm-1:1.6.0.13.2-1jpp.1.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2418.json"},{"CVE":"CVE-2013-2425","severity":"critical","public_date":"2013-04-16T00:00:00Z","advisories":["RHSA-2013:0757"],"bugzilla":"953268","bugzilla_description":"CVE-2013-2425 Oracle JDK: unspecified vulnerability fixed in 7u21 (Install)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2425.json"},{"CVE":"CVE-2013-2432","severity":"critical","public_date":"2013-04-16T00:00:00Z","advisories":["RHSA-2013:0823","RHSA-2013:0757","RHSA-2013:0822","RHSA-2013:0855","RHSA-2013:0758","RHSA-2013:1456","RHSA-2013:1455"],"bugzilla":"953269","bugzilla_description":"CVE-2013-2432 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (2D)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6","java-1.5.0-ibm-1:1.5.0.16.2-1jpp.1.el5_9","java-1.6.0-sun-1:1.6.0.45-1jpp.1.el6","java-1.5.0-ibm-1:1.5.0.16.2-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.4.2-1jpp.1.el5_9","java-1.6.0-ibm-1:1.6.0.13.2-1jpp.1.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2432.json"},{"CVE":"CVE-2013-2433","severity":"moderate","public_date":"2013-04-16T00:00:00Z","advisories":["RHSA-2013:0823","RHSA-2013:0757","RHSA-2013:0822","RHSA-2013:0758","RHSA-2013:1456","RHSA-2013:1455"],"bugzilla":"953270","bugzilla_description":"CVE-2013-2433 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6","java-1.6.0-sun-1:1.6.0.45-1jpp.1.el6","java-1.7.0-ibm-1:1.7.0.4.2-1jpp.1.el5_9","java-1.6.0-ibm-1:1.6.0.13.2-1jpp.1.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2433.json"},{"CVE":"CVE-2013-2434","severity":"critical","public_date":"2013-04-16T00:00:00Z","advisories":["RHSA-2013:0757","RHSA-2013:0822"],"bugzilla":"953272","bugzilla_description":"CVE-2013-2434 Oracle JDK: unspecified vulnerability fixed in 7u21 (2D)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6","java-1.7.0-ibm-1:1.7.0.4.2-1jpp.1.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2434.json"},{"CVE":"CVE-2013-2435","severity":"critical","public_date":"2013-04-16T00:00:00Z","advisories":["RHSA-2013:0823","RHSA-2013:0757","RHSA-2013:0822","RHSA-2013:0758","RHSA-2013:1456","RHSA-2013:1455"],"bugzilla":"953273","bugzilla_description":"CVE-2013-2435 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6","java-1.6.0-sun-1:1.6.0.45-1jpp.1.el6","java-1.7.0-ibm-1:1.7.0.4.2-1jpp.1.el5_9","java-1.6.0-ibm-1:1.6.0.13.2-1jpp.1.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2435.json"},{"CVE":"CVE-2013-2439","severity":"moderate","public_date":"2013-04-16T00:00:00Z","advisories":["RHSA-2013:0757","RHSA-2013:0758"],"bugzilla":"953274","bugzilla_description":"CVE-2013-2439 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Install)","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6","java-1.6.0-sun-1:1.6.0.45-1jpp.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2439.json"},{"CVE":"CVE-2013-2440","severity":"critical","public_date":"2013-04-16T00:00:00Z","advisories":["RHSA-2013:0823","RHSA-2013:0757","RHSA-2013:0822","RHSA-2013:0758","RHSA-2013:1456","RHSA-2013:1455"],"bugzilla":"953275","bugzilla_description":"CVE-2013-2440 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6","java-1.6.0-sun-1:1.6.0.45-1jpp.1.el6","java-1.7.0-ibm-1:1.7.0.4.2-1jpp.1.el5_9","java-1.6.0-ibm-1:1.6.0.13.2-1jpp.1.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2440.json"},{"CVE":"CVE-2013-0402","severity":"critical","public_date":"2013-03-06T00:00:00Z","advisories":["RHSA-2013:0757"],"bugzilla":"920246","bugzilla_description":"CVE-2013-0402 Oracle JDK: unspecified JavaFX buffer overflow leading to JVM compromise (CanSecWest 2013, JavaFX)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0402.json"},{"CVE":"CVE-2013-1491","severity":"critical","public_date":"2013-03-06T00:00:00Z","advisories":["RHSA-2013:0823","RHSA-2013:0757","RHSA-2013:0822","RHSA-2013:0855","RHSA-2013:0758","RHSA-2013:1456","RHSA-2013:1455"],"bugzilla":"920248","bugzilla_description":"CVE-2013-1491 Oracle JDK: unspecified sanbox bypass (CanSecWest 2013, 2D)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6","java-1.5.0-ibm-1:1.5.0.16.2-1jpp.1.el5_9","java-1.6.0-sun-1:1.6.0.45-1jpp.1.el6","java-1.5.0-ibm-1:1.5.0.16.2-1jpp.1.el6_4","java-1.7.0-ibm-1:1.7.0.4.2-1jpp.1.el5_9","java-1.6.0-ibm-1:1.6.0.13.2-1jpp.1.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1491.json"},{"CVE":"CVE-2013-0809","severity":"critical","public_date":"2013-03-04T00:00:00Z","advisories":["RHSA-2013:0603","RHSA-2013:0625","RHSA-2013:0602","RHSA-2013:0624","RHSA-2013:0605","RHSA-2013:0604","RHSA-2013:0626","RHSA-2013:1456","RHSA-2013:0601","RHSA-2013:0600","RHSA-2013:1455"],"bugzilla":"917550","bugzilla_description":"CVE-2013-0809 OpenJDK: Specially crafted sample model integer overflow (2D, 8007014)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-190","affected_packages":["java-1.6.0-openjdk-1:1.6.0.0-1.36.1.11.9.el5_9","java-1.7.0-oracle-1:1.7.0.17-1jpp.1.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.57.1.11.9.el6_4","java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4","java-1.7.0-openjdk-1:1.7.0.9-2.3.8.0.el6_4","java-1.6.0-sun-1:1.6.0.43-1jpp.1.el6_4","java-1.6.0-ibm-1:1.6.0.13.0-1jpp.3.el6_4","java-1.5.0-ibm-1:1.5.0.16.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.9-2.3.8.0.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0809.json"},{"CVE":"CVE-2013-1493","severity":"critical","public_date":"2013-03-04T00:00:00Z","advisories":["RHSA-2013:0603","RHSA-2013:0625","RHSA-2013:0602","RHSA-2013:0624","RHSA-2013:0605","RHSA-2013:0604","RHSA-2013:0626","RHSA-2013:1456","RHSA-2013:0601","RHSA-2013:0600","RHSA-2013:1455"],"bugzilla":"917553","bugzilla_description":"CVE-2013-1493 OpenJDK: CMM malformed raster memory corruption (2D, 8007675)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-openjdk-1:1.6.0.0-1.36.1.11.9.el5_9","java-1.7.0-oracle-1:1.7.0.17-1jpp.1.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.57.1.11.9.el6_4","java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4","java-1.7.0-openjdk-1:1.7.0.9-2.3.8.0.el6_4","java-1.6.0-sun-1:1.6.0.43-1jpp.1.el6_4","java-1.6.0-ibm-1:1.6.0.13.0-1jpp.3.el6_4","java-1.5.0-ibm-1:1.5.0.16.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.9-2.3.8.0.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1493.json"},{"CVE":"CVE-2013-1486","severity":"critical","public_date":"2013-02-19T00:00:00Z","advisories":["RHSA-2013:0274","RHSA-2013:0273","RHSA-2013:0625","RHSA-2013:0624","RHSA-2013:0626","RHSA-2013:0532","RHSA-2013:1456","RHSA-2013:0275","RHSA-2013:1455","RHSA-2013:0531"],"bugzilla":"913014","bugzilla_description":"CVE-2013-1486 OpenJDK: MBeanServer insufficient privilege restrictions (JMX, 8006446)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.9-2.3.7.1.el6_3","java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4","java-1.6.0-sun-1:1.6.0.41-1jpp.1.el6_3","java-1.7.0-oracle-1:1.7.0.15-1jpp.1.el6_3","java-1.7.0-openjdk-1:1.7.0.9-2.3.7.1.el5_9","java-1.6.0-ibm-1:1.6.0.13.0-1jpp.3.el6_4","java-1.5.0-ibm-1:1.5.0.16.0-1jpp.1.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.35.1.11.8.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.56.1.11.8.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1486.json"},{"CVE":"CVE-2013-1484","severity":"critical","public_date":"2013-02-19T00:00:00Z","advisories":["RHSA-2013:0626","RHSA-2013:0532","RHSA-2013:0275"],"bugzilla":"913021","bugzilla_description":"CVE-2013-1484 OpenJDK: MethodHandleProxies insufficient privilege checks (Libraries, 8004937)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.9-2.3.7.1.el6_3","java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4","java-1.7.0-oracle-1:1.7.0.15-1jpp.1.el6_3","java-1.7.0-openjdk-1:1.7.0.9-2.3.7.1.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1484.json"},{"CVE":"CVE-2013-1485","severity":"moderate","public_date":"2013-02-19T00:00:00Z","advisories":["RHSA-2013:0626","RHSA-2013:0532","RHSA-2013:0275"],"bugzilla":"913025","bugzilla_description":"CVE-2013-1485 OpenJDK: MethodHandles insufficient privilege checks (Libraries, 8006439)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.9-2.3.7.1.el6_3","java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4","java-1.7.0-oracle-1:1.7.0.15-1jpp.1.el6_3","java-1.7.0-openjdk-1:1.7.0.9-2.3.7.1.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1485.json"},{"CVE":"CVE-2013-1487","severity":"critical","public_date":"2013-02-19T00:00:00Z","advisories":["RHSA-2013:0625","RHSA-2013:0626","RHSA-2013:0532","RHSA-2013:1456","RHSA-2013:1455","RHSA-2013:0531"],"bugzilla":"913030","bugzilla_description":"CVE-2013-1487 Oracle JDK: unspecified vulnerability fixed in 6u41 and 7u15 (Deployment)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4","java-1.6.0-sun-1:1.6.0.41-1jpp.1.el6_3","java-1.7.0-oracle-1:1.7.0.15-1jpp.1.el6_3","java-1.6.0-ibm-1:1.6.0.13.0-1jpp.3.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1487.json"},{"CVE":"CVE-2013-0169","severity":"moderate","public_date":"2013-02-04T00:00:00Z","advisories":["RHSA-2013:0274","RHSA-2013:0273","RHSA-2013:0636","RHSA-2013:0823","RHSA-2013:0833","RHSA-2013:0855","RHSA-2013:0822","RHSA-2013:0587","RHSA-2013:0532","RHSA-2013:1456","RHSA-2014:0416","RHSA-2013:0782","RHSA-2013:0275","RHSA-2013:1455","RHSA-2013:0531","RHSA-2013:0783","RHSA-2013:1013"],"bugzilla":"907589","bugzilla_description":"CVE-2013-0169 SSL/TLS: CBC padding timing attack (lucky-13)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["rhev-hypervisor6-0:6.4-20130306.2.el6_4","java-1.7.0-ibm-1:1.7.0.4.2-1jpp.1.el6_4","openssl-0:1.0.0-27.el6_4.2","openssl-0:0.9.8e-26.el5_9.1","java-1.6.0-openjdk-1:1.6.0.0-1.56.1.11.8.el6_3","spice-client-msi-0:3.3-12","java-1.5.0-ibm-1:1.5.0.16.2-1jpp.1.el5_9","java-1.7.0-openjdk-1:1.7.0.9-2.3.7.1.el6_3","java-1.6.0-ibm-1:1.6.0.13.2-1jpp.1.el6_4","java-1.5.0-ibm-1:1.5.0.16.2-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.9-2.3.7.1.el5_9","java-1.6.0-sun-1:1.6.0.41-1jpp.1.el5_9","java-1.7.0-oracle-1:1.7.0.15-1jpp.1.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.35.1.11.8.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0169.json"},{"CVE":"CVE-2013-0440","severity":"moderate","public_date":"2013-02-01T00:00:00Z","advisories":["RHSA-2013:0625","RHSA-2013:0624","RHSA-2013:0626","RHSA-2013:0247","RHSA-2013:0236","RHSA-2013:0246","RHSA-2013:1456","RHSA-2013:0237","RHSA-2013:1455","RHSA-2013:0245"],"bugzilla":"859140","bugzilla_description":"CVE-2013-0440 OpenJDK: CPU consumption DoS via repeated SSL ClientHello packets (JSSE, 7192393)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el6_3","java-1.7.0-oracle-1:1.7.0.13-1jpp.3.el6_3","java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.33.1.11.6.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.54.1.11.6.el6_3","java-1.6.0-ibm-1:1.6.0.13.0-1jpp.3.el6_4","java-1.6.0-sun-1:1.6.0.39-1jpp.1.el6_3","java-1.5.0-ibm-1:1.5.0.16.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0440.json"},{"CVE":"CVE-2013-1475","severity":"critical","public_date":"2013-02-01T00:00:00Z","advisories":["RHSA-2013:0247","RHSA-2012:1485","RHSA-2013:0236","RHSA-2013:0246","RHSA-2012:1465","RHSA-2013:0237","RHSA-2012:1467","RHSA-2012:1466","RHSA-2013:0245"],"bugzilla":"860652","bugzilla_description":"CVE-2013-1475 OpenJDK: IIOP type reuse sandbox bypass (CORBA, 8000540, SE-2012-01 Issue 50)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el6_3","java-1.7.0-oracle-1:1.7.0.13-1jpp.3.el6_3","java-1.7.0-ibm-1:1.7.0.3.0-1jpp.2.el6_3","java-1.6.0-openjdk-1:1.6.0.0-1.33.1.11.6.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.54.1.11.6.el6_3","java-1.4.2-ibm-0:1.4.2.13.14-1jpp.1.el5_8","java-1.6.0-sun-1:1.6.0.39-1jpp.1.el6_3","java-1.5.0-ibm-1:1.5.0.15.0-1jpp.1.el6_3","java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el5_9","java-1.6.0-ibm-1:1.6.0.12.0-1jpp.1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1475.json"},{"CVE":"CVE-2013-0424","severity":"moderate","public_date":"2013-02-01T00:00:00Z","advisories":["RHSA-2013:0625","RHSA-2013:0624","RHSA-2013:0626","RHSA-2013:0247","RHSA-2013:0236","RHSA-2013:0246","RHSA-2013:1456","RHSA-2013:0237","RHSA-2013:1455","RHSA-2013:0245"],"bugzilla":"906813","bugzilla_description":"CVE-2013-0424 OpenJDK: RMI CGIHandler XSS issue (RMI, 6563318)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-79","affected_packages":["java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el6_3","java-1.7.0-oracle-1:1.7.0.13-1jpp.3.el6_3","java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.33.1.11.6.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.54.1.11.6.el6_3","java-1.6.0-ibm-1:1.6.0.13.0-1jpp.3.el6_4","java-1.6.0-sun-1:1.6.0.39-1jpp.1.el6_3","java-1.5.0-ibm-1:1.5.0.16.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0424.json"},{"CVE":"CVE-2013-0435","severity":"moderate","public_date":"2013-02-01T00:00:00Z","advisories":["RHSA-2013:0625","RHSA-2013:0626","RHSA-2013:0247","RHSA-2013:0236","RHSA-2013:0246","RHSA-2013:1456","RHSA-2013:0237","RHSA-2013:1455","RHSA-2013:0245"],"bugzilla":"906892","bugzilla_description":"CVE-2013-0435 OpenJDK: com.sun.xml.internal.* not restricted packages (JAX-WS, 7201068)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el6_3","java-1.7.0-oracle-1:1.7.0.13-1jpp.3.el6_3","java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.33.1.11.6.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.54.1.11.6.el6_3","java-1.6.0-ibm-1:1.6.0.13.0-1jpp.3.el6_4","java-1.6.0-sun-1:1.6.0.39-1jpp.1.el6_3","java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0435.json"},{"CVE":"CVE-2013-1478","severity":"critical","public_date":"2013-02-01T00:00:00Z","advisories":["RHSA-2013:0625","RHSA-2013:0624","RHSA-2013:0626","RHSA-2013:0247","RHSA-2013:0236","RHSA-2013:0246","RHSA-2013:1456","RHSA-2013:0237","RHSA-2013:1455","RHSA-2013:0245"],"bugzilla":"906894","bugzilla_description":"CVE-2013-1478 OpenJDK: image parser insufficient raster parameter checks (2D, 8001972)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el6_3","java-1.7.0-oracle-1:1.7.0.13-1jpp.3.el6_3","java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.33.1.11.6.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.54.1.11.6.el6_3","java-1.6.0-ibm-1:1.6.0.13.0-1jpp.3.el6_4","java-1.6.0-sun-1:1.6.0.39-1jpp.1.el6_3","java-1.5.0-ibm-1:1.5.0.16.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1478.json"},{"CVE":"CVE-2013-0442","severity":"critical","public_date":"2013-02-01T00:00:00Z","advisories":["RHSA-2013:0625","RHSA-2013:0624","RHSA-2013:0626","RHSA-2013:0247","RHSA-2013:0236","RHSA-2013:0246","RHSA-2013:1456","RHSA-2013:0237","RHSA-2013:1455","RHSA-2013:0245"],"bugzilla":"906899","bugzilla_description":"CVE-2013-0442 OpenJDK: insufficient privilege checking issue (AWT, 7192977)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el6_3","java-1.7.0-oracle-1:1.7.0.13-1jpp.3.el6_3","java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.33.1.11.6.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.54.1.11.6.el6_3","java-1.6.0-ibm-1:1.6.0.13.0-1jpp.3.el6_4","java-1.6.0-sun-1:1.6.0.39-1jpp.1.el6_3","java-1.5.0-ibm-1:1.5.0.16.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0442.json"},{"CVE":"CVE-2013-0445","severity":"critical","public_date":"2013-02-01T00:00:00Z","advisories":["RHSA-2013:0625","RHSA-2013:0624","RHSA-2013:0626","RHSA-2013:0247","RHSA-2013:0236","RHSA-2013:0246","RHSA-2013:1456","RHSA-2013:0237","RHSA-2013:1455","RHSA-2013:0245"],"bugzilla":"906900","bugzilla_description":"CVE-2013-0445 OpenJDK: insufficient privilege checking issue (AWT, 8001057)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el6_3","java-1.7.0-oracle-1:1.7.0.13-1jpp.3.el6_3","java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.33.1.11.6.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.54.1.11.6.el6_3","java-1.6.0-ibm-1:1.6.0.13.0-1jpp.3.el6_4","java-1.6.0-sun-1:1.6.0.39-1jpp.1.el6_3","java-1.5.0-ibm-1:1.5.0.16.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0445.json"},{"CVE":"CVE-2013-1480","severity":"critical","public_date":"2013-02-01T00:00:00Z","advisories":["RHSA-2013:0625","RHSA-2013:0624","RHSA-2013:0626","RHSA-2013:0247","RHSA-2013:0236","RHSA-2013:0246","RHSA-2013:1456","RHSA-2013:0237","RHSA-2013:1455","RHSA-2013:0245"],"bugzilla":"906904","bugzilla_description":"CVE-2013-1480 OpenJDK: image parser insufficient raster parameter checks (AWT, 8002325)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el6_3","java-1.7.0-oracle-1:1.7.0.13-1jpp.3.el6_3","java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.33.1.11.6.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.54.1.11.6.el6_3","java-1.6.0-ibm-1:1.6.0.13.0-1jpp.3.el6_4","java-1.6.0-sun-1:1.6.0.39-1jpp.1.el6_3","java-1.5.0-ibm-1:1.5.0.16.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1480.json"},{"CVE":"CVE-2013-0450","severity":"critical","public_date":"2013-02-01T00:00:00Z","advisories":["RHSA-2013:0625","RHSA-2013:0624","RHSA-2013:0626","RHSA-2013:0247","RHSA-2013:0236","RHSA-2013:0246","RHSA-2013:1456","RHSA-2013:0237","RHSA-2013:1455","RHSA-2013:0245"],"bugzilla":"906911","bugzilla_description":"CVE-2013-0450 OpenJDK: RequiredModelMBean missing access control context checks (JMX, 8000537)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el6_3","java-1.7.0-oracle-1:1.7.0.13-1jpp.3.el6_3","java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.33.1.11.6.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.54.1.11.6.el6_3","java-1.6.0-ibm-1:1.6.0.13.0-1jpp.3.el6_4","java-1.6.0-sun-1:1.6.0.39-1jpp.1.el6_3","java-1.5.0-ibm-1:1.5.0.16.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0450.json"},{"CVE":"CVE-2012-1541","severity":"critical","public_date":"2013-02-01T00:00:00Z","advisories":["RHSA-2013:0625","RHSA-2013:0626","RHSA-2013:0236","RHSA-2013:1456","RHSA-2013:0237","RHSA-2013:1455"],"bugzilla":"906914","bugzilla_description":"CVE-2012-1541 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.13-1jpp.3.el6_3","java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4","java-1.6.0-ibm-1:1.6.0.13.0-1jpp.3.el6_4","java-1.6.0-sun-1:1.6.0.39-1jpp.1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1541.json"},{"CVE":"CVE-2013-0446","severity":"critical","public_date":"2013-02-01T00:00:00Z","advisories":["RHSA-2013:0625","RHSA-2013:0626","RHSA-2013:0236","RHSA-2013:1456","RHSA-2013:0237","RHSA-2013:1455"],"bugzilla":"906916","bugzilla_description":"CVE-2013-0446 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.13-1jpp.3.el6_3","java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4","java-1.6.0-ibm-1:1.6.0.13.0-1jpp.3.el6_4","java-1.6.0-sun-1:1.6.0.39-1jpp.1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0446.json"},{"CVE":"CVE-2012-3342","severity":"critical","public_date":"2013-02-01T00:00:00Z","advisories":["RHSA-2013:0625","RHSA-2013:0626","RHSA-2013:0236","RHSA-2013:1456","RHSA-2013:0237","RHSA-2013:1455"],"bugzilla":"906917","bugzilla_description":"CVE-2012-3342 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.13-1jpp.3.el6_3","java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4","java-1.6.0-ibm-1:1.6.0.13.0-1jpp.3.el6_4","java-1.6.0-sun-1:1.6.0.39-1jpp.1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3342.json"},{"CVE":"CVE-2013-0419","severity":"moderate","public_date":"2013-02-01T00:00:00Z","advisories":["RHSA-2013:0625","RHSA-2013:0626","RHSA-2013:0236","RHSA-2013:1456","RHSA-2013:0237","RHSA-2013:1455"],"bugzilla":"906918","bugzilla_description":"CVE-2013-0419 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.13-1jpp.3.el6_3","java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4","java-1.6.0-ibm-1:1.6.0.13.0-1jpp.3.el6_4","java-1.6.0-sun-1:1.6.0.39-1jpp.1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0419.json"},{"CVE":"CVE-2013-0423","severity":"moderate","public_date":"2013-02-01T00:00:00Z","advisories":["RHSA-2013:0625","RHSA-2013:0626","RHSA-2013:0236","RHSA-2013:1456","RHSA-2013:0237","RHSA-2013:1455"],"bugzilla":"906921","bugzilla_description":"CVE-2013-0423 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.13-1jpp.3.el6_3","java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4","java-1.6.0-ibm-1:1.6.0.13.0-1jpp.3.el6_4","java-1.6.0-sun-1:1.6.0.39-1jpp.1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0423.json"},{"CVE":"CVE-2013-0351","severity":"important","public_date":"2013-02-01T00:00:00Z","advisories":["RHSA-2013:0625","RHSA-2013:0626","RHSA-2013:0236","RHSA-2013:1456","RHSA-2013:0237","RHSA-2013:1455"],"bugzilla":"906923","bugzilla_description":"CVE-2013-0351 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.13-1jpp.3.el6_3","java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4","java-1.6.0-ibm-1:1.6.0.13.0-1jpp.3.el6_4","java-1.6.0-sun-1:1.6.0.39-1jpp.1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0351.json"},{"CVE":"CVE-2013-0430","severity":"low","public_date":"2013-02-01T00:00:00Z","advisories":["RHSA-2013:0236","RHSA-2013:0237"],"bugzilla":"906930","bugzilla_description":"CVE-2013-0430 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Install)","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.13-1jpp.3.el6_3","java-1.6.0-sun-1:1.6.0.39-1jpp.1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0430.json"},{"CVE":"CVE-2013-0449","severity":"moderate","public_date":"2013-02-01T00:00:00Z","advisories":["RHSA-2013:0626","RHSA-2013:0237"],"bugzilla":"906932","bugzilla_description":"CVE-2013-0449 Oracle JDK: unspecified vulnerability fixed in 7u13 (Deployment)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.13-1jpp.3.el6_3","java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0449.json"},{"CVE":"CVE-2013-1473","severity":"moderate","public_date":"2013-02-01T00:00:00Z","advisories":["RHSA-2013:0625","RHSA-2013:0626","RHSA-2013:0236","RHSA-2013:1456","RHSA-2013:0237","RHSA-2013:1455"],"bugzilla":"906933","bugzilla_description":"CVE-2013-1473 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.13-1jpp.3.el6_3","java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4","java-1.6.0-ibm-1:1.6.0.13.0-1jpp.3.el6_4","java-1.6.0-sun-1:1.6.0.39-1jpp.1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1473.json"},{"CVE":"CVE-2013-0448","severity":"moderate","public_date":"2013-02-01T00:00:00Z","advisories":["RHSA-2013:0237"],"bugzilla":"906934","bugzilla_description":"CVE-2013-0448 Oracle JDK: unspecified vulnerability fixed in 7u13 (Libraries)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.13-1jpp.3.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0448.json"},{"CVE":"CVE-2013-0438","severity":"moderate","public_date":"2013-02-01T00:00:00Z","advisories":["RHSA-2013:0625","RHSA-2013:0626","RHSA-2013:0236","RHSA-2013:1456","RHSA-2013:0237","RHSA-2013:1455"],"bugzilla":"906935","bugzilla_description":"CVE-2013-0438 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.13-1jpp.3.el6_3","java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4","java-1.6.0-ibm-1:1.6.0.13.0-1jpp.3.el6_4","java-1.6.0-sun-1:1.6.0.39-1jpp.1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0438.json"},{"CVE":"CVE-2013-1479","severity":"critical","public_date":"2013-02-01T00:00:00Z","advisories":["RHSA-2013:0237"],"bugzilla":"907190","bugzilla_description":"CVE-2013-1479 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (JavaFX)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.13-1jpp.3.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1479.json"},{"CVE":"CVE-2013-0428","severity":"critical","public_date":"2013-02-01T00:00:00Z","advisories":["RHSA-2013:0625","RHSA-2013:0624","RHSA-2013:0626","RHSA-2013:0247","RHSA-2013:0236","RHSA-2013:0246","RHSA-2013:1456","RHSA-2013:0237","RHSA-2013:1455","RHSA-2013:0245"],"bugzilla":"907207","bugzilla_description":"CVE-2013-0428 OpenJDK: reflection API incorrect checks for proxy classes (Libraries, 7197546, SE-2012-01 Issue 29)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el6_3","java-1.7.0-oracle-1:1.7.0.13-1jpp.3.el6_3","java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.33.1.11.6.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.54.1.11.6.el6_3","java-1.6.0-ibm-1:1.6.0.13.0-1jpp.3.el6_4","java-1.6.0-sun-1:1.6.0.39-1jpp.1.el6_3","java-1.5.0-ibm-1:1.5.0.16.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0428.json"},{"CVE":"CVE-2013-0444","severity":"critical","public_date":"2013-02-01T00:00:00Z","advisories":["RHSA-2013:0626","RHSA-2013:0247","RHSA-2013:0237"],"bugzilla":"907218","bugzilla_description":"CVE-2013-0444 OpenJDK: MethodFinder insufficient checks for cached results (Beans, 7200493)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el6_3","java-1.7.0-oracle-1:1.7.0.13-1jpp.3.el6_3","java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4","java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0444.json"},{"CVE":"CVE-2013-0432","severity":"moderate","public_date":"2013-02-01T00:00:00Z","advisories":["RHSA-2013:0625","RHSA-2013:0624","RHSA-2013:0626","RHSA-2013:0247","RHSA-2013:0236","RHSA-2013:0246","RHSA-2013:1456","RHSA-2013:0237","RHSA-2013:1455","RHSA-2013:0245"],"bugzilla":"907219","bugzilla_description":"CVE-2013-0432 OpenJDK: insufficient clipboard access premission checks (AWT, 7186952)","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el6_3","java-1.7.0-oracle-1:1.7.0.13-1jpp.3.el6_3","java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.33.1.11.6.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.54.1.11.6.el6_3","java-1.6.0-ibm-1:1.6.0.13.0-1jpp.3.el6_4","java-1.6.0-sun-1:1.6.0.39-1jpp.1.el6_3","java-1.5.0-ibm-1:1.5.0.16.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0432.json"},{"CVE":"CVE-2013-0437","severity":"critical","public_date":"2013-02-01T00:00:00Z","advisories":["RHSA-2013:0626","RHSA-2013:0237"],"bugzilla":"907222","bugzilla_description":"CVE-2013-0437 Oracle JDK: unspecified vulnerability fixed in 7u13 (2D)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.13-1jpp.3.el6_3","java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0437.json"},{"CVE":"CVE-2012-3213","severity":"critical","public_date":"2013-02-01T00:00:00Z","advisories":["RHSA-2013:0625","RHSA-2013:0626","RHSA-2013:0236","RHSA-2013:1456","RHSA-2013:0237","RHSA-2013:1455"],"bugzilla":"907223","bugzilla_description":"CVE-2012-3213 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Scripting)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.13-1jpp.3.el6_3","java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4","java-1.6.0-ibm-1:1.6.0.13.0-1jpp.3.el6_4","java-1.6.0-sun-1:1.6.0.39-1jpp.1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3213.json"},{"CVE":"CVE-2013-1481","severity":"critical","public_date":"2013-02-01T00:00:00Z","advisories":["RHSA-2013:0625","RHSA-2013:0624","RHSA-2013:0236","RHSA-2013:1456","RHSA-2013:1455"],"bugzilla":"907224","bugzilla_description":"CVE-2013-1481 Oracle JDK: unspecified vulnerability fixed in 6u39 (Sound)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-ibm-1:1.6.0.13.0-1jpp.3.el6_4","java-1.6.0-sun-1:1.6.0.39-1jpp.1.el6_3","java-1.5.0-ibm-1:1.5.0.16.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1481.json"},{"CVE":"CVE-2013-0409","severity":"moderate","public_date":"2013-02-01T00:00:00Z","advisories":["RHSA-2013:0625","RHSA-2013:0624","RHSA-2013:0626","RHSA-2013:0236","RHSA-2013:1456","RHSA-2013:0237","RHSA-2013:1455"],"bugzilla":"907226","bugzilla_description":"CVE-2013-0409 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (JMX)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.13-1jpp.3.el6_3","java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4","java-1.6.0-ibm-1:1.6.0.13.0-1jpp.3.el6_4","java-1.6.0-sun-1:1.6.0.39-1jpp.1.el6_3","java-1.5.0-ibm-1:1.5.0.16.0-1jpp.1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0409.json"},{"CVE":"CVE-2013-0443","severity":"moderate","public_date":"2013-02-01T00:00:00Z","advisories":["RHSA-2013:0625","RHSA-2013:0624","RHSA-2013:0626","RHSA-2013:0247","RHSA-2013:0236","RHSA-2013:0246","RHSA-2013:1456","RHSA-2013:0237","RHSA-2013:1455","RHSA-2013:0245"],"bugzilla":"907340","bugzilla_description":"CVE-2013-0443 OpenJDK: insufficient Diffie-Hellman public key checks (JSSE, 7192392)","cvss_score":4.0,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el6_3","java-1.7.0-oracle-1:1.7.0.13-1jpp.3.el6_3","java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.33.1.11.6.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.54.1.11.6.el6_3","java-1.6.0-ibm-1:1.6.0.13.0-1jpp.3.el6_4","java-1.6.0-sun-1:1.6.0.39-1jpp.1.el6_3","java-1.5.0-ibm-1:1.5.0.16.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0443.json"},{"CVE":"CVE-2013-0425","severity":"critical","public_date":"2013-02-01T00:00:00Z","advisories":["RHSA-2013:0625","RHSA-2013:0624","RHSA-2013:0626","RHSA-2013:0247","RHSA-2013:0236","RHSA-2013:0246","RHSA-2013:1456","RHSA-2013:0237","RHSA-2013:1455","RHSA-2013:0245"],"bugzilla":"907344","bugzilla_description":"CVE-2013-0425 OpenJDK: logging insufficient access control checks (Libraries, 6664509)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el6_3","java-1.7.0-oracle-1:1.7.0.13-1jpp.3.el6_3","java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.33.1.11.6.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.54.1.11.6.el6_3","java-1.6.0-ibm-1:1.6.0.13.0-1jpp.3.el6_4","java-1.6.0-sun-1:1.6.0.39-1jpp.1.el6_3","java-1.5.0-ibm-1:1.5.0.16.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0425.json"},{"CVE":"CVE-2013-0426","severity":"critical","public_date":"2013-02-01T00:00:00Z","advisories":["RHSA-2013:0625","RHSA-2013:0624","RHSA-2013:0626","RHSA-2013:0247","RHSA-2013:0236","RHSA-2013:0246","RHSA-2013:1456","RHSA-2013:0237","RHSA-2013:1455","RHSA-2013:0245"],"bugzilla":"907346","bugzilla_description":"CVE-2013-0426 OpenJDK: logging insufficient access control checks (Libraries, 6664528)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el6_3","java-1.7.0-oracle-1:1.7.0.13-1jpp.3.el6_3","java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.33.1.11.6.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.54.1.11.6.el6_3","java-1.6.0-ibm-1:1.6.0.13.0-1jpp.3.el6_4","java-1.6.0-sun-1:1.6.0.39-1jpp.1.el6_3","java-1.5.0-ibm-1:1.5.0.16.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0426.json"},{"CVE":"CVE-2013-0434","severity":"moderate","public_date":"2013-02-01T00:00:00Z","advisories":["RHSA-2013:0625","RHSA-2013:0624","RHSA-2013:0626","RHSA-2013:0247","RHSA-2013:0236","RHSA-2013:0246","RHSA-2013:1456","RHSA-2013:0237","RHSA-2013:1455","RHSA-2013:0245"],"bugzilla":"907453","bugzilla_description":"CVE-2013-0434 OpenJDK: loadPropertyFile missing restrictions (JAXP, 8001235)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el6_3","java-1.7.0-oracle-1:1.7.0.13-1jpp.3.el6_3","java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.33.1.11.6.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.54.1.11.6.el6_3","java-1.6.0-ibm-1:1.6.0.13.0-1jpp.3.el6_4","java-1.6.0-sun-1:1.6.0.39-1jpp.1.el6_3","java-1.5.0-ibm-1:1.5.0.16.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0434.json"},{"CVE":"CVE-2013-0427","severity":"moderate","public_date":"2013-02-01T00:00:00Z","advisories":["RHSA-2013:0625","RHSA-2013:0624","RHSA-2013:0626","RHSA-2013:0247","RHSA-2013:0236","RHSA-2013:0246","RHSA-2013:1456","RHSA-2013:0237","RHSA-2013:1455","RHSA-2013:0245"],"bugzilla":"907455","bugzilla_description":"CVE-2013-0427 OpenJDK: invalid threads subject to interrupts (Libraries, 6776941)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el6_3","java-1.7.0-oracle-1:1.7.0.13-1jpp.3.el6_3","java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.33.1.11.6.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.54.1.11.6.el6_3","java-1.6.0-ibm-1:1.6.0.13.0-1jpp.3.el6_4","java-1.6.0-sun-1:1.6.0.39-1jpp.1.el6_3","java-1.5.0-ibm-1:1.5.0.16.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0427.json"},{"CVE":"CVE-2013-0433","severity":"moderate","public_date":"2013-02-01T00:00:00Z","advisories":["RHSA-2013:0625","RHSA-2013:0624","RHSA-2013:0626","RHSA-2013:0247","RHSA-2013:0236","RHSA-2013:0246","RHSA-2013:1456","RHSA-2013:0237","RHSA-2013:1455","RHSA-2013:0245"],"bugzilla":"907456","bugzilla_description":"CVE-2013-0433 OpenJDK: InetSocketAddress serialization issue (Networking, 7201071)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el6_3","java-1.7.0-oracle-1:1.7.0.13-1jpp.3.el6_3","java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.33.1.11.6.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.54.1.11.6.el6_3","java-1.6.0-ibm-1:1.6.0.13.0-1jpp.3.el6_4","java-1.6.0-sun-1:1.6.0.39-1jpp.1.el6_3","java-1.5.0-ibm-1:1.5.0.16.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0433.json"},{"CVE":"CVE-2013-1476","severity":"critical","public_date":"2013-02-01T00:00:00Z","advisories":["RHSA-2013:0625","RHSA-2013:0624","RHSA-2013:0626","RHSA-2013:0247","RHSA-2013:0236","RHSA-2013:0246","RHSA-2013:1456","RHSA-2013:0237","RHSA-2013:1455","RHSA-2013:0245"],"bugzilla":"907457","bugzilla_description":"CVE-2013-1476 OpenJDK: missing ValueHandlerImpl class constructor access restriction (CORBA, 8000631)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el6_3","java-1.7.0-oracle-1:1.7.0.13-1jpp.3.el6_3","java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.33.1.11.6.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.54.1.11.6.el6_3","java-1.6.0-ibm-1:1.6.0.13.0-1jpp.3.el6_4","java-1.6.0-sun-1:1.6.0.39-1jpp.1.el6_3","java-1.5.0-ibm-1:1.5.0.16.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1476.json"},{"CVE":"CVE-2013-0441","severity":"critical","public_date":"2013-02-01T00:00:00Z","advisories":["RHSA-2013:0625","RHSA-2013:0626","RHSA-2013:0247","RHSA-2013:0236","RHSA-2013:0246","RHSA-2013:1456","RHSA-2013:0237","RHSA-2013:1455","RHSA-2013:0245"],"bugzilla":"907458","bugzilla_description":"CVE-2013-0441 OpenJDK: missing serialization restriction (CORBA, 7201066)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el6_3","java-1.7.0-oracle-1:1.7.0.13-1jpp.3.el6_3","java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.33.1.11.6.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.54.1.11.6.el6_3","java-1.6.0-ibm-1:1.6.0.13.0-1jpp.3.el6_4","java-1.6.0-sun-1:1.6.0.39-1jpp.1.el6_3","java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0441.json"},{"CVE":"CVE-2013-0429","severity":"important","public_date":"2013-02-01T00:00:00Z","advisories":["RHSA-2013:0247","RHSA-2013:0236","RHSA-2013:0246","RHSA-2013:0237","RHSA-2013:0245"],"bugzilla":"907460","bugzilla_description":"CVE-2013-0429 OpenJDK: PresentationManager incorrectly shared (CORBA, 7141694)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el6_3","java-1.7.0-oracle-1:1.7.0.13-1jpp.3.el6_3","java-1.6.0-openjdk-1:1.6.0.0-1.33.1.11.6.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.54.1.11.6.el6_3","java-1.6.0-sun-1:1.6.0.39-1jpp.1.el6_3","java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0429.json"},{"CVE":"CVE-2013-0431","severity":"moderate","public_date":"2013-01-27T00:00:00Z","advisories":["RHSA-2013:0626","RHSA-2013:0247","RHSA-2013:0237"],"bugzilla":"906447","bugzilla_description":"CVE-2013-0431 OpenJDK: JMX Introspector missing package access check (JMX, 8000539, SE-2012-01 Issue 52)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el6_3","java-1.7.0-oracle-1:1.7.0.13-1jpp.3.el6_3","java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4","java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0431.json"},{"CVE":"CVE-2013-1489","severity":"low","public_date":"2013-01-27T00:00:00Z","advisories":["RHSA-2013:0237"],"bugzilla":"906449","bugzilla_description":"CVE-2013-1489 Oracle JDK 7: bypass of the security level setting in browser plugin (Deployment, SE-2012-01 Issue 53)","cvss_score":null,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:N","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.13-1jpp.3.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1489.json"},{"CVE":"CVE-2013-1490","severity":null,"public_date":"2013-01-27T00:00:00Z","advisories":[],"bugzilla":"906450","bugzilla_description":"CVE-2013-1490 JDK: complete Java security sandbox bypass (Issue 51)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1490.json"},{"CVE":"CVE-2012-3174","severity":"critical","public_date":"2013-01-13T00:00:00Z","advisories":["RHSA-2013:0626","RHSA-2013:0165","RHSA-2013:0156"],"bugzilla":"894934","bugzilla_description":"CVE-2012-3174 OpenJDK: MethodHandles incorrect permission checks (Libraries, 8004933)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.11-1jpp.3.el6_3","java-1.7.0-openjdk-1:1.7.0.9-2.3.4.el5_9.1","java-1.7.0-openjdk-1:1.7.0.9-2.3.4.1.el6_3","java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3174.json"},{"CVE":"CVE-2013-0422","severity":"critical","public_date":"2013-01-10T00:00:00Z","advisories":["RHSA-2013:0626","RHSA-2013:0165","RHSA-2013:0156"],"bugzilla":"894172","bugzilla_description":"CVE-2013-0422 OpenJDK: MethodHandles.Lookup incorrect permission checks, Java 7 0day (Libraries, 8006017)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.11-1jpp.3.el6_3","java-1.7.0-openjdk-1:1.7.0.9-2.3.4.el5_9.1","java-1.7.0-openjdk-1:1.7.0.9-2.3.4.1.el6_3","java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0422.json"},{"CVE":"CVE-2012-3216","severity":"low","public_date":"2012-10-16T00:00:00Z","advisories":["RHSA-2012:1391","RHSA-2012:1392","RHSA-2012:1384","RHSA-2012:1386","RHSA-2012:1485","RHSA-2012:1385","RHSA-2013:1456","RHSA-2012:1465","RHSA-2012:1467","RHSA-2013:1455","RHSA-2012:1466"],"bugzilla":"865346","bugzilla_description":"CVE-2012-3216 OpenJDK: java.io.FilePermission information leak (Libraries, 6631398)","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.3.0-1jpp.2.el6_3","java-1.7.0-openjdk-1:1.7.0.9-2.3.3.el6_3.1","java-1.6.0-openjdk-1:1.6.0.0-1.28.1.10.10.el5_8","java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3","java-1.6.0-sun-1:1.6.0.37-1jpp.1.el6_3","java-1.4.2-ibm-0:1.4.2.13.14-1jpp.1.el5_8","java-1.5.0-ibm-1:1.5.0.15.0-1jpp.1.el6_3","java-1.6.0-ibm-1:1.6.0.12.0-1jpp.1.el6_3","java-1.6.0-openjdk-1:1.6.0.0-1.50.1.11.5.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3216.json"},{"CVE":"CVE-2012-5068","severity":"important","public_date":"2012-10-16T00:00:00Z","advisories":["RHSA-2012:1391","RHSA-2012:1392","RHSA-2012:1384","RHSA-2012:1386","RHSA-2012:1385","RHSA-2013:1456","RHSA-2013:1455","RHSA-2012:1466"],"bugzilla":"865348","bugzilla_description":"CVE-2012-5068 OpenJDK: RhinoScriptEngine security bypass (Scripting, 7143535)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.9-2.3.3.el6_3.1","java-1.6.0-openjdk-1:1.6.0.0-1.28.1.10.10.el5_8","java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3","java-1.6.0-sun-1:1.6.0.37-1jpp.1.el6_3","java-1.6.0-ibm-1:1.6.0.12.0-1jpp.1.el6_3","java-1.6.0-openjdk-1:1.6.0.0-1.50.1.11.5.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5068.json"},{"CVE":"CVE-2012-5070","severity":"moderate","public_date":"2012-10-16T00:00:00Z","advisories":["RHSA-2012:1391","RHSA-2012:1386","RHSA-2012:1467"],"bugzilla":"865350","bugzilla_description":"CVE-2012-5070 OpenJDK: EnvHelp information disclosure (JMX, 7158796)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.3.0-1jpp.2.el6_3","java-1.7.0-openjdk-1:1.7.0.9-2.3.3.el6_3.1","java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5070.json"},{"CVE":"CVE-2012-5076","severity":"critical","public_date":"2012-10-16T00:00:00Z","advisories":["RHSA-2012:1391","RHSA-2012:1386","RHSA-2012:1467"],"bugzilla":"865352","bugzilla_description":"CVE-2012-5076 OpenJDK: com.sun.org.glassfish.* not restricted packages (JAX-WS, 7163198)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.3.0-1jpp.2.el6_3","java-1.7.0-openjdk-1:1.7.0.9-2.3.3.el6_3.1","java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5076.json"},{"CVE":"CVE-2012-5077","severity":"low","public_date":"2012-10-16T00:00:00Z","advisories":["RHSA-2012:1391","RHSA-2012:1392","RHSA-2012:1384","RHSA-2012:1386","RHSA-2012:1385","RHSA-2012:1467"],"bugzilla":"865354","bugzilla_description":"CVE-2012-5077 OpenJDK: SecureRandom mulitple seeders information disclosure (Security, 7167656)","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.3.0-1jpp.2.el6_3","java-1.7.0-openjdk-1:1.7.0.9-2.3.3.el6_3.1","java-1.6.0-openjdk-1:1.6.0.0-1.28.1.10.10.el5_8","java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3","java-1.6.0-sun-1:1.6.0.37-1jpp.1.el6_3","java-1.6.0-openjdk-1:1.6.0.0-1.50.1.11.5.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5077.json"},{"CVE":"CVE-2012-5073","severity":"moderate","public_date":"2012-10-16T00:00:00Z","advisories":["RHSA-2012:1391","RHSA-2012:1392","RHSA-2012:1384","RHSA-2012:1386","RHSA-2012:1485","RHSA-2012:1385","RHSA-2013:1456","RHSA-2012:1465","RHSA-2012:1467","RHSA-2013:1455","RHSA-2012:1466"],"bugzilla":"865357","bugzilla_description":"CVE-2012-5073 OpenJDK: LogManager security bypass (Libraries, 7169884)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.3.0-1jpp.2.el6_3","java-1.7.0-openjdk-1:1.7.0.9-2.3.3.el6_3.1","java-1.6.0-openjdk-1:1.6.0.0-1.28.1.10.10.el5_8","java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3","java-1.6.0-sun-1:1.6.0.37-1jpp.1.el6_3","java-1.4.2-ibm-0:1.4.2.13.14-1jpp.1.el5_8","java-1.5.0-ibm-1:1.5.0.15.0-1jpp.1.el6_3","java-1.6.0-ibm-1:1.6.0.12.0-1jpp.1.el6_3","java-1.6.0-openjdk-1:1.6.0.0-1.50.1.11.5.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5073.json"},{"CVE":"CVE-2012-5074","severity":"important","public_date":"2012-10-16T00:00:00Z","advisories":["RHSA-2012:1391","RHSA-2012:1386","RHSA-2012:1467"],"bugzilla":"865359","bugzilla_description":"CVE-2012-5074 OpenJDK: com.sun.org.glassfish.* not restricted packages (JAX-WS, 7169887)","cvss_score":6.4,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.3.0-1jpp.2.el6_3","java-1.7.0-openjdk-1:1.7.0.9-2.3.3.el6_3.1","java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5074.json"},{"CVE":"CVE-2012-5075","severity":"moderate","public_date":"2012-10-16T00:00:00Z","advisories":["RHSA-2012:1391","RHSA-2012:1392","RHSA-2012:1384","RHSA-2012:1386","RHSA-2012:1385","RHSA-2013:1456","RHSA-2012:1465","RHSA-2012:1467","RHSA-2013:1455","RHSA-2012:1466"],"bugzilla":"865363","bugzilla_description":"CVE-2012-5075 OpenJDK: RMIConnectionImpl information disclosure (JMX, 7169888)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.3.0-1jpp.2.el6_3","java-1.7.0-openjdk-1:1.7.0.9-2.3.3.el6_3.1","java-1.6.0-openjdk-1:1.6.0.0-1.28.1.10.10.el5_8","java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3","java-1.6.0-sun-1:1.6.0.37-1jpp.1.el6_3","java-1.5.0-ibm-1:1.5.0.15.0-1jpp.1.el6_3","java-1.6.0-ibm-1:1.6.0.12.0-1jpp.1.el6_3","java-1.6.0-openjdk-1:1.6.0.0-1.50.1.11.5.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5075.json"},{"CVE":"CVE-2012-5072","severity":"moderate","public_date":"2012-10-16T00:00:00Z","advisories":["RHSA-2012:1391","RHSA-2012:1392","RHSA-2012:1384","RHSA-2012:1386","RHSA-2012:1385","RHSA-2013:1456","RHSA-2012:1467","RHSA-2013:1455","RHSA-2012:1466"],"bugzilla":"865365","bugzilla_description":"CVE-2012-5072 OpenJDK: AccessController.doPrivilegedWithCombiner() information disclosure (Security, 7172522)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.3.0-1jpp.2.el6_3","java-1.7.0-openjdk-1:1.7.0.9-2.3.3.el6_3.1","java-1.6.0-openjdk-1:1.6.0.0-1.28.1.10.10.el5_8","java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3","java-1.6.0-sun-1:1.6.0.37-1jpp.1.el6_3","java-1.6.0-ibm-1:1.6.0.12.0-1jpp.1.el6_3","java-1.6.0-openjdk-1:1.6.0.0-1.50.1.11.5.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5072.json"},{"CVE":"CVE-2012-5081","severity":"moderate","public_date":"2012-10-16T00:00:00Z","advisories":["RHSA-2012:1391","RHSA-2012:1392","RHSA-2012:1384","RHSA-2012:1386","RHSA-2012:1485","RHSA-2012:1385","RHSA-2013:1456","RHSA-2012:1465","RHSA-2012:1467","RHSA-2013:1455","RHSA-2012:1466"],"bugzilla":"865370","bugzilla_description":"CVE-2012-5081 OpenJDK: JSSE denial of service (JSSE, 7186286)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.3.0-1jpp.2.el6_3","java-1.7.0-openjdk-1:1.7.0.9-2.3.3.el6_3.1","java-1.6.0-openjdk-1:1.6.0.0-1.28.1.10.10.el5_8","java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3","java-1.6.0-sun-1:1.6.0.37-1jpp.1.el6_3","java-1.4.2-ibm-0:1.4.2.13.14-1jpp.1.el5_8","java-1.5.0-ibm-1:1.5.0.15.0-1jpp.1.el6_3","java-1.6.0-ibm-1:1.6.0.12.0-1jpp.1.el6_3","java-1.6.0-openjdk-1:1.6.0.0-1.50.1.11.5.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5081.json"},{"CVE":"CVE-2012-5086","severity":"critical","public_date":"2012-10-16T00:00:00Z","advisories":["RHSA-2012:1391","RHSA-2012:1392","RHSA-2012:1384","RHSA-2012:1386","RHSA-2012:1385","RHSA-2012:1467"],"bugzilla":"865428","bugzilla_description":"CVE-2012-5086 OpenJDK: XMLDecoder sandbox restriction bypass (Beans, 7195917)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.3.0-1jpp.2.el6_3","java-1.7.0-openjdk-1:1.7.0.9-2.3.3.el6_3.1","java-1.6.0-openjdk-1:1.6.0.0-1.28.1.10.10.el5_8","java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3","java-1.6.0-sun-1:1.6.0.37-1jpp.1.el6_3","java-1.6.0-openjdk-1:1.6.0.0-1.50.1.11.5.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5086.json"},{"CVE":"CVE-2012-5087","severity":"critical","public_date":"2012-10-16T00:00:00Z","advisories":["RHSA-2012:1391","RHSA-2012:1386","RHSA-2012:1467"],"bugzilla":"865434","bugzilla_description":"CVE-2012-5087 OpenJDK: PropertyElementHandler insufficient access checks (Beans, 7195549)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.3.0-1jpp.2.el6_3","java-1.7.0-openjdk-1:1.7.0.9-2.3.3.el6_3.1","java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5087.json"},{"CVE":"CVE-2012-5088","severity":"critical","public_date":"2012-10-16T00:00:00Z","advisories":["RHSA-2012:1391","RHSA-2012:1386","RHSA-2012:1467"],"bugzilla":"865471","bugzilla_description":"CVE-2012-5088 OpenJDK: MethodHandle insufficient access control checks (Libraries, 7196190)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.3.0-1jpp.2.el6_3","java-1.7.0-openjdk-1:1.7.0.9-2.3.3.el6_3.1","java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5088.json"},{"CVE":"CVE-2012-5084","severity":"important","public_date":"2012-10-16T00:00:00Z","advisories":["RHSA-2012:1391","RHSA-2012:1392","RHSA-2012:1384","RHSA-2012:1386","RHSA-2012:1485","RHSA-2012:1385","RHSA-2013:1456","RHSA-2012:1465","RHSA-2012:1467","RHSA-2013:1455","RHSA-2012:1466"],"bugzilla":"865511","bugzilla_description":"CVE-2012-5084 OpenJDK: DefaultFormatter insufficient data validation (Swing, 7195194)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.3.0-1jpp.2.el6_3","java-1.7.0-openjdk-1:1.7.0.9-2.3.3.el6_3.1","java-1.6.0-openjdk-1:1.6.0.0-1.28.1.10.10.el5_8","java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3","java-1.6.0-sun-1:1.6.0.37-1jpp.1.el6_3","java-1.4.2-ibm-0:1.4.2.13.14-1jpp.1.el5_8","java-1.5.0-ibm-1:1.5.0.15.0-1jpp.1.el6_3","java-1.6.0-ibm-1:1.6.0.12.0-1jpp.1.el6_3","java-1.6.0-openjdk-1:1.6.0.0-1.50.1.11.5.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5084.json"},{"CVE":"CVE-2012-5089","severity":"important","public_date":"2012-10-16T00:00:00Z","advisories":["RHSA-2012:1391","RHSA-2012:1392","RHSA-2012:1384","RHSA-2012:1386","RHSA-2012:1385","RHSA-2013:1456","RHSA-2012:1465","RHSA-2012:1467","RHSA-2013:1455","RHSA-2012:1466"],"bugzilla":"865514","bugzilla_description":"CVE-2012-5089 OpenJDK: RMIConnectionImpl insufficient access control checks (JMX, 7198296)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.3.0-1jpp.2.el6_3","java-1.7.0-openjdk-1:1.7.0.9-2.3.3.el6_3.1","java-1.6.0-openjdk-1:1.6.0.0-1.28.1.10.10.el5_8","java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3","java-1.6.0-sun-1:1.6.0.37-1jpp.1.el6_3","java-1.5.0-ibm-1:1.5.0.15.0-1jpp.1.el6_3","java-1.6.0-ibm-1:1.6.0.12.0-1jpp.1.el6_3","java-1.6.0-openjdk-1:1.6.0.0-1.50.1.11.5.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5089.json"},{"CVE":"CVE-2012-5071","severity":"important","public_date":"2012-10-16T00:00:00Z","advisories":["RHSA-2012:1391","RHSA-2012:1392","RHSA-2012:1384","RHSA-2012:1386","RHSA-2012:1385","RHSA-2013:1456","RHSA-2012:1465","RHSA-2012:1467","RHSA-2013:1455","RHSA-2012:1466"],"bugzilla":"865519","bugzilla_description":"CVE-2012-5071 OpenJDK: DescriptorSupport insufficient package access checks (JMX, 7192975)","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.3.0-1jpp.2.el6_3","java-1.7.0-openjdk-1:1.7.0.9-2.3.3.el6_3.1","java-1.6.0-openjdk-1:1.6.0.0-1.28.1.10.10.el5_8","java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3","java-1.6.0-sun-1:1.6.0.37-1jpp.1.el6_3","java-1.5.0-ibm-1:1.5.0.15.0-1jpp.1.el6_3","java-1.6.0-ibm-1:1.6.0.12.0-1jpp.1.el6_3","java-1.6.0-openjdk-1:1.6.0.0-1.50.1.11.5.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5071.json"},{"CVE":"CVE-2012-5069","severity":"important","public_date":"2012-10-16T00:00:00Z","advisories":["RHSA-2012:1391","RHSA-2012:1392","RHSA-2012:1384","RHSA-2012:1386","RHSA-2012:1385","RHSA-2013:1456","RHSA-2012:1465","RHSA-2012:1467","RHSA-2013:1455","RHSA-2012:1466"],"bugzilla":"865531","bugzilla_description":"CVE-2012-5069 OpenJDK: Executors state handling issues (Concurrency, 7189103)","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.3.0-1jpp.2.el6_3","java-1.7.0-openjdk-1:1.7.0.9-2.3.3.el6_3.1","java-1.6.0-openjdk-1:1.6.0.0-1.28.1.10.10.el5_8","java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3","java-1.6.0-sun-1:1.6.0.37-1jpp.1.el6_3","java-1.5.0-ibm-1:1.5.0.15.0-1jpp.1.el6_3","java-1.6.0-ibm-1:1.6.0.12.0-1jpp.1.el6_3","java-1.6.0-openjdk-1:1.6.0.0-1.50.1.11.5.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5069.json"},{"CVE":"CVE-2012-5085","severity":"low","public_date":"2012-10-16T00:00:00Z","advisories":["RHSA-2012:1391","RHSA-2013:0625","RHSA-2012:1392","RHSA-2013:0624","RHSA-2012:1384","RHSA-2013:0626","RHSA-2012:1386","RHSA-2012:1385"],"bugzilla":"865541","bugzilla_description":"CVE-2012-5085 OpenJDK: disable Gopher support by default (Gopher, 7189567)","cvss_score":null,"cvss_scoring_vector":"AV:N/AC:M/Au:S/C:N/I:N/A:N","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.9-2.3.3.el6_3.1","java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.28.1.10.10.el5_8","java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3","java-1.6.0-sun-1:1.6.0.37-1jpp.1.el6_3","java-1.6.0-ibm-1:1.6.0.13.0-1jpp.3.el6_4","java-1.5.0-ibm-1:1.5.0.16.0-1jpp.1.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.50.1.11.5.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5085.json"},{"CVE":"CVE-2012-5079","severity":"moderate","public_date":"2012-10-16T00:00:00Z","advisories":["RHSA-2012:1391","RHSA-2012:1392","RHSA-2012:1384","RHSA-2012:1386","RHSA-2012:1485","RHSA-2012:1385","RHSA-2013:1456","RHSA-2012:1465","RHSA-2012:1467","RHSA-2013:1455","RHSA-2012:1466"],"bugzilla":"865568","bugzilla_description":"CVE-2012-5079 OpenJDK: ServiceLoader reject not subtype classes without instantiating (Libraries, 7195919)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.3.0-1jpp.2.el6_3","java-1.7.0-openjdk-1:1.7.0.9-2.3.3.el6_3.1","java-1.6.0-openjdk-1:1.6.0.0-1.28.1.10.10.el5_8","java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3","java-1.6.0-sun-1:1.6.0.37-1jpp.1.el6_3","java-1.4.2-ibm-0:1.4.2.13.14-1jpp.1.el5_8","java-1.5.0-ibm-1:1.5.0.15.0-1jpp.1.el6_3","java-1.6.0-ibm-1:1.6.0.12.0-1jpp.1.el6_3","java-1.6.0-openjdk-1:1.6.0.0-1.50.1.11.5.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5079.json"},{"CVE":"CVE-2012-1531","severity":"critical","public_date":"2012-10-16T00:00:00Z","advisories":["RHSA-2012:1391","RHSA-2012:1392","RHSA-2012:1485","RHSA-2013:1456","RHSA-2012:1465","RHSA-2012:1467","RHSA-2013:1455","RHSA-2012:1466"],"bugzilla":"867185","bugzilla_description":"CVE-2012-1531 Oracle JDK: unspecified vulnerability (2D)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.3.0-1jpp.2.el6_3","java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3","java-1.6.0-sun-1:1.6.0.37-1jpp.1.el6_3","java-1.4.2-ibm-0:1.4.2.13.14-1jpp.1.el5_8","java-1.5.0-ibm-1:1.5.0.15.0-1jpp.1.el6_3","java-1.6.0-ibm-1:1.6.0.12.0-1jpp.1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1531.json"},{"CVE":"CVE-2012-1532","severity":"critical","public_date":"2012-10-16T00:00:00Z","advisories":["RHSA-2012:1391","RHSA-2012:1392","RHSA-2013:1456","RHSA-2012:1467","RHSA-2013:1455","RHSA-2012:1466"],"bugzilla":"867186","bugzilla_description":"CVE-2012-1532 Oracle JDK: unspecified vulnerability (Deployment)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.3.0-1jpp.2.el6_3","java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3","java-1.6.0-sun-1:1.6.0.37-1jpp.1.el6_3","java-1.6.0-ibm-1:1.6.0.12.0-1jpp.1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1532.json"},{"CVE":"CVE-2012-1533","severity":"critical","public_date":"2012-10-16T00:00:00Z","advisories":["RHSA-2012:1391","RHSA-2012:1392","RHSA-2013:1456","RHSA-2012:1467","RHSA-2013:1455","RHSA-2012:1466"],"bugzilla":"867187","bugzilla_description":"CVE-2012-1533 Oracle JDK: unspecified vulnerability (Deployment)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.3.0-1jpp.2.el6_3","java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3","java-1.6.0-sun-1:1.6.0.37-1jpp.1.el6_3","java-1.6.0-ibm-1:1.6.0.12.0-1jpp.1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1533.json"},{"CVE":"CVE-2012-3143","severity":"critical","public_date":"2012-10-16T00:00:00Z","advisories":["RHSA-2012:1391","RHSA-2012:1392","RHSA-2013:1456","RHSA-2012:1465","RHSA-2012:1467","RHSA-2013:1455","RHSA-2012:1466"],"bugzilla":"867189","bugzilla_description":"CVE-2012-3143 Oracle JDK: unspecified vulnerability (JMX)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.3.0-1jpp.2.el6_3","java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3","java-1.6.0-sun-1:1.6.0.37-1jpp.1.el6_3","java-1.5.0-ibm-1:1.5.0.15.0-1jpp.1.el6_3","java-1.6.0-ibm-1:1.6.0.12.0-1jpp.1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3143.json"},{"CVE":"CVE-2012-3159","severity":"important","public_date":"2012-10-16T00:00:00Z","advisories":["RHSA-2012:1391","RHSA-2012:1392","RHSA-2013:1456","RHSA-2012:1467","RHSA-2013:1455","RHSA-2012:1466"],"bugzilla":"867190","bugzilla_description":"CVE-2012-3159 Oracle JDK: unspecified vulnerability (Deployment)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.3.0-1jpp.2.el6_3","java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3","java-1.6.0-sun-1:1.6.0.37-1jpp.1.el6_3","java-1.6.0-ibm-1:1.6.0.12.0-1jpp.1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3159.json"},{"CVE":"CVE-2012-5067","severity":"moderate","public_date":"2012-10-16T00:00:00Z","advisories":["RHSA-2012:1391","RHSA-2012:1467"],"bugzilla":"867192","bugzilla_description":"CVE-2012-5067 Oracle JDK: unspecified vulnerability (Deployment)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.3.0-1jpp.2.el6_3","java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5067.json"},{"CVE":"CVE-2012-5083","severity":"critical","public_date":"2012-10-16T00:00:00Z","advisories":["RHSA-2012:1391","RHSA-2012:1392","RHSA-2012:1485","RHSA-2013:1456","RHSA-2012:1465","RHSA-2012:1467","RHSA-2013:1455","RHSA-2012:1466"],"bugzilla":"867193","bugzilla_description":"CVE-2012-5083 Oracle JDK: unspecified vulnerability (2D)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.3.0-1jpp.2.el6_3","java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3","java-1.6.0-sun-1:1.6.0.37-1jpp.1.el6_3","java-1.4.2-ibm-0:1.4.2.13.14-1jpp.1.el5_8","java-1.5.0-ibm-1:1.5.0.15.0-1jpp.1.el6_3","java-1.6.0-ibm-1:1.6.0.12.0-1jpp.1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5083.json"},{"CVE":"CVE-2012-4416","severity":"low","public_date":"2012-09-07T00:00:00Z","advisories":["RHSA-2012:1391","RHSA-2012:1392","RHSA-2012:1384","RHSA-2012:1386","RHSA-2012:1385"],"bugzilla":"856124","bugzilla_description":"CVE-2012-4416 OpenJDK: uninitialized Array JVM memory disclosure (Hotspot, 7198606)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["java-1.7.0-openjdk-1:1.7.0.9-2.3.3.el6_3.1","java-1.6.0-openjdk-1:1.6.0.0-1.28.1.10.10.el5_8","java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3","java-1.6.0-sun-1:1.6.0.37-1jpp.1.el6_3","java-1.6.0-openjdk-1:1.6.0.0-1.50.1.11.5.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4416.json"},{"CVE":"CVE-2012-4420","severity":null,"public_date":"2012-09-07T00:00:00Z","advisories":[],"bugzilla":"856588","bugzilla_description":"CVE-2012-4420 java-1.7.0-openjdk: JVM heap memory disclosure","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4420.json"},{"CVE":"CVE-2012-1682","severity":"critical","public_date":"2012-08-30T00:00:00Z","advisories":["RHSA-2012:1221","RHSA-2012:1223","RHSA-2013:1456","RHSA-2012:1289","RHSA-2012:1222","RHSA-2012:1225","RHSA-2013:1455","RHSA-2012:1466"],"bugzilla":"853097","bugzilla_description":"CVE-2012-1682 OpenJDK: beans ClassFinder insufficient permission checks (beans, 7162476)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-openjdk-1:1.6.0.0-1.49.1.11.4.el6_3","java-1.6.0-openjdk-1:1.6.0.0-1.28.1.10.9.el5_8","java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3","java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3","java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3","java-1.6.0-ibm-1:1.6.0.12.0-1jpp.1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1682.json"},{"CVE":"CVE-2012-3136","severity":"critical","public_date":"2012-08-30T00:00:00Z","advisories":["RHSA-2012:1223","RHSA-2012:1289","RHSA-2012:1225"],"bugzilla":"853138","bugzilla_description":"CVE-2012-3136 OpenJDK: beans MethodElementHandler insufficient permission checks (beans, 7194567)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3","java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3","java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3136.json"},{"CVE":"CVE-2012-0547","severity":"low","public_date":"2012-08-30T00:00:00Z","advisories":["RHSA-2012:1392","RHSA-2012:1221","RHSA-2012:1223","RHSA-2013:1456","RHSA-2012:1289","RHSA-2012:1222","RHSA-2012:1225","RHSA-2013:1455","RHSA-2012:1466"],"bugzilla":"853228","bugzilla_description":"CVE-2012-0547 OpenJDK: AWT hardening fixes (AWT, 7163201)","cvss_score":null,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:N","CWE":null,"affected_packages":["java-1.6.0-openjdk-1:1.6.0.0-1.49.1.11.4.el6_3","java-1.6.0-openjdk-1:1.6.0.0-1.28.1.10.9.el5_8","java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3","java-1.6.0-sun-1:1.6.0.37-1jpp.1.el6_3","java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3","java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3","java-1.6.0-ibm-1:1.6.0.12.0-1jpp.1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0547.json"},{"CVE":"CVE-2012-4681","severity":"critical","public_date":"2012-08-27T00:00:00Z","advisories":["RHSA-2012:1223","RHSA-2012:1289","RHSA-2012:1225"],"bugzilla":"852051","bugzilla_description":"CVE-2012-4681 OpenJDK: beans insufficient permission checks, Java 7 0day (beans, 7162473)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3","java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3","java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4681.json"},{"CVE":"CVE-2012-1711","severity":"critical","public_date":"2012-06-12T00:00:00Z","advisories":["RHSA-2012:1009","RHSA-2012:0734","RHSA-2012:1019","RHSA-2012:0729","RHSA-2012:0730"],"bugzilla":"829354","bugzilla_description":"CVE-2012-1711 OpenJDK: improper protection of CORBA data models (CORBA, 7079902)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-sun-1:1.6.0.33-1jpp.1.el6_2","java-1.6.0-openjdk-1:1.6.0.0-1.48.1.11.3.el6_2","java-1.7.0-oracle-1:1.7.0.5-1jpp.1.el6","java-1.6.0-openjdk-1:1.6.0.0-1.27.1.10.8.el5_8","java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1711.json"},{"CVE":"CVE-2012-1717","severity":"low","public_date":"2012-06-12T00:00:00Z","advisories":["RHSA-2012:1009","RHSA-2012:0734","RHSA-2012:1019","RHSA-2012:0729","RHSA-2012:1243","RHSA-2013:1456","RHSA-2012:1245","RHSA-2012:1289","RHSA-2012:1332","RHSA-2012:0730","RHSA-2013:1455","RHSA-2012:1238"],"bugzilla":"829358","bugzilla_description":"CVE-2012-1717 OpenJDK: insecure temporary file permissions (JRE, 7143606)","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-732","affected_packages":["java-1.6.0-sun-1:1.6.0.33-1jpp.1.el6_2","java-1.5.0-ibm-1:1.5.0.14.0-1jpp.1.el6_3","java-1.6.0-openjdk-1:1.6.0.0-1.48.1.11.3.el6_2","java-1.7.0-oracle-1:1.7.0.5-1jpp.1.el6","java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3","java-1.6.0-openjdk-1:1.6.0.0-1.27.1.10.8.el5_8","java-1.4.2-ibm-sap-0:1.4.2.13.13.sap-1jpp.2.el5","java-1.4.2-ibm-0:1.4.2.13.13-1jpp.1.el5_8","java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3","java-1.6.0-ibm-1:1.6.0.11.0-1jpp.1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1717.json"},{"CVE":"CVE-2012-1716","severity":"critical","public_date":"2012-06-12T00:00:00Z","advisories":["RHSA-2012:1009","RHSA-2012:0734","RHSA-2012:1019","RHSA-2012:0729","RHSA-2013:1456","RHSA-2012:1245","RHSA-2012:1289","RHSA-2012:0730","RHSA-2013:1455","RHSA-2012:1238"],"bugzilla":"829360","bugzilla_description":"CVE-2012-1716 OpenJDK: SynthLookAndFeel application context bypass (Swing, 7143614)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-sun-1:1.6.0.33-1jpp.1.el6_2","java-1.5.0-ibm-1:1.5.0.14.0-1jpp.1.el6_3","java-1.6.0-openjdk-1:1.6.0.0-1.48.1.11.3.el6_2","java-1.7.0-oracle-1:1.7.0.5-1jpp.1.el6","java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3","java-1.6.0-openjdk-1:1.6.0.0-1.27.1.10.8.el5_8","java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3","java-1.6.0-ibm-1:1.6.0.11.0-1jpp.1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1716.json"},{"CVE":"CVE-2012-1713","severity":"critical","public_date":"2012-06-12T00:00:00Z","advisories":["RHSA-2012:1009","RHSA-2012:0734","RHSA-2012:1019","RHSA-2012:0729","RHSA-2012:1243","RHSA-2013:1456","RHSA-2012:1245","RHSA-2012:1289","RHSA-2012:1332","RHSA-2012:0730","RHSA-2013:1455","RHSA-2012:1238"],"bugzilla":"829361","bugzilla_description":"CVE-2012-1713 OpenJDK: fontmanager layout lookup code memory corruption (2D, 7143617)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-sun-1:1.6.0.33-1jpp.1.el6_2","java-1.5.0-ibm-1:1.5.0.14.0-1jpp.1.el6_3","java-1.6.0-openjdk-1:1.6.0.0-1.48.1.11.3.el6_2","java-1.7.0-oracle-1:1.7.0.5-1jpp.1.el6","java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3","java-1.6.0-openjdk-1:1.6.0.0-1.27.1.10.8.el5_8","java-1.4.2-ibm-sap-0:1.4.2.13.13.sap-1jpp.2.el5","java-1.4.2-ibm-0:1.4.2.13.13-1jpp.1.el5_8","java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3","java-1.6.0-ibm-1:1.6.0.11.0-1jpp.1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1713.json"},{"CVE":"CVE-2012-1719","severity":"moderate","public_date":"2012-06-12T00:00:00Z","advisories":["RHSA-2012:1009","RHSA-2012:0734","RHSA-2012:1019","RHSA-2012:0729","RHSA-2012:1243","RHSA-2013:1456","RHSA-2012:1245","RHSA-2012:1289","RHSA-2012:1332","RHSA-2012:0730","RHSA-2013:1455","RHSA-2012:1238"],"bugzilla":"829371","bugzilla_description":"CVE-2012-1719 OpenJDK: mutable repository identifiers in generated stub code (CORBA, 7143851)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["java-1.6.0-sun-1:1.6.0.33-1jpp.1.el6_2","java-1.5.0-ibm-1:1.5.0.14.0-1jpp.1.el6_3","java-1.6.0-openjdk-1:1.6.0.0-1.48.1.11.3.el6_2","java-1.7.0-oracle-1:1.7.0.5-1jpp.1.el6","java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3","java-1.6.0-openjdk-1:1.6.0.0-1.27.1.10.8.el5_8","java-1.4.2-ibm-sap-0:1.4.2.13.13.sap-1jpp.2.el5","java-1.4.2-ibm-0:1.4.2.13.13-1jpp.1.el5_8","java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3","java-1.6.0-ibm-1:1.6.0.11.0-1jpp.1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1719.json"},{"CVE":"CVE-2012-1718","severity":"moderate","public_date":"2012-06-12T00:00:00Z","advisories":["RHSA-2012:1009","RHSA-2012:0734","RHSA-2012:1019","RHSA-2012:0729","RHSA-2012:1243","RHSA-2013:1456","RHSA-2012:1245","RHSA-2012:1332","RHSA-2012:0730","RHSA-2012:1467","RHSA-2013:1455","RHSA-2012:1238"],"bugzilla":"829372","bugzilla_description":"CVE-2012-1718 OpenJDK: CRL and certificate extensions handling improvements (Security, 7143872)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["java-1.6.0-sun-1:1.6.0.33-1jpp.1.el6_2","java-1.5.0-ibm-1:1.5.0.14.0-1jpp.1.el6_3","java-1.7.0-ibm-1:1.7.0.3.0-1jpp.2.el6_3","java-1.6.0-openjdk-1:1.6.0.0-1.48.1.11.3.el6_2","java-1.7.0-oracle-1:1.7.0.5-1jpp.1.el6","java-1.6.0-openjdk-1:1.6.0.0-1.27.1.10.8.el5_8","java-1.4.2-ibm-sap-0:1.4.2.13.13.sap-1jpp.2.el5","java-1.4.2-ibm-0:1.4.2.13.13-1jpp.1.el5_8","java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3","java-1.6.0-ibm-1:1.6.0.11.0-1jpp.1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1718.json"},{"CVE":"CVE-2012-1723","severity":"critical","public_date":"2012-06-12T00:00:00Z","advisories":["RHSA-2012:1009","RHSA-2012:0734","RHSA-2012:1019","RHSA-2012:0729","RHSA-2012:0730"],"bugzilla":"829373","bugzilla_description":"CVE-2012-1723 OpenJDK: insufficient field accessibility checks (HotSpot, 7152811)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-sun-1:1.6.0.33-1jpp.1.el6_2","java-1.6.0-openjdk-1:1.6.0.0-1.48.1.11.3.el6_2","java-1.7.0-oracle-1:1.7.0.5-1jpp.1.el6","java-1.6.0-openjdk-1:1.6.0.0-1.27.1.10.8.el5_8","java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1723.json"},{"CVE":"CVE-2012-1724","severity":"moderate","public_date":"2012-06-12T00:00:00Z","advisories":["RHSA-2012:1009","RHSA-2012:0734","RHSA-2012:1019","RHSA-2012:0729","RHSA-2012:0730"],"bugzilla":"829374","bugzilla_description":"CVE-2012-1724 OpenJDK: XML parsing infinite loop (JAXP, 7157609)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["java-1.6.0-sun-1:1.6.0.33-1jpp.1.el6_2","java-1.6.0-openjdk-1:1.6.0.0-1.48.1.11.3.el6_2","java-1.7.0-oracle-1:1.7.0.5-1jpp.1.el6","java-1.6.0-openjdk-1:1.6.0.0-1.27.1.10.8.el5_8","java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1724.json"},{"CVE":"CVE-2012-1725","severity":"critical","public_date":"2012-06-12T00:00:00Z","advisories":["RHSA-2012:1009","RHSA-2012:0734","RHSA-2012:1019","RHSA-2012:0729","RHSA-2013:1456","RHSA-2012:1245","RHSA-2012:1289","RHSA-2012:0730","RHSA-2013:1455","RHSA-2012:1238"],"bugzilla":"829376","bugzilla_description":"CVE-2012-1725 OpenJDK: insufficient invokespecial verification (HotSpot, 7160757)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-sun-1:1.6.0.33-1jpp.1.el6_2","java-1.5.0-ibm-1:1.5.0.14.0-1jpp.1.el6_3","java-1.6.0-openjdk-1:1.6.0.0-1.48.1.11.3.el6_2","java-1.7.0-oracle-1:1.7.0.5-1jpp.1.el6","java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3","java-1.6.0-openjdk-1:1.6.0.0-1.27.1.10.8.el5_8","java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3","java-1.6.0-ibm-1:1.6.0.11.0-1jpp.1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1725.json"},{"CVE":"CVE-2012-1726","severity":"important","public_date":"2012-06-12T00:00:00Z","advisories":["RHSA-2012:1009","RHSA-2012:1019","RHSA-2012:1289"],"bugzilla":"829377","bugzilla_description":"CVE-2012-1726 OpenJDK: java.lang.invoke.MethodHandles.Lookup does not honor access modes (Libraries, 7165628)","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["java-1.7.0-oracle-1:1.7.0.5-1jpp.1.el6","java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3","java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1726.json"},{"CVE":"CVE-2012-1721","severity":"critical","public_date":"2012-06-12T00:00:00Z","advisories":["RHSA-2012:0734","RHSA-2012:1019","RHSA-2013:1456","RHSA-2012:1289","RHSA-2013:1455","RHSA-2012:1238"],"bugzilla":"831353","bugzilla_description":"CVE-2012-1721 Oracle JDK: unspecified vulnerability fixed in 6u33 and 7u5 (Deployment)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-sun-1:1.6.0.33-1jpp.1.el6_2","java-1.7.0-oracle-1:1.7.0.5-1jpp.1.el6","java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3","java-1.6.0-ibm-1:1.6.0.11.0-1jpp.1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1721.json"},{"CVE":"CVE-2012-1722","severity":"critical","public_date":"2012-06-12T00:00:00Z","advisories":["RHSA-2012:0734","RHSA-2012:1019","RHSA-2013:1456","RHSA-2012:1289","RHSA-2013:1455","RHSA-2012:1238"],"bugzilla":"831354","bugzilla_description":"CVE-2012-1722 Oracle JDK: unspecified vulnerability fixed in 6u33 and 7u5 (Deployment)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["java-1.6.0-sun-1:1.6.0.33-1jpp.1.el6_2","java-1.7.0-oracle-1:1.7.0.5-1jpp.1.el6","java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3","java-1.6.0-ibm-1:1.6.0.11.0-1jpp.1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1722.json"},{"CVE":"CVE-2012-0551","severity":"moderate","public_date":"2012-06-12T00:00:00Z","advisories":["RHSA-2012:0734","RHSA-2012:1019","RHSA-2013:1456","RHSA-2012:1289","RHSA-2013:1455","RHSA-2012:1238"],"bugzilla":"831355","bugzilla_description":"CVE-2012-0551 Oracle JDK: unspecified vulnerability fixed in 6u33 and 7u5 (Deployment)","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:P","CWE":null,"affected_packages":["java-1.6.0-sun-1:1.6.0.33-1jpp.1.el6_2","java-1.7.0-oracle-1:1.7.0.5-1jpp.1.el6","java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3","java-1.6.0-ibm-1:1.6.0.11.0-1jpp.1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0551.json"},{"CVE":"CVE-2015-0480","severity":"low","public_date":"2005-01-04T00:00:00Z","advisories":["RHSA-2015:0854","RHSA-2015:1091","RHSA-2015:1007","RHSA-2015:1006","RHSA-2015:0809","RHSA-2015:0808","RHSA-2015:0807","RHSA-2015:0806","RHSA-2015:1021","RHSA-2015:1020","RHSA-2015:0858","RHSA-2015:0857"],"bugzilla":"1211504","bugzilla_description":"CVE-2015-0480 OpenJDK: jar directory traversal issues (Tools, 8064601)","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:P/A:N","CWE":"CWE-22","affected_packages":["java-1.7.0-ibm-1:1.7.0.9.0-1jpp.1.el5","java-1.8.0-oracle-1:1.8.0.45-1jpp.2.el7_1","java-1.6.0-ibm-1:1.6.0.16.4-1jpp.1.el6_6","java-1.5.0-ibm-1:1.5.0.16.10-1jpp.1.el6_6","java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el7_1","java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el5_11","java-1.6.0-openjdk-1:1.6.0.35-1.13.7.1.el6_6","java-1.6.0-openjdk-1:1.6.0.35-1.13.7.1.el5_11","java-1.6.0-openjdk-1:1.6.0.35-1.13.7.1.el7_1","java-1.6.0-sun-1:1.6.0.95-1jpp.3.el6_6","java-1.7.0-openjdk-1:1.7.0.79-2.5.5.1.el7_1","java-1.8.0-openjdk-1:1.8.0.45-30.b13.el7_1","java-1.7.1-ibm-1:1.7.1.3.0-1jpp.2.el6_6","java-1.6.0-sun-1:1.6.0.95-1jpp.3.el7_1","java-1.7.0-openjdk-1:1.7.0.79-2.5.5.1.el6_6","java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el6_6","java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11","java-1.6.0-sun-1:1.6.0.95-1jpp.3.el5_11","java-1.8.0-oracle-1:1.8.0.45-1jpp.2.el6_6","java-1.8.0-openjdk-1:1.8.0.45-28.b13.el6_6","java-1.7.1-ibm-1:1.7.1.3.0-1jpp.2.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0480.json"},{"CVE":"CVE-2005-1080","severity":"low","public_date":"2005-01-04T00:00:00Z","advisories":["RHSA-2015:0854","RHSA-2015:1091","RHSA-2015:1007","RHSA-2015:1006","RHSA-2015:0809","RHSA-2015:0808","RHSA-2015:0807","RHSA-2015:0806","RHSA-2015:1021","RHSA-2015:1020","RHSA-2015:0858","RHSA-2015:0857"],"bugzilla":"606442","bugzilla_description":"CVE-2005-1080 jar: directory traversal vulnerability","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:P/A:N","CWE":"CWE-22","affected_packages":["java-1.7.0-ibm-1:1.7.0.9.0-1jpp.1.el5","java-1.8.0-oracle-1:1.8.0.45-1jpp.2.el7_1","java-1.6.0-ibm-1:1.6.0.16.4-1jpp.1.el6_6","java-1.5.0-ibm-1:1.5.0.16.10-1jpp.1.el6_6","java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el7_1","java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el5_11","java-1.6.0-openjdk-1:1.6.0.35-1.13.7.1.el6_6","java-1.6.0-openjdk-1:1.6.0.35-1.13.7.1.el5_11","java-1.6.0-openjdk-1:1.6.0.35-1.13.7.1.el7_1","java-1.6.0-sun-1:1.6.0.95-1jpp.3.el6_6","java-1.7.0-openjdk-1:1.7.0.79-2.5.5.1.el7_1","java-1.8.0-openjdk-1:1.8.0.45-30.b13.el7_1","java-1.7.1-ibm-1:1.7.1.3.0-1jpp.2.el6_6","java-1.6.0-sun-1:1.6.0.95-1jpp.3.el7_1","java-1.7.0-openjdk-1:1.7.0.79-2.5.5.1.el6_6","java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el6_6","java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11","java-1.6.0-sun-1:1.6.0.95-1jpp.3.el5_11","java-1.8.0-oracle-1:1.8.0.45-1jpp.2.el6_6","java-1.8.0-openjdk-1:1.8.0.45-28.b13.el6_6","java-1.7.1-ibm-1:1.7.1.3.0-1jpp.2.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1080.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/acpid_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/acpid_security_api_results.json new file mode 100644 index 0000000..1a640cb --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/acpid_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2011-4578","severity":"low","public_date":"2011-07-30T00:00:00Z","advisories":[],"bugzilla":"760984","bugzilla_description":"CVE-2011-4578 acpid: Unsafe umask for actions executed by acpid","cvss_score":3.6,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4578.json"},{"CVE":"CVE-2011-1159","severity":"low","public_date":"2011-01-19T00:00:00Z","advisories":[],"bugzilla":"688698","bugzilla_description":"CVE-2011-1159 acpid: blocked writes can lead to acpid daemon hang","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1159.json"},{"CVE":"CVE-2009-4033","severity":"important","public_date":"2009-12-07T00:00:00Z","advisories":["RHSA-2009:1642"],"bugzilla":"542926","bugzilla_description":"CVE-2009-4033 acpid: log file created with random permissions","cvss_score":6.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":["acpid-0:1.0.4-9.el5_4.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4033.json"},{"CVE":"CVE-2009-0798","severity":"moderate","public_date":"2009-04-21T00:00:00Z","advisories":["RHSA-2009:0474"],"bugzilla":"494443","bugzilla_description":"CVE-2009-0798 acpid: too many open files DoS","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/AU:N/C:N/I:N/A:P","CWE":null,"affected_packages":["acpid-0:1.0.1-3","acpid-0:1.0.2-4","acpid-0:1.0.4-7.el5_3.1","acpid-0:1.0.3-2.el4_7.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0798.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/adcli_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/adcli_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/adcli_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/adobe-mappings-cmap-deprecated_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/adobe-mappings-cmap-deprecated_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/adobe-mappings-cmap-deprecated_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/adobe-mappings-cmap_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/adobe-mappings-cmap_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/adobe-mappings-cmap_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/adobe-mappings-pdf_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/adobe-mappings-pdf_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/adobe-mappings-pdf_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/adwaita-cursor-theme_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/adwaita-cursor-theme_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/adwaita-cursor-theme_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/adwaita-gtk2-theme_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/adwaita-gtk2-theme_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/adwaita-gtk2-theme_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/adwaita-icon-theme_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/adwaita-icon-theme_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/adwaita-icon-theme_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/adwaita-qt4_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/adwaita-qt4_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/adwaita-qt4_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/adwaita-qt5_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/adwaita-qt5_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/adwaita-qt5_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/adwaita-qt_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/adwaita-qt_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/adwaita-qt_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/agg_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/agg_security_api_results.json new file mode 100644 index 0000000..c361aa6 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/agg_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2018-5378","severity":"moderate","public_date":"2018-02-15T00:00:00Z","advisories":[],"bugzilla":"1542972","bugzilla_description":"CVE-2018-5378 quagga: bgpd does not properly bounds check the data sent with a NOTIFY allowing leak of sensitive data or crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119->CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5378.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-5379","severity":"important","public_date":"2018-02-15T00:00:00Z","advisories":["RHSA-2018:0377"],"bugzilla":"1542985","bugzilla_description":"CVE-2018-5379 quagga: Double free vulnerability in bgpd when processing certain forms of UPDATE message allowing to crash or potentially execute arbitrary code","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["quagga-0:0.99.22.4-5.el7_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5379.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2018-5380","severity":"low","public_date":"2018-02-15T00:00:00Z","advisories":[],"bugzilla":"1542990","bugzilla_description":"CVE-2018-5380 quagga: bgpd can overrun internal BGP code-to-string conversion tables potentially allowing crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-193->CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5380.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"4.3"},{"CVE":"CVE-2018-5381","severity":"moderate","public_date":"2018-02-15T00:00:00Z","advisories":[],"bugzilla":"1542992","bugzilla_description":"CVE-2018-5381 quagga: Infinite loop issue triggered by invalid OPEN message allows denial-of-service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-228->CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5381.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-16227","severity":"moderate","public_date":"2017-10-02T00:00:00Z","advisories":[],"bugzilla":"1509291","bugzilla_description":"CVE-2017-16227 quagga: Incorrect AS_PATH size calculation for long paths","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-682","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16227.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.7"},{"CVE":"CVE-2017-3224","severity":"moderate","public_date":"2017-07-27T00:00:00Z","advisories":[],"bugzilla":"1472873","bugzilla_description":"CVE-2017-3224 quagga: OSPF implementation improperly determines LSA recency (VU#793496)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-354","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3224.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.3"},{"CVE":"CVE-2017-5495","severity":"moderate","public_date":"2017-01-23T00:00:00Z","advisories":["RHSA-2017:0794"],"bugzilla":"1416013","bugzilla_description":"CVE-2017-5495 quagga: Telnet interface input buffer allocates unbounded amounts of memory","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-770","affected_packages":["quagga-0:0.99.15-14.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5495.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-1245","severity":"moderate","public_date":"2016-10-18T00:00:00Z","advisories":["RHSA-2017:0794"],"bugzilla":"1386109","bugzilla_description":"CVE-2016-1245 quagga: Buffer Overflow in IPv6 RA handling","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-121","affected_packages":["quagga-0:0.99.15-14.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1245.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2016-5682","severity":"moderate","public_date":"2016-09-02T00:00:00Z","advisories":[],"bugzilla":"1443546","bugzilla_description":"CVE-2016-5682 hawtio-swagger-ui: XSS vulnerability in Definitions section","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-79","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5682.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N","cvss3_score":"5.4"},{"CVE":"CVE-2016-4036","severity":"low","public_date":"2016-08-23T00:00:00Z","advisories":[],"bugzilla":"1370416","bugzilla_description":"CVE-2016-4036 quagga: Wrong permissions allowing information leak","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":"CWE-732","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4036.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2016-4049","severity":"moderate","public_date":"2016-04-27T00:00:00Z","advisories":["RHSA-2017:0794"],"bugzilla":"1331372","bugzilla_description":"CVE-2016-4049 quagga: denial of service vulnerability in BGP routing daemon","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["quagga-0:0.99.15-14.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4049.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-2342","severity":"moderate","public_date":"2016-03-09T00:00:00Z","advisories":["RHSA-2017:0794"],"bugzilla":"1316571","bugzilla_description":"CVE-2016-2342 quagga: VPNv4 NLRI parser memcpys to stack on unchecked length","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-121","affected_packages":["quagga-0:0.99.15-14.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2342.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2013-6051","severity":"moderate","public_date":"2013-11-25T00:00:00Z","advisories":[],"bugzilla":"1043370","bugzilla_description":"CVE-2013-6051 quagga: bgp crash when receiving bgp updates","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6051.json"},{"CVE":"CVE-2013-0149","severity":"moderate","public_date":"2013-08-01T00:00:00Z","advisories":[],"bugzilla":"991457","bugzilla_description":"CVE-2013-0149 quagga (ospfd): Possibility to use invalid / duplicate LSA information (VU#229804)","cvss_score":4.3,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:P/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0149.json"},{"CVE":"CVE-2013-2236","severity":"low","public_date":"2013-07-02T00:00:00Z","advisories":["RHSA-2017:0794"],"bugzilla":"981124","bugzilla_description":"CVE-2013-2236 Quagga: OSPFD Potential remote code exec (stack based buffer overflow)","cvss_score":3.3,"cvss_scoring_vector":"AV:A/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-121","affected_packages":["quagga-0:0.99.15-14.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2236.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2012-5521","severity":"low","public_date":"2012-11-13T00:00:00Z","advisories":[],"bugzilla":"876197","bugzilla_description":"CVE-2012-5521 quagga (ospf6d): Assertion failure when removing routes (retrieving information which route to remove)","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5521.json"},{"CVE":"CVE-2012-1820","severity":"low","public_date":"2012-06-03T00:00:00Z","advisories":["RHSA-2012:1259"],"bugzilla":"817580","bugzilla_description":"CVE-2012-1820 quagga (bgpd): Assertion failure by processing BGP OPEN message with malformed ORF capability TLV (VU#962587)","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["quagga-0:0.99.15-7.el6_3.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1820.json"},{"CVE":"CVE-2012-0255","severity":"low","public_date":"2012-03-28T00:00:00Z","advisories":["RHSA-2012:1259"],"bugzilla":"802781","bugzilla_description":"CVE-2012-0255 quagga (bgpd): Assertion failure by processing malformed AS4 capability in BGP OPEN message","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["quagga-0:0.99.15-7.el6_3.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0255.json"},{"CVE":"CVE-2012-0249","severity":"low","public_date":"2012-03-28T00:00:00Z","advisories":["RHSA-2012:1258","RHSA-2012:1259"],"bugzilla":"802827","bugzilla_description":"CVE-2012-0249 quagga (ospfd): Assertion failure due improper length check for a received LS-Update OSPF packet","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["quagga-0:0.98.6-7.el5_8.1","quagga-0:0.99.15-7.el6_3.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0249.json"},{"CVE":"CVE-2012-0250","severity":"low","public_date":"2012-03-28T00:00:00Z","advisories":["RHSA-2012:1258","RHSA-2012:1259"],"bugzilla":"802829","bugzilla_description":"CVE-2012-0250 quagga (ospfd): Crash by processing LS-Update OSPF packet due improper length check of the Network-LSA structures","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["quagga-0:0.98.6-7.el5_8.1","quagga-0:0.99.15-7.el6_3.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0250.json"},{"CVE":"CVE-2011-3323","severity":"low","public_date":"2011-09-26T00:00:00Z","advisories":["RHSA-2012:1258","RHSA-2012:1259"],"bugzilla":"738393","bugzilla_description":"CVE-2011-3323 Quagga (ospf6d): Stack-based buffer overflow while decoding Link State Update packet with malformed Inter Area Prefix LSA","cvss_score":5.4,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-121","affected_packages":["quagga-0:0.98.6-7.el5_8.1","quagga-0:0.99.15-7.el6_3.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3323.json"},{"CVE":"CVE-2011-3324","severity":"low","public_date":"2011-09-26T00:00:00Z","advisories":["RHSA-2012:1258","RHSA-2012:1259"],"bugzilla":"738394","bugzilla_description":"CVE-2011-3324 Quagga (ospf6d): Denial of service by decoding malformed Database Description packet headers","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["quagga-0:0.98.6-7.el5_8.1","quagga-0:0.99.15-7.el6_3.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3324.json"},{"CVE":"CVE-2011-3325","severity":"low","public_date":"2011-09-26T00:00:00Z","advisories":["RHSA-2012:1258","RHSA-2012:1259"],"bugzilla":"738396","bugzilla_description":"CVE-2011-3325 Quagga (ospfd): Denial of service by decoding too short Hello packet or Hello packet with invalid OSPFv2 header type","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["quagga-0:0.98.6-7.el5_8.1","quagga-0:0.99.15-7.el6_3.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3325.json"},{"CVE":"CVE-2011-3326","severity":"low","public_date":"2011-09-26T00:00:00Z","advisories":["RHSA-2012:1258","RHSA-2012:1259"],"bugzilla":"738398","bugzilla_description":"CVE-2011-3326 Quagga (ospfd): Denial of service by decoding Link State Update LSAs of unknown type","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["quagga-0:0.98.6-7.el5_8.1","quagga-0:0.99.15-7.el6_3.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3326.json"},{"CVE":"CVE-2011-3327","severity":"moderate","public_date":"2011-09-26T00:00:00Z","advisories":["RHSA-2012:1258","RHSA-2012:1259"],"bugzilla":"738400","bugzilla_description":"CVE-2011-3327 Quagga (bgpd): Heap-based buffer overflow by decoding BGP UPDATE message with unknown AS_PATH attributes","cvss_score":5.4,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":["quagga-0:0.98.6-7.el5_8.1","quagga-0:0.99.15-7.el6_3.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3327.json"},{"CVE":"CVE-2010-1674","severity":"low","public_date":"2011-03-21T00:00:00Z","advisories":["RHSA-2011:0406","RHSA-2012:1258"],"bugzilla":"654603","bugzilla_description":"CVE-2010-1674 quagga: DoS (crash) by processing malformed extended community attribute in a route","cvss_score":1.8,"cvss_scoring_vector":"AV:A/AC:H/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["quagga-0:0.98.6-7.el5_8.1","quagga-0:0.99.15-5.el6_0.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1674.json"},{"CVE":"CVE-2010-1675","severity":"moderate","public_date":"2011-03-21T00:00:00Z","advisories":["RHSA-2011:0406"],"bugzilla":"654614","bugzilla_description":"CVE-2010-1675 quagga: BGP session reset by processing BGP Update message with malformed AS-path attributes","cvss_score":1.8,"cvss_scoring_vector":"AV:A/AC:H/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["quagga-0:0.99.15-5.el6_0.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1675.json"},{"CVE":"CVE-2010-2948","severity":"moderate","public_date":"2010-08-19T00:00:00Z","advisories":["RHSA-2010:0945","RHSA-2010:0785"],"bugzilla":"626783","bugzilla_description":"CVE-2010-2948 Quagga (bgpd): Stack buffer overflow by processing certain Route-Refresh messages","cvss_score":5.4,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-121","affected_packages":["quagga-0:0.98.3-4.el4_8.1","quagga-0:0.98.6-5.el5_5.2","quagga-0:0.99.15-5.el6_0.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2948.json"},{"CVE":"CVE-2010-2949","severity":"low","public_date":"2010-08-19T00:00:00Z","advisories":["RHSA-2010:0945"],"bugzilla":"626795","bugzilla_description":"CVE-2010-2949 Quagga (bgpd): DoS (crash) while processing certain BGP update AS path messages","cvss_score":1.8,"cvss_scoring_vector":"AV:A/AC:H/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["quagga-0:0.99.15-5.el6_0.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2949.json"},{"CVE":"CVE-2007-4826","severity":"low","public_date":"2007-09-07T00:00:00Z","advisories":["RHSA-2010:0785"],"bugzilla":"285691","bugzilla_description":"CVE-2007-4826 quagga bgpd DoS","cvss_score":3.3,"cvss_scoring_vector":"AV:A/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["quagga-0:0.98.3-4.el4_8.1","quagga-0:0.98.6-5.el5_5.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4826.json"},{"CVE":"CVE-2007-1995","severity":"moderate","public_date":"2007-04-08T00:00:00Z","advisories":["RHSA-2007:0389"],"bugzilla":"240478","bugzilla_description":"CVE-2007-1995 Quagga bgpd DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["quagga-0:0.96.2-12.3E","quagga-0:0.98.6-2.1.0.1.el5","quagga-0:0.98.3-2.4.0.1.el4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1995.json"},{"CVE":"CVE-2006-2223","severity":"moderate","public_date":"2006-05-03T00:00:00Z","advisories":["RHSA-2006:0525","RHSA-2006:0533"],"bugzilla":"1618091","bugzilla_description":"CVE-2006-2223 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["quagga-0:0.98.3-2.4E","quagga-0:0.96.2-11.3E"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2223.json"},{"CVE":"CVE-2006-2224","severity":"moderate","public_date":"2006-05-03T00:00:00Z","advisories":["RHSA-2006:0525","RHSA-2006:0533"],"bugzilla":"1618092","bugzilla_description":"CVE-2006-2224 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["quagga-0:0.98.3-2.4E","quagga-0:0.96.2-11.3E"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2224.json"},{"CVE":"CVE-2006-2276","severity":"moderate","public_date":"2006-03-29T00:00:00Z","advisories":["RHSA-2006:0525","RHSA-2006:0533"],"bugzilla":"1618099","bugzilla_description":"CVE-2006-2276 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["quagga-0:0.98.3-2.4E","quagga-0:0.96.2-11.3E"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2276.json"},{"CVE":"CVE-2003-0858","severity":"low","public_date":"2003-11-12T00:00:00Z","advisories":["RHSA-2003:307","RHSA-2003:315","RHSA-2003:305"],"bugzilla":"1617096","bugzilla_description":"CVE-2003-0858 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["quagga-0:0.96.2-8.3E"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0858.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/aic94xx-firmware_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/aic94xx-firmware_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/aic94xx-firmware_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/aide_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/aide_security_api_results.json new file mode 100644 index 0000000..2cebac6 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/aide_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2007-3849","severity":"moderate","public_date":"2007-09-04T00:00:00Z","advisories":["RHSA-2007:0539"],"bugzilla":"236923","bugzilla_description":"CVE-2007-3849 Rebase aide to 0.13.1","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["aide-0:0.13.1-2.0.4.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3849.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/akonadi-mysql_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/akonadi-mysql_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/akonadi-mysql_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/akonadi_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/akonadi_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/akonadi_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/alacarte_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/alacarte_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/alacarte_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/alsa-firmware_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/alsa-firmware_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/alsa-firmware_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/alsa-lib-devel_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/alsa-lib-devel_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/alsa-lib-devel_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/alsa-lib_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/alsa-lib_security_api_results.json new file mode 100644 index 0000000..ffa1290 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/alsa-lib_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2005-0087","severity":"moderate","public_date":"2005-02-15T00:00:00Z","advisories":["RHSA-2005:033"],"bugzilla":"1617449","bugzilla_description":"CVE-2005-0087 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["alsa-lib-0:1.0.6-5.RHEL4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0087.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/alsa-plugins-pulseaudio_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/alsa-plugins-pulseaudio_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/alsa-plugins-pulseaudio_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/alsa-tools-firmware_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/alsa-tools-firmware_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/alsa-tools-firmware_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/alsa-utils_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/alsa-utils_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/alsa-utils_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/amanda-client_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/amanda-client_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/amanda-client_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/amanda-libs_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/amanda-libs_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/amanda-libs_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/amanda-server_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/amanda-server_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/amanda-server_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/amanda_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/amanda_security_api_results.json new file mode 100644 index 0000000..4c57020 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/amanda_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2016-10730","severity":"low","public_date":"2016-01-15T00:00:00Z","advisories":[],"bugzilla":"1647090","bugzilla_description":"CVE-2016-10730 amanda: Privilege escalation in amstar and amgtar via --*tar-path option","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-648","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10730.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"4.2"},{"CVE":"CVE-2016-10729","severity":"low","public_date":"2016-01-11T00:00:00Z","advisories":[],"bugzilla":"1647084","bugzilla_description":"CVE-2016-10729 amanda: Privilege escalation in runtar via --rsh-command option","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-78","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10729.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"4.2"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/anaconda-core_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/anaconda-core_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/anaconda-core_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/anaconda-gui_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/anaconda-gui_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/anaconda-gui_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/anaconda-tui_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/anaconda-tui_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/anaconda-tui_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/anaconda-user-help_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/anaconda-user-help_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/anaconda-user-help_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/anaconda-widgets_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/anaconda-widgets_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/anaconda-widgets_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/anaconda_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/anaconda_security_api_results.json new file mode 100644 index 0000000..de41c58 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/anaconda_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2012-2314","severity":"low","public_date":"2012-05-04T00:00:00Z","advisories":[],"bugzilla":"819031","bugzilla_description":"CVE-2012-2314 anaconda: Weak permissions by writing password configuration file in bootloader configuration module","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":"CWE-732","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2314.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ant_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ant_security_api_results.json new file mode 100644 index 0000000..f717911 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ant_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2020-15250","severity":"low","public_date":"2020-10-12T00:00:00Z","advisories":[],"bugzilla":"1887810","bugzilla_description":"CVE-2020-15250 junit4: TemporaryFolder is shared between all users across system which could result in information disclosure","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15250.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"6.2"},{"CVE":"CVE-2020-12695","severity":"moderate","public_date":"2020-06-08T00:00:00Z","advisories":[],"bugzilla":"1846006","bugzilla_description":"CVE-2020-12695 hostapd: UPnP SUBSCRIBE misbehavior in WPS AP","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20->(CWE-400|CWE-918)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12695.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-1945","severity":"moderate","public_date":"2020-05-13T00:00:00Z","advisories":["RHSA-2020:2618"],"bugzilla":"1837444","bugzilla_description":"CVE-2020-1945 ant: insecure temporary file vulnerability","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-377","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1945.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"6.7"},{"CVE":"CVE-2019-10064","severity":"moderate","public_date":"2020-02-27T00:00:00Z","advisories":[],"bugzilla":"1811069","bugzilla_description":"CVE-2019-10064 hostapd: Not preventig the use of low quality PRNG in EAP mode leads to insufficient entropy","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-331","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10064.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-16275","severity":"moderate","public_date":"2019-09-11T00:00:00Z","advisories":[],"bugzilla":"1767023","bugzilla_description":"CVE-2019-16275 wpa_supplicant: AP mode PMF disconnection protection bypass","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16275.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2019-15133","severity":"low","public_date":"2019-08-17T00:00:00Z","advisories":[],"bugzilla":"1771309","bugzilla_description":"CVE-2019-15133 giflib: divide-by-zero exception in the decoder function DGifSlurp in dgif_lib.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-369","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15133.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.0"},{"CVE":"CVE-2019-13377","severity":"moderate","public_date":"2019-08-03T00:00:00Z","advisories":[],"bugzilla":"1737665","bugzilla_description":"CVE-2019-13377 wpa_supplicant: Timing-based side-channel attack against WPA3's Dragonfly handshake when using Brainpool curves","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13377.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2019-11555","severity":"moderate","public_date":"2019-04-18T00:00:00Z","advisories":[],"bugzilla":"1703417","bugzilla_description":"CVE-2019-11555 wpa_supplicant: NULL pointer dereference due to improper fragmentation reassembly state validation in EAP-pwd implementation","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11555.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.3"},{"CVE":"CVE-2019-9494","severity":"important","public_date":"2019-04-10T00:00:00Z","advisories":[],"bugzilla":"1699141","bugzilla_description":"CVE-2019-9494 wpa_supplicant: SAE Timing-based and Cache-based side-channel attack against WPA3's Dragonfly handshake","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-385","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9494.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-9495","severity":"important","public_date":"2019-04-10T00:00:00Z","advisories":[],"bugzilla":"1699149","bugzilla_description":"CVE-2019-9495 wpa_supplicant: EAP-pwd cache side-channel attack","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-203","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9495.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-9496","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":[],"bugzilla":"1699153","bugzilla_description":"CVE-2019-9496 hostapd: SAE confirm missing state validation in hostapd/AP","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-642","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9496.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2019-9497","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":[],"bugzilla":"1699164","bugzilla_description":"CVE-2019-9497 wpa_supplicant: EAP-pwd server not checking for reflection attack","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-287","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9497.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2019-9498","severity":"important","public_date":"2019-04-10T00:00:00Z","advisories":[],"bugzilla":"1699168","bugzilla_description":"CVE-2019-9498 wpa_supplicant: EAP-pwd server missing commit validation for scalar/element","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-345","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9498.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"6.8"},{"CVE":"CVE-2019-9499","severity":"important","public_date":"2019-04-10T00:00:00Z","advisories":[],"bugzilla":"1699170","bugzilla_description":"CVE-2019-9499 wpa_supplicant: EAP-pwd peer missing commit validation for scalar/element","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-345","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9499.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"6.8"},{"CVE":"CVE-2018-14526","severity":"moderate","public_date":"2018-08-08T00:00:00Z","advisories":["RHSA-2018:3107"],"bugzilla":"1614520","bugzilla_description":"CVE-2018-14526 wpa_supplicant: Unauthenticated EAPOL-Key decryption in wpa_supplicant","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":["wpa_supplicant-1:2.6-12.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14526.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H","cvss3_score":"8.3"},{"CVE":"CVE-2018-11489","severity":"low","public_date":"2018-05-23T00:00:00Z","advisories":[],"bugzilla":"1583399","bugzilla_description":"CVE-2018-11489 giflib: heap-based buffer overflow in DGifDecompressLine function in dgif_lib.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11489.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-11490","severity":"low","public_date":"2018-05-23T00:00:00Z","advisories":[],"bugzilla":"1583400","bugzilla_description":"CVE-2018-11490 giflib: heap-based buffer overflow in DGifDecompressLine function in dgif_lib.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11490.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-13077","severity":"important","public_date":"2017-10-16T00:00:00Z","advisories":["RHSA-2017:2911","RHSA-2017:2907"],"bugzilla":"1491692","bugzilla_description":"CVE-2017-13077 wpa_supplicant: Reinstallation of the pairwise key in the 4-way handshake","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-323","affected_packages":["wpa_supplicant-1:2.6-5.el7_4.1","wpa_supplicant-1:0.7.3-9.el6_9.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13077.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"8.1"},{"CVE":"CVE-2017-13078","severity":"important","public_date":"2017-10-16T00:00:00Z","advisories":["RHSA-2017:2911","RHSA-2017:2907"],"bugzilla":"1491693","bugzilla_description":"CVE-2017-13078 wpa_supplicant: Reinstallation of the group key in the 4-way handshake","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-323","affected_packages":["wpa_supplicant-1:2.6-5.el7_4.1","wpa_supplicant-1:0.7.3-9.el6_9.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13078.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"8.1"},{"CVE":"CVE-2017-13079","severity":"important","public_date":"2017-10-16T00:00:00Z","advisories":[],"bugzilla":"1491694","bugzilla_description":"CVE-2017-13079 wpa_supplicant: Reinstallation of the integrity group key in the 4-way handshake","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-323","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13079.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"8.1"},{"CVE":"CVE-2017-13080","severity":"important","public_date":"2017-10-16T00:00:00Z","advisories":["RHSA-2017:2911","RHSA-2017:2907"],"bugzilla":"1491696","bugzilla_description":"CVE-2017-13080 wpa_supplicant: Reinstallation of the group key in the group key handshake","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-323","affected_packages":["wpa_supplicant-1:2.6-5.el7_4.1","wpa_supplicant-1:0.7.3-9.el6_9.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13080.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"8.1"},{"CVE":"CVE-2017-13081","severity":"important","public_date":"2017-10-16T00:00:00Z","advisories":[],"bugzilla":"1491697","bugzilla_description":"CVE-2017-13081 wpa_supplicant: Reinstallation of the integrity group key in the group key handshake","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-323","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13081.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"8.1"},{"CVE":"CVE-2017-13082","severity":"important","public_date":"2017-10-16T00:00:00Z","advisories":["RHSA-2017:2907"],"bugzilla":"1491698","bugzilla_description":"CVE-2017-13082 wpa_supplicant: Accepting a retransmitted FT Reassociation Request and reinstalling the pairwise key while processing it","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-323","affected_packages":["wpa_supplicant-1:2.6-5.el7_4.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13082.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"8.1"},{"CVE":"CVE-2017-13084","severity":"low","public_date":"2017-10-16T00:00:00Z","advisories":[],"bugzilla":"1500301","bugzilla_description":"CVE-2017-13084 wpa_supplicant: reinstallation of the STK key in the PeerKey handshake","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-323","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13084.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"8.1"},{"CVE":"CVE-2017-13086","severity":"low","public_date":"2017-10-16T00:00:00Z","advisories":["RHSA-2017:2907"],"bugzilla":"1500302","bugzilla_description":"CVE-2017-13086 wpa_supplicant: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-323","affected_packages":["wpa_supplicant-1:2.6-5.el7_4.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13086.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"8.1"},{"CVE":"CVE-2017-13087","severity":"important","public_date":"2017-10-16T00:00:00Z","advisories":["RHSA-2017:2911","RHSA-2017:2907"],"bugzilla":"1500303","bugzilla_description":"CVE-2017-13087 wpa_supplicant: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-323","affected_packages":["wpa_supplicant-1:2.6-5.el7_4.1","wpa_supplicant-1:0.7.3-9.el6_9.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13087.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"8.1"},{"CVE":"CVE-2017-13088","severity":"important","public_date":"2017-10-16T00:00:00Z","advisories":["RHSA-2017:2907"],"bugzilla":"1500304","bugzilla_description":"CVE-2017-13088 wpa_supplicant: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-323","affected_packages":["wpa_supplicant-1:2.6-5.el7_4.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13088.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"8.1"},{"CVE":"CVE-2016-4476","severity":"low","public_date":"2016-05-02T00:00:00Z","advisories":[],"bugzilla":"1332422","bugzilla_description":"CVE-2016-4476 wpa_supplicant, hostapd: denial of service via crafted WPA/WPA2 passphrase parameter","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-88","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4476.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-4477","severity":"moderate","public_date":"2016-05-02T00:00:00Z","advisories":[],"bugzilla":"1332423","bugzilla_description":"CVE-2016-4477 wpa_supplicant: local configuration update allows privilege escalation","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-88","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4477.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2016-3977","severity":"low","public_date":"2016-04-04T00:00:00Z","advisories":[],"bugzilla":"1325771","bugzilla_description":"CVE-2016-3977 giflib: heap buffer overflow in gif2rgb","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3977.json"},{"CVE":"CVE-2016-3177","severity":"low","public_date":"2016-03-15T00:00:00Z","advisories":[],"bugzilla":"1314438","bugzilla_description":"CVE-2016-3177 giflib: Use-after-free in gifcolor utility","cvss_score":3.3,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3177.json"},{"CVE":"CVE-2016-10743","severity":"moderate","public_date":"2016-02-19T00:00:00Z","advisories":[],"bugzilla":"1811037","bugzilla_description":"CVE-2016-10743 hostapd: Not preventig the use of low quality PRNG leads to insufficient entropy","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-331","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10743.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","cvss3_score":"7.5"},{"CVE":"CVE-2015-7555","severity":"moderate","public_date":"2015-12-21T00:00:00Z","advisories":[],"bugzilla":"1290785","bugzilla_description":"CVE-2015-7555 giflib: Heap-based buffer overflow in giffix utility","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7555.json"},{"CVE":"CVE-2015-5310","severity":"low","public_date":"2015-11-10T00:00:00Z","advisories":[],"bugzilla":"1277857","bugzilla_description":"CVE-2015-5310 wpa_supplicant: unauthorized WNM Sleep Mode GTK control","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5310.json"},{"CVE":"CVE-2015-5316","severity":"low","public_date":"2015-11-10T00:00:00Z","advisories":[],"bugzilla":"1277865","bugzilla_description":"CVE-2015-5316 wpa_supplicant: EAP-pwd peer error path failure on unexpected Confirm message","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5316.json"},{"CVE":"CVE-2015-5315","severity":"low","public_date":"2015-11-10T00:00:00Z","advisories":[],"bugzilla":"1278377","bugzilla_description":"CVE-2015-5315 wpa_supplicant: EAP-pwd missing last fragment length validation","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5315.json"},{"CVE":"CVE-2015-8041","severity":"low","public_date":"2015-07-08T00:00:00Z","advisories":[],"bugzilla":"1241905","bugzilla_description":"CVE-2015-8041 hostapd and wpa_supplicant: Incomplete WPS and P2P NFC NDEF record payload length validation","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:N/A:P","CWE":"CWE-190->(CWE-125|CWE-835)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8041.json"},{"CVE":"CVE-2015-4143","severity":"low","public_date":"2015-05-04T00:00:00Z","advisories":[],"bugzilla":"1219449","bugzilla_description":"CVE-2015-4143 CVE-2015-4144 CVE-2015-4145 CVE-2015-4146 wpa_supplicant and hostapd: EAP-pwd missing payload length validation","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-20->CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4143.json"},{"CVE":"CVE-2015-4144","severity":"low","public_date":"2015-05-04T00:00:00Z","advisories":[],"bugzilla":"1219449","bugzilla_description":"CVE-2015-4143 CVE-2015-4144 CVE-2015-4145 CVE-2015-4146 wpa_supplicant and hostapd: EAP-pwd missing payload length validation","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-20->CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4144.json"},{"CVE":"CVE-2015-4145","severity":"low","public_date":"2015-05-04T00:00:00Z","advisories":[],"bugzilla":"1219449","bugzilla_description":"CVE-2015-4143 CVE-2015-4144 CVE-2015-4145 CVE-2015-4146 wpa_supplicant and hostapd: EAP-pwd missing payload length validation","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-20->CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4145.json"},{"CVE":"CVE-2015-4146","severity":"low","public_date":"2015-05-04T00:00:00Z","advisories":[],"bugzilla":"1219449","bugzilla_description":"CVE-2015-4143 CVE-2015-4144 CVE-2015-4145 CVE-2015-4146 wpa_supplicant and hostapd: EAP-pwd missing payload length validation","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-20->CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4146.json"},{"CVE":"CVE-2015-4141","severity":"low","public_date":"2015-05-04T00:00:00Z","advisories":[],"bugzilla":"1221172","bugzilla_description":"CVE-2015-4141 wpa_supplicant and hostapd: WPS UPnP vulnerability with HTTP chunked transfer encoding","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-190->(CWE-121|CWE-122)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4141.json"},{"CVE":"CVE-2015-4142","severity":"low","public_date":"2015-05-04T00:00:00Z","advisories":["RHSA-2015:1439","RHSA-2015:1090"],"bugzilla":"1221178","bugzilla_description":"CVE-2015-4142 wpa_supplicant and hostapd: integer underflow in AP mode WMM Action frame processing","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-190->CWE-125","affected_packages":["wpa_supplicant-1:0.7.3-6.el6","wpa_supplicant-1:2.0-17.ael7b_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4142.json"},{"CVE":"CVE-2015-1863","severity":"important","public_date":"2015-04-22T00:00:00Z","advisories":["RHSA-2015:1090"],"bugzilla":"1211191","bugzilla_description":"CVE-2015-1863 wpa_supplicant: P2P SSID processing vulnerability","cvss_score":6.8,"cvss_scoring_vector":"AV:A/AC:H/Au:N/C:C/I:C/A:C","CWE":"CWE-20->CWE-122","affected_packages":["wpa_supplicant-1:2.0-17.ael7b_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1863.json"},{"CVE":"CVE-2015-0210","severity":null,"public_date":"2015-01-28T00:00:00Z","advisories":[],"bugzilla":"1178921","bugzilla_description":"CVE-2015-0210 wpa_supplicant: broken certificate subject check","cvss_score":5.4,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:C/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0210.json"},{"CVE":"CVE-2014-3686","severity":"moderate","public_date":"2014-10-10T00:00:00Z","advisories":["RHSA-2014:1956"],"bugzilla":"1151259","bugzilla_description":"CVE-2014-3686 wpa_supplicant and hostapd: wpa_cli and hostapd_cli remote command execution issue","cvss_score":5.4,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-78","affected_packages":["wpa_supplicant-1:2.0-13.el7_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3686.json"},{"CVE":"CVE-2013-6433","severity":"low","public_date":"2014-05-29T00:00:00Z","advisories":["RHSA-2014:0516"],"bugzilla":"1039812","bugzilla_description":"CVE-2013-6433 openstack-quantum/openstack-neutron: rootwrap sudo config allows potential privilege escalation","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":["openstack-neutron-0:2013.2.3-7.el6ost"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6433.json"},{"CVE":"CVE-2014-4615","severity":"important","public_date":"2014-05-20T00:00:00Z","advisories":["RHSA-2014:1050"],"bugzilla":"1112945","bugzilla_description":"CVE-2014-4615 pycadf: token leak to message queue","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","CWE":"CWE-201","affected_packages":["openstack-ceilometer-0:2013.2.3-2.el6ost"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4615.json"},{"CVE":"CVE-2014-0056","severity":"moderate","public_date":"2014-03-28T00:00:00Z","advisories":["RHSA-2014:0516"],"bugzilla":"1063141","bugzilla_description":"CVE-2014-0056 openstack-neutron: insufficient authorization checks when creating ports","cvss_score":4.1,"cvss_scoring_vector":"AV:A/AC:L/Au:S/C:P/I:P/A:N","CWE":"CWE-285","affected_packages":["openstack-neutron-0:2013.2.3-7.el6ost"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0056.json"},{"CVE":"CVE-2013-4509","severity":"low","public_date":"2013-10-25T00:00:00Z","advisories":[],"bugzilla":"1027028","bugzilla_description":"CVE-2013-4509 ibus: visible password entry flaw","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4509.json"},{"CVE":"CVE-2012-5476","severity":"low","public_date":"2012-11-13T00:00:00Z","advisories":[],"bugzilla":"873524","bugzilla_description":"CVE-2012-5476 OpenStack: Quantum /etc/quantum/quantum.conf secret password and token exposure","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5476.json"},{"CVE":"CVE-2012-4445","severity":"moderate","public_date":"2012-10-08T00:00:00Z","advisories":[],"bugzilla":"859918","bugzilla_description":"CVE-2012-4445 hostapd, wpa_supplicant: DoS (abort) by processing certain fragmented EAP-TLS messages","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4445.json"},{"CVE":"CVE-2012-2098","severity":"low","public_date":"2012-05-23T00:00:00Z","advisories":[],"bugzilla":"810406","bugzilla_description":"CVE-2012-2098 apache-commons-compress: denial of service flaw when compressing certain files","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2098.json"},{"CVE":"CVE-2012-1096","severity":"low","public_date":"2012-02-29T00:00:00Z","advisories":[],"bugzilla":"769807","bugzilla_description":"CVE-2012-1096 NetworkManager, wpa_supplicant: Improper x509v3 certificate and key file paths sanitization","cvss_score":4.7,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:C/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1096.json"},{"CVE":"CVE-2008-2383","severity":"important","public_date":"2008-12-29T00:00:00Z","advisories":["RHSA-2009:0018","RHSA-2009:0019"],"bugzilla":"478888","bugzilla_description":"CVE-2008-2383 xterm: arbitrary command injection","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["hanterm-xf-1:2.0.5-5.AS21.2","xterm-0:215-5.el5_2.2","xterm-0:179-11.EL3","xterm-0:192-8.el4_7.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2383.json"},{"CVE":"CVE-2006-7246","severity":"moderate","public_date":"2006-05-10T00:00:00Z","advisories":[],"bugzilla":"756418","bugzilla_description":"CVE-2006-7246 NetworkManager, wpa_supplicant (WPA-Enterprise): Verify that the certificate is from trusted CA and matches the specified subject","cvss_score":4.0,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-7246.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/antlr-tool_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/antlr-tool_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/antlr-tool_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apache-commons-cli_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apache-commons-cli_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apache-commons-cli_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apache-commons-codec_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apache-commons-codec_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apache-commons-codec_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apache-commons-collections_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apache-commons-collections_security_api_results.json new file mode 100644 index 0000000..bed35cd --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apache-commons-collections_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2015-7501","severity":"critical","public_date":"2015-11-06T00:00:00Z","advisories":["RHSA-2016:1773","RHSA-2016:0040","RHSA-2015:2578","RHSA-2015:2534","RHSA-2015:2556","RHSA-2015:2557","RHSA-2015:2579","RHSA-2015:2535","RHSA-2015:2514","RHSA-2015:2536","RHSA-2015:2559","RHSA-2015:2537","RHSA-2015:2538","RHSA-2015:2516","RHSA-2015:2539","RHSA-2015:2517","RHSA-2015:2670","RHSA-2015:2671","RHSA-2020:4274","RHSA-2015:2521","RHSA-2015:2522","RHSA-2015:2500","RHSA-2015:2501","RHSA-2015:2523","RHSA-2015:2502","RHSA-2015:2524","RHSA-2015:2547","RHSA-2015:2548","RHSA-2015:2560","RHSA-2015:2540","RHSA-2015:2541","RHSA-2015:2542","RHSA-2016:0118"],"bugzilla":"1279330","bugzilla_description":"CVE-2015-7501 apache-commons-collections: InvokerTransformer code execution during deserialisation","cvss_score":7.5,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","CWE":"CWE-502->CWE-284","affected_packages":["jboss-ec2-eap-0:7.5.5-3.Final_redhat_3.ep6.el6","apache-commons-collections-0:3.2.1-22.el7_2","jakarta-commons-collections-0:3.2.1-3.5.el6_7","jenkins-0:1.651.2-1.el6op","rh-maven35-apache-commons-collections4-0:4.0-7.3.el7","rh-java-common-apache-commons-collections-0:3.2.1-21.13.el7","rh-java-common-apache-commons-collections-0:3.2.1-21.13.el6","jakarta-commons-collections-0:3.2.1-5.ep5.el4","jakarta-commons-collections-0:3.2.1-5.ep5.el5","jakarta-commons-collections-0:3.2.1-5.ep5.el6","apache-commons-collections-eap6-0:3.2.1-16.redhat_5.1.ep6.el7","apache-commons-collections-eap6-0:3.2.1-16.redhat_5.1.ep6.el5","jakarta-commons-collections-0:3.2-2jpp.4","apache-commons-collections-eap6-0:3.2.1-16.redhat_5.1.ep6.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7501.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apache-commons-daemon_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apache-commons-daemon_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apache-commons-daemon_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apache-commons-dbcp_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apache-commons-dbcp_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apache-commons-dbcp_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apache-commons-io_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apache-commons-io_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apache-commons-io_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apache-commons-lang_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apache-commons-lang_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apache-commons-lang_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apache-commons-logging_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apache-commons-logging_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apache-commons-logging_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apache-commons-pool_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apache-commons-pool_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apache-commons-pool_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/appstream-data_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/appstream-data_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/appstream-data_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apr-devel_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apr-devel_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apr-devel_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apr-util-devel_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apr-util-devel_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apr-util-devel_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apr-util-openssl_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apr-util-openssl_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apr-util-openssl_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apr-util_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apr-util_security_api_results.json new file mode 100644 index 0000000..e17a170 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apr-util_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2017-12618","severity":"moderate","public_date":"2017-10-23T00:00:00Z","advisories":[],"bugzilla":"1506532","bugzilla_description":"CVE-2017-12618 apr-util: Out-of-bounds access in corrupted SDBM database","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12618.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2016-6312","severity":"moderate","public_date":"2016-08-04T00:00:00Z","advisories":[],"bugzilla":"1364122","bugzilla_description":"CVE-2016-6312 apr-util, httpd: Billion laughs attack regression","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6312.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2016-4472","severity":"moderate","public_date":"2016-05-15T00:00:00Z","advisories":[],"bugzilla":"1344251","bugzilla_description":"CVE-2016-4472 expat: Undefined behavior and pointer overflows","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4472.json"},{"CVE":"CVE-2010-1623","severity":"moderate","public_date":"2010-10-01T00:00:00Z","advisories":["RHSA-2011:0896","RHSA-2010:0950","RHSA-2011:0897"],"bugzilla":"640281","bugzilla_description":"CVE-2010-1623 apr-util: high memory consumption in apr_brigade_split_line()","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["apr-util-0:1.3.9-3.el6_0.1","httpd22-0:2.2.17-14.ep5.el4","apr-util-0:0.9.4-22.el4_8.3","apr-util-0:1.2.7-11.el5_5.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1623.json"},{"CVE":"CVE-2009-0023","severity":"moderate","public_date":"2009-06-03T00:00:00Z","advisories":["RHSA-2010:0602","RHSA-2009:1108","RHSA-2009:1107","RHSA-2009:1160"],"bugzilla":"503928","bugzilla_description":"CVE-2009-0023 apr-util heap buffer underwrite","cvss_score":4.3,"cvss_scoring_vector":"AV:L/AC:L/Au:S/C:P/I:P/A:P","CWE":null,"affected_packages":["httpd22-0:2.2.10-23.1.ep5.el4","apr-util-0:1.2.7-7.el5_3.1","apr-util-0:0.9.4-22.el4_8.1","httpd-0:2.0.46-73.ent"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0023.json"},{"CVE":"CVE-2009-1955","severity":"moderate","public_date":"2009-06-01T00:00:00Z","advisories":["RHSA-2010:0602","RHSA-2009:1108","RHSA-2009:1107","RHSA-2009:1160"],"bugzilla":"504555","bugzilla_description":"CVE-2009-1955 apr-util billion laughs attack","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["httpd22-0:2.2.10-23.1.ep5.el4","apr-util-0:1.2.7-7.el5_3.1","apr-util-0:0.9.4-22.el4_8.1","httpd-0:2.0.46-73.ent"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1955.json"},{"CVE":"CVE-2009-1956","severity":"moderate","public_date":"2009-04-24T00:00:00Z","advisories":["RHSA-2010:0602","RHSA-2009:1108","RHSA-2009:1107"],"bugzilla":"504390","bugzilla_description":"CVE-2009-1956 apr-util single NULL byte buffer overflow","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["apr-util-0:1.2.7-7.el5_3.1","apr-util-0:0.9.4-22.el4_8.1","httpd-0:2.0.46-73.ent"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1956.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apr_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apr_security_api_results.json new file mode 100644 index 0000000..bd38de6 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/apr_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2020-14040","severity":"moderate","public_date":"2020-06-17T00:00:00Z","advisories":["RHSA-2020:3665","RHSA-2020:3369","RHSA-2020:3578","RHSA-2020:4214","RHSA-2020:3783","RHSA-2020:3087","RHSA-2020:3780","RHSA-2020:3372","RHSA-2020:3727"],"bugzilla":"1853652","bugzilla_description":"CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":["openshift3/ose-docker-registry:v3.11.286-1","servicemesh-grafana-0:6.4.3-13.el8","distributed-tracing/jaeger-query-rhel7:1.17.5-3","kiali-0:v1.12.10.redhat2-1.el7","ior-0:1.1.6-1.el8","openshift4/ose-cluster-version-operator:v4.5.0-202008280601.p0","distributed-tracing/jaeger-ingester-rhel7:1.17.5-3","distributed-tracing/jaeger-all-in-one-rhel7:1.17.5-3","distributed-tracing/jaeger-rhel7-operator:1.17.5-3","servicemesh-0:1.1.6-1.el8","servicemesh-cni-0:1.1.6-1.el8","servicemesh-prometheus-0:2.14.0-14.el8","openshift4/ose-cluster-network-operator:v4.4.0-202009120105.p0","openshift-service-mesh/3scale-istio-adapter-rhel8:1.0.0-8","distributed-tracing/jaeger-agent-rhel7:1.17.5-3","openshift4/ose-cluster-svcat-controller-manager-operator:v4.5.0-202008280221.p0","openshift4/ose-cluster-svcat-apiserver-operator:v4.5.0-202009112201.p0","distributed-tracing/jaeger-collector-rhel7:1.17.5-3","openshift4/ose-elasticsearch-operator:v4.5.0-202008310950.p0","servicemesh-operator-0:1.1.6-2.el8","go-toolset:rhel8-8020020200817154239.02f7cb7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14040.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-11100","severity":"critical","public_date":"2020-04-02T13:00:00Z","advisories":["RHSA-2020:1288","RHSA-2020:1287","RHSA-2020:1289","RHSA-2020:1936","RHSA-2020:1290"],"bugzilla":"1819111","bugzilla_description":"CVE-2020-11100 haproxy: malformed HTTP/2 requests can lead to out-of-bounds writes","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20->CWE-787","affected_packages":["haproxy-0:1.8.23-3.el7","rh-haproxy18-haproxy-0:1.8.17-1.el7.1","haproxy-0:2.0.13-3.el8","haproxy-0:1.8.15-5.el8_0.1","haproxy-0:1.8.15-6.el8_1.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11100.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-19330","severity":"moderate","public_date":"2019-11-25T00:00:00Z","advisories":["RHSA-2020:1287","RHSA-2020:2265","RHSA-2020:1936","RHSA-2020:1725"],"bugzilla":"1777584","bugzilla_description":"CVE-2019-19330 haproxy: HTTP/2 implementation vulnerable to intermediary encapsulation attacks","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["haproxy-0:1.8.23-3.el7","haproxy-0:1.8.23-3.el8","haproxy-0:2.0.13-3.el8","rh-haproxy18-haproxy-0:1.8.24-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19330.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N","cvss3_score":"5.9"},{"CVE":"CVE-2019-18277","severity":"moderate","public_date":"2019-09-13T00:00:00Z","advisories":["RHSA-2020:1287","RHSA-2020:2265","RHSA-2020:1936","RHSA-2020:1725"],"bugzilla":"1759697","bugzilla_description":"CVE-2019-18277 haproxy: HTTP request smuggling issue with transfer-encoding header containing an obfuscated \"chunked\" value","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-444","affected_packages":["haproxy-0:1.8.23-3.el7","haproxy-0:1.8.23-3.el8","haproxy-0:2.0.13-3.el8","rh-haproxy18-haproxy-0:1.8.24-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18277.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L","cvss3_score":"6.5"},{"CVE":"CVE-2019-14241","severity":"important","public_date":"2019-07-22T00:00:00Z","advisories":[],"bugzilla":"1733583","bugzilla_description":"CVE-2019-14241 haproxy: DoS via vectors realted to htx_manage_client_side_cookies in proto_htx.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14241.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-11323","severity":"moderate","public_date":"2019-04-14T00:00:00Z","advisories":[],"bugzilla":"1709229","bugzilla_description":"CVE-2019-11323 haproxy: weak HMAC keys used to TLS session resumption after reload with rotated keys","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11323.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.9"},{"CVE":"CVE-2018-20615","severity":"important","public_date":"2019-01-08T00:00:00Z","advisories":["RHSA-2019:0275","RHSA-2019:0547","RHSA-2019:0548","RHBA-2019:0326"],"bugzilla":"1663060","bugzilla_description":"CVE-2018-20615 haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["haproxy-0:1.8.17-3.el7","rh-haproxy18-haproxy-0:1.8.4-4.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20615.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-20102","severity":"moderate","public_date":"2018-12-12T00:00:00Z","advisories":["RHSA-2019:0547","RHSA-2019:1436","RHBA-2019:0326"],"bugzilla":"1658874","bugzilla_description":"CVE-2018-20102 haproxy: Out-of-bounds read in dns.c:dns_validate_dns_response() allows for memory disclosure","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["haproxy-0:1.8.17-3.el7","rh-haproxy18-haproxy-0:1.8.17-1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20102.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L","cvss3_score":"6.5"},{"CVE":"CVE-2018-20103","severity":"important","public_date":"2018-12-12T00:00:00Z","advisories":["RHSA-2019:1436","RHBA-2019:0326"],"bugzilla":"1658876","bugzilla_description":"CVE-2018-20103 haproxy: Infinite recursion via crafted packet allows stack exhaustion and denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["haproxy-0:1.8.17-3.el7","rh-haproxy18-haproxy-0:1.8.17-1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20103.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-14645","severity":"important","public_date":"2018-09-20T12:00:00Z","advisories":["RHSA-2018:2882","RHSA-2018:2709","RHBA-2019:0028"],"bugzilla":"1630048","bugzilla_description":"CVE-2018-14645 haproxy: Out-of-bounds read in HPACK decoder","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["rh-haproxy18-haproxy-0:1.8.4-3.el7","haproxy-0:1.8.14-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14645.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-11469","severity":"moderate","public_date":"2018-05-25T00:00:00Z","advisories":["RHSA-2019:1436"],"bugzilla":"1582635","bugzilla_description":"CVE-2018-11469 haproxy: Information disclosure in check_request_for_cacheability function in proto_http.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":["rh-haproxy18-haproxy-0:1.8.17-1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11469.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"7.5"},{"CVE":"CVE-2018-10184","severity":"important","public_date":"2018-04-19T00:00:00Z","advisories":["RHSA-2018:1372"],"bugzilla":"1569297","bugzilla_description":"CVE-2018-10184 haproxy: Heap buffer overflow in mux_h2.c:h2_process_demux() can allow attackers to cause a denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":["rh-haproxy18-haproxy-0:1.8.4-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10184.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H","cvss3_score":"8.6"},{"CVE":"CVE-2017-12613","severity":"important","public_date":"2017-10-23T00:00:00Z","advisories":["RHSA-2018:0316","RHSA-2017:3270","RHSA-2018:0465","RHSA-2017:3475","RHSA-2018:0466","RHSA-2018:1253","RHSA-2017:3476","RHSA-2017:3477"],"bugzilla":"1506523","bugzilla_description":"CVE-2017-12613 apr: Out-of-bounds array deref in apr_time_exp*() functions","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["apr-0:1.4.8-3.el7_3.1","apr-0:1.4.8-3.el7_2.1","apr-0:1.3.9-5.el6_6.1","apr-0:1.4.8-3.el7_4.1","apr-0:1.3.9-5.el6_7.1","apr-0:1.3.9-5.el6_5.1","httpd24-apr-0:1.5.1-1.el6.1","apr-0:1.3.9-5.el6_9.1","apr-0:1.3.9-5.el6_4.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12613.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"7.4"},{"CVE":"CVE-2017-12618","severity":"moderate","public_date":"2017-10-23T00:00:00Z","advisories":[],"bugzilla":"1506532","bugzilla_description":"CVE-2017-12618 apr-util: Out-of-bounds access in corrupted SDBM database","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12618.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2016-6312","severity":"moderate","public_date":"2016-08-04T00:00:00Z","advisories":[],"bugzilla":"1364122","bugzilla_description":"CVE-2016-6312 apr-util, httpd: Billion laughs attack regression","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6312.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2016-5360","severity":"moderate","public_date":"2016-06-09T00:00:00Z","advisories":[],"bugzilla":"1346181","bugzilla_description":"CVE-2016-5360 haproxy: denial of service via reqdeny","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5360.json"},{"CVE":"CVE-2016-4472","severity":"moderate","public_date":"2016-05-15T00:00:00Z","advisories":[],"bugzilla":"1344251","bugzilla_description":"CVE-2016-4472 expat: Undefined behavior and pointer overflows","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4472.json"},{"CVE":"CVE-2016-3711","severity":"low","public_date":"2016-03-17T00:00:00Z","advisories":["RHSA-2016:1064"],"bugzilla":"1322718","bugzilla_description":"CVE-2016-3711 haproxy: Setting cookie containing internal IP address of a pod","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3711.json"},{"CVE":"CVE-2015-3281","severity":"important","public_date":"2015-07-07T00:00:00Z","advisories":["RHSA-2015:1741","RHSA-2015:2666"],"bugzilla":"1239072","bugzilla_description":"CVE-2015-3281 haproxy: information leak in buffer_slow_realign()","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","CWE":"CWE-119","affected_packages":["haproxy-0:1.5.4-4.el7_1.1","haproxy-0:1.5.4-2.el6_7.1","haproxy15side-0:1.5.4-2.el6op"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3281.json"},{"CVE":"CVE-2013-0163","severity":"low","public_date":"2014-09-05T00:00:00Z","advisories":[],"bugzilla":"892909","bugzilla_description":"CVE-2013-0163 OpenShift haproxy cartridge: predictable /tmp in set-proxy connection hook","cvss_score":3.6,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:P/A:P","CWE":"CWE-377","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0163.json"},{"CVE":"CVE-2014-6269","severity":"moderate","public_date":"2014-08-05T00:00:00Z","advisories":["RHSA-2014:1292"],"bugzilla":"1136552","bugzilla_description":"CVE-2014-6269 haproxy: remote client denial of service vulnerability","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-400","affected_packages":["haproxy-0:1.5.2-3.el7_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6269.json"},{"CVE":"CVE-2013-2175","severity":"moderate","public_date":"2013-06-17T00:00:00Z","advisories":["RHSA-2013:1120","RHSA-2013:1204"],"bugzilla":"974259","bugzilla_description":"CVE-2013-2175 haproxy: http_get_hdr()/get_ip_from_hdr2() MAX_HDR_HISTORY handling denial of service","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["haproxy-0:1.4.22-5.el6_4","haproxy-0:1.4.22-6.el6op"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2175.json"},{"CVE":"CVE-2013-1912","severity":"moderate","public_date":"2013-04-02T00:00:00Z","advisories":["RHSA-2013:0729","RHSA-2013:0868"],"bugzilla":"947581","bugzilla_description":"CVE-2013-1912 haproxy: rewrite rules flaw can lead to arbitrary code execution","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["haproxy-0:1.4.22-5.el6op","haproxy-0:1.4.22-4.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1912.json"},{"CVE":"CVE-2013-0169","severity":"moderate","public_date":"2013-02-04T00:00:00Z","advisories":["RHSA-2013:0274","RHSA-2013:0273","RHSA-2013:0636","RHSA-2013:0823","RHSA-2013:0833","RHSA-2013:0855","RHSA-2013:0822","RHSA-2013:0587","RHSA-2013:0532","RHSA-2013:1456","RHSA-2014:0416","RHSA-2013:0782","RHSA-2013:0275","RHSA-2013:1455","RHSA-2013:0531","RHSA-2013:0783","RHSA-2013:1013"],"bugzilla":"907589","bugzilla_description":"CVE-2013-0169 SSL/TLS: CBC padding timing attack (lucky-13)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["rhev-hypervisor6-0:6.4-20130306.2.el6_4","java-1.7.0-ibm-1:1.7.0.4.2-1jpp.1.el6_4","openssl-0:1.0.0-27.el6_4.2","openssl-0:0.9.8e-26.el5_9.1","java-1.6.0-openjdk-1:1.6.0.0-1.56.1.11.8.el6_3","spice-client-msi-0:3.3-12","java-1.5.0-ibm-1:1.5.0.16.2-1jpp.1.el5_9","java-1.7.0-openjdk-1:1.7.0.9-2.3.7.1.el6_3","java-1.6.0-ibm-1:1.6.0.13.2-1jpp.1.el6_4","java-1.5.0-ibm-1:1.5.0.16.2-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.9-2.3.7.1.el5_9","java-1.6.0-sun-1:1.6.0.41-1jpp.1.el5_9","java-1.7.0-oracle-1:1.7.0.15-1jpp.1.el5_9","java-1.6.0-openjdk-1:1.6.0.0-1.35.1.11.8.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0169.json"},{"CVE":"CVE-2012-0840","severity":"moderate","public_date":"2012-01-05T00:00:00Z","advisories":[],"bugzilla":"781606","bugzilla_description":"CVE-2012-0840 apr: hash table collisions CPU usage DoS","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0840.json"},{"CVE":"CVE-2011-1928","severity":"low","public_date":"2011-05-19T00:00:00Z","advisories":["RHSA-2011:0844"],"bugzilla":"706203","bugzilla_description":"CVE-2011-1928 apr: DoS flaw in apr_fnmatch() due to fix for CVE-2011-0419","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["apr-0:1.3.9-3.el6_1.2","apr-0:0.9.4-26.el4","apr-0:1.2.7-11.el5_6.5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1928.json"},{"CVE":"CVE-2011-0419","severity":"moderate","public_date":"2011-05-10T00:00:00Z","advisories":["RHSA-2011:0896","RHSA-2011:0507","RHSA-2011:0897"],"bugzilla":"703390","bugzilla_description":"CVE-2011-0419 apr: unconstrained recursion in apr_fnmatch","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["apr-0:1.2.7-11.el5_6.4","apr-0:0.9.4-25.el4","apr-0:1.3.9-3.el6_0.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0419.json"},{"CVE":"CVE-2010-1623","severity":"moderate","public_date":"2010-10-01T00:00:00Z","advisories":["RHSA-2011:0896","RHSA-2010:0950","RHSA-2011:0897"],"bugzilla":"640281","bugzilla_description":"CVE-2010-1623 apr-util: high memory consumption in apr_brigade_split_line()","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["apr-util-0:1.3.9-3.el6_0.1","httpd22-0:2.2.17-14.ep5.el4","apr-util-0:0.9.4-22.el4_8.3","apr-util-0:1.2.7-11.el5_5.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1623.json"},{"CVE":"CVE-2009-0023","severity":"moderate","public_date":"2009-06-03T00:00:00Z","advisories":["RHSA-2010:0602","RHSA-2009:1108","RHSA-2009:1107","RHSA-2009:1160"],"bugzilla":"503928","bugzilla_description":"CVE-2009-0023 apr-util heap buffer underwrite","cvss_score":4.3,"cvss_scoring_vector":"AV:L/AC:L/Au:S/C:P/I:P/A:P","CWE":null,"affected_packages":["httpd22-0:2.2.10-23.1.ep5.el4","apr-util-0:1.2.7-7.el5_3.1","apr-util-0:0.9.4-22.el4_8.1","httpd-0:2.0.46-73.ent"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0023.json"},{"CVE":"CVE-2009-1955","severity":"moderate","public_date":"2009-06-01T00:00:00Z","advisories":["RHSA-2010:0602","RHSA-2009:1108","RHSA-2009:1107","RHSA-2009:1160"],"bugzilla":"504555","bugzilla_description":"CVE-2009-1955 apr-util billion laughs attack","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["httpd22-0:2.2.10-23.1.ep5.el4","apr-util-0:1.2.7-7.el5_3.1","apr-util-0:0.9.4-22.el4_8.1","httpd-0:2.0.46-73.ent"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1955.json"},{"CVE":"CVE-2009-1956","severity":"moderate","public_date":"2009-04-24T00:00:00Z","advisories":["RHSA-2010:0602","RHSA-2009:1108","RHSA-2009:1107"],"bugzilla":"504390","bugzilla_description":"CVE-2009-1956 apr-util single NULL byte buffer overflow","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["apr-util-0:1.2.7-7.el5_3.1","apr-util-0:0.9.4-22.el4_8.1","httpd-0:2.0.46-73.ent"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1956.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/args4j_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/args4j_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/args4j_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ark-libs_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ark-libs_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ark-libs_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ark_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ark_security_api_results.json new file mode 100644 index 0000000..f5bd8f0 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ark_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2020-26575","severity":"moderate","public_date":"2020-10-06T00:00:00Z","advisories":[],"bugzilla":"1886047","bugzilla_description":"CVE-2020-26575 wireshark: FBZERO dissector could enter an infinite loop","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26575.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-25862","severity":"moderate","public_date":"2020-09-23T00:00:00Z","advisories":[],"bugzilla":"1886041","bugzilla_description":"CVE-2020-25862 wireshark: TCP dissector crash (wnpa-sec-2020-12)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25862.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-25863","severity":"moderate","public_date":"2020-09-23T00:00:00Z","advisories":[],"bugzilla":"1886044","bugzilla_description":"CVE-2020-25863 wireshark: MIME multipart dissector crash (wnpa-sec-2020-11)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25863.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-25866","severity":"moderate","public_date":"2020-09-23T00:00:00Z","advisories":[],"bugzilla":"1886051","bugzilla_description":"CVE-2020-25866 wireshark: BLIP dissector crash (wnpa-sec-2020-13)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25866.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-26160","severity":"moderate","public_date":"2020-09-15T00:00:00Z","advisories":[],"bugzilla":"1883371","bugzilla_description":"CVE-2020-26160 jwt-go: access restriction bypass vulnerability","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-284","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26160.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"7.5"},{"CVE":"CVE-2020-24654","severity":"low","public_date":"2020-08-27T00:00:00Z","advisories":[],"bugzilla":"1880358","bugzilla_description":"CVE-2020-24654 ark: crafted TAR archive with symlinks can install files outside the extraction directory","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-59","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24654.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2020-17498","severity":"moderate","public_date":"2020-08-12T00:00:00Z","advisories":[],"bugzilla":"1868885","bugzilla_description":"CVE-2020-17498 wireshark: Kafka protocol dissector could crash (wnpa-sec-2020-10)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-17498.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-16845","severity":"moderate","public_date":"2020-08-06T00:00:00Z","advisories":["RHSA-2020:3665","RHSA-2020:4214","RHSA-2020:4201"],"bugzilla":"1867099","bugzilla_description":"CVE-2020-16845 golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":["container-native-virtualization/kubevirt-ssp-operator:v2.4.2-2","container-native-virtualization/virt-api:v2.4.2-1","go-toolset-1.13-golang-0:1.13.15-3.el7","go-toolset:rhel8-8020020200817154239.02f7cb7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-16845.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-24553","severity":"moderate","public_date":"2020-08-01T00:00:00Z","advisories":[],"bugzilla":"1874857","bugzilla_description":"CVE-2020-24553 golang: default Content-Type setting in net/http/cgi and net/http/fcgi could cause XSS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-79","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24553.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2020-16116","severity":"low","public_date":"2020-07-30T00:00:00Z","advisories":[],"bugzilla":"1862464","bugzilla_description":"CVE-2020-16116 ark: maliciously crafted archive can install files anywhere in the user's home directory","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-552","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-16116.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2020-15586","severity":"moderate","public_date":"2020-07-14T00:00:00Z","advisories":["RHSA-2020:3665","RHSA-2020:4214","RHSA-2020:4201"],"bugzilla":"1856953","bugzilla_description":"CVE-2020-15586 golang: data race in certain net/http servers including ReverseProxy can lead to DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":["container-native-virtualization/kubevirt-ssp-operator:v2.4.2-2","container-native-virtualization/virt-api:v2.4.2-1","go-toolset-1.13-golang-0:1.13.15-3.el7","go-toolset:rhel8-8020020200817154239.02f7cb7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15586.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2020-15466","severity":"moderate","public_date":"2020-07-05T00:00:00Z","advisories":[],"bugzilla":"1854882","bugzilla_description":"CVE-2020-15466 wireshark: GVCP dissector infinite loop","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15466.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-5238","severity":"moderate","public_date":"2020-07-01T00:00:00Z","advisories":[],"bugzilla":"1854328","bugzilla_description":"CVE-2020-5238 cmark: Exponential time to parse certain inputs could lead to DoS.","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-5238.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2020-9480","severity":"important","public_date":"2020-06-22T00:00:00Z","advisories":[],"bugzilla":"1887887","bugzilla_description":"CVE-2020-9480 apache-spark: RCE vulnerability in auth-enabled standalone master","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-287","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9480.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"9.8"},{"CVE":"CVE-2020-14040","severity":"moderate","public_date":"2020-06-17T00:00:00Z","advisories":["RHSA-2020:3665","RHSA-2020:3369","RHSA-2020:3578","RHSA-2020:4214","RHSA-2020:3783","RHSA-2020:3087","RHSA-2020:3780","RHSA-2020:3372","RHSA-2020:3727"],"bugzilla":"1853652","bugzilla_description":"CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":["openshift3/ose-docker-registry:v3.11.286-1","servicemesh-grafana-0:6.4.3-13.el8","distributed-tracing/jaeger-query-rhel7:1.17.5-3","kiali-0:v1.12.10.redhat2-1.el7","ior-0:1.1.6-1.el8","openshift4/ose-cluster-version-operator:v4.5.0-202008280601.p0","distributed-tracing/jaeger-ingester-rhel7:1.17.5-3","distributed-tracing/jaeger-all-in-one-rhel7:1.17.5-3","distributed-tracing/jaeger-rhel7-operator:1.17.5-3","servicemesh-0:1.1.6-1.el8","servicemesh-cni-0:1.1.6-1.el8","servicemesh-prometheus-0:2.14.0-14.el8","openshift4/ose-cluster-network-operator:v4.4.0-202009120105.p0","openshift-service-mesh/3scale-istio-adapter-rhel8:1.0.0-8","distributed-tracing/jaeger-agent-rhel7:1.17.5-3","openshift4/ose-cluster-svcat-controller-manager-operator:v4.5.0-202008280221.p0","openshift4/ose-cluster-svcat-apiserver-operator:v4.5.0-202009112201.p0","distributed-tracing/jaeger-collector-rhel7:1.17.5-3","openshift4/ose-elasticsearch-operator:v4.5.0-202008310950.p0","servicemesh-operator-0:1.1.6-2.el8","go-toolset:rhel8-8020020200817154239.02f7cb7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14040.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-13692","severity":"important","public_date":"2020-06-04T00:00:00Z","advisories":["RHSA-2020:3005","RHSA-2020:3248","RHSA-2020:3675","RHSA-2020:3285","RHSA-2020:3176","RHSA-2020:3286","RHSA-2020:3283","RHSA-2020:3284","RHSA-2020:3209","RHSA-2020:3678"],"bugzilla":"1852985","bugzilla_description":"CVE-2020-13692 postgresql-jdbc: XML external entity (XXE) vulnerability in PgSQLXML","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-611","affected_packages":["postgresql-jdbc-0:9.2.1002-8.el7_8","postgresql-jdbc-0:8.4.704-4.el6_10","postgresql-jdbc-0:42.2.3-3.el8_0","postgresql-jdbc-0:42.2.3-3.el8_1","postgresql-jdbc-0:42.2.3-3.el8_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13692.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H","cvss3_score":"7.7"},{"CVE":"CVE-2020-13164","severity":"moderate","public_date":"2020-04-02T00:00:00Z","advisories":[],"bugzilla":"1839874","bugzilla_description":"CVE-2020-13164 wireshark: NFS dissector crash (wnpa-sec-2020-08)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13164.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-11647","severity":"moderate","public_date":"2020-04-01T00:00:00Z","advisories":[],"bugzilla":"1824157","bugzilla_description":"CVE-2020-11647 wireshark: BACapp dissector crash (wnpa-sec-2020-07)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-121|CWE-674)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11647.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-9429","severity":"moderate","public_date":"2020-02-28T00:00:00Z","advisories":[],"bugzilla":"1828780","bugzilla_description":"CVE-2020-9429 wireshark: WireGuard dissector could crash due to NULL pointer dereference","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9429.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-9431","severity":"low","public_date":"2020-02-26T00:00:00Z","advisories":[],"bugzilla":"1814586","bugzilla_description":"CVE-2020-9431 wireshark: LTE RRC dissector memory leak could result in excessive memory resource consumption","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9431.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-9430","severity":"moderate","public_date":"2020-02-26T00:00:00Z","advisories":[],"bugzilla":"1814615","bugzilla_description":"CVE-2020-9430 wireshark: injecting a malformed packet may cause WiMax DLMAP dissector to crash due to out-of-bound read","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9430.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-9428","severity":"moderate","public_date":"2020-02-26T00:00:00Z","advisories":[],"bugzilla":"1814622","bugzilla_description":"CVE-2020-9428 wireshark: injecting a malformed packet may cause the EAP dissector to crash due to out-of-bounds read","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9428.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-9283","severity":"important","public_date":"2020-02-21T00:00:00Z","advisories":["RHSA-2020:3369","RHSA-2020:2412","RHSA-2020:3078","RHSA-2020:2793","RHSA-2020:2790","RHSA-2020:4264","RHSA-2020:2789","RHSA-2020:2878","RHSA-2020:2413","RHSA-2020:3414","RHBA-2020:3179","RHBA-2020:3180","RHSA-2020:3809","RHSA-2020:3372","RHSA-2020:3370"],"bugzilla":"1804533","bugzilla_description":"CVE-2020-9283 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-130","affected_packages":["openshift4/ose-cluster-policy-controller-rhel7:v4.3.40-202010141211.p0","openshift-clients-0:4.3.31-202007250052.p0.git.3329.59998b9.el8","openshift4/ose-oauth-proxy:v4.3.40-202010141211.p0","servicemesh-grafana-0:6.4.3-13.el8","kiali-0:v1.12.10.redhat2-1.el7","openshift4/ose-vertical-pod-autoscaler-rhel7:v4.5.0-202007012112.p0","openshift4/ose-installer:v4.3.40-202010141211.p0","openshift4/ose-cluster-capacity:v4.5.0-202007012112.p0","openshift4/ose-cloud-credential-operator:v4.4.0-202007060343.p0","servicemesh-cni-0:1.1.6-1.el8","openshift4/ose-cluster-config-operator:v4.3.40-202010141858.p0","openshift4/ose-console-operator:v4.3.40-202010141211.p0","openshift4/ose-operator-marketplace:v4.3.40-202010141211.p0","servicemesh-operator-0:1.1.6-2.el8","openshift-0:4.5.0-202007012112.p0.git.0.582d7fc.el7","openshift4/ose-cluster-autoscaler:v4.3.40-202010141211.p0","openshift4/ose-cluster-network-operator:v4.3.40-202010141211.p0","openshift4/ose-baremetal-rhel7-operator:v4.3.40-202010141211.p0","openshift4/ose-cluster-kube-descheduler-operator:v4.5.0-202007131801.p0","distributed-tracing/jaeger-query-rhel7:1.17.6-1","openshift4/ose-service-catalog:v4.3.40-202010141211.p0","distributed-tracing/jaeger-all-in-one-rhel7:1.17.6-1","distributed-tracing/jaeger-rhel7-operator:1.17.6-1","openshift4/ose-installer-artifacts:v4.3.40-202010141211.p0","openshift4/ose-kube-proxy:v4.3.40-202010141211.p0","openshift4/ose-azure-machine-controllers:v4.4.0-202006290400.p0","openshift4/ose-cluster-svcat-apiserver-operator:v4.3.40-202010141211.p0","openshift4/ose-baremetal-installer-rhel7:v4.3.40-202010141211.p0","openshift4/ose-azure-machine-controllers:v4.3.40-202010141211.p0","openshift4/ose-sdn-rhel7:v4.3.40-202010141211.p0","openshift4/ose-libvirt-machine-controllers:v4.3.40-202010141858.p0","openshift4/ose-cluster-svcat-controller-manager-operator:v4.3.40-202010141211.p0","openshift4/ose-baremetal-machine-controllers:v4.3.40-202010141211.p0","openshift4/ose-cluster-bootstrap:v4.3.40-202010141211.p0","openshift4/ose-service-ca-operator:v4.3.40-202010141211.p0","openshift4/ose-baremetal-rhel7-operator:v4.4.0-202006290400.p0","servicemesh-0:1.1.6-1.el8","servicemesh-prometheus-0:2.14.0-14.el8","openshift-service-mesh/3scale-istio-adapter-rhel8:1.0.0-8","distributed-tracing/jaeger-agent-rhel7:1.17.6-1","openshift4/ose-cluster-logging-operator:v4.5.0-202007012112.p0","openshift4/ose-cluster-authentication-operator:v4.3.40-202010141211.p0","openshift4/ose-pod:v4.3.31-202007272153.p0","openshift4/ose-descheduler:v4.4.0-202006290400.p0","openshift4/ose-local-storage-static-provisioner:v4.3.40-202010141211.p0","openshift4/ose-cluster-machine-approver:v4.4.0-202007171809.p0","openshift4/ose-descheduler:v4.5.0-202007101023.p0","openshift4/ose-cluster-machine-approver:v4.3.40-202010141858.p0","distributed-tracing/jaeger-ingester-rhel7:1.17.6-1","ior-0:1.1.6-1.el8","openshift4/ose-sriov-dp-admission-controller:v4.3.37-202009151447.p0","openshift4/ose-cluster-openshift-apiserver-operator:v4.3.40-202010141211.p0","openshift4/ose-cloud-credential-operator:v4.3.40-202010141211.p0","distributed-tracing/jaeger-collector-rhel7:1.17.6-1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9283.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-7044","severity":"moderate","public_date":"2020-01-15T00:00:00Z","advisories":[],"bugzilla":"1796459","bugzilla_description":"CVE-2020-7044 wireshark: WASSP dissector crash (wnpa-sec-2020-01)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7044.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-7045","severity":"moderate","public_date":"2020-01-15T00:00:00Z","advisories":[],"bugzilla":"1798671","bugzilla_description":"CVE-2020-7045 wireshark: invalid memory access in BT ATT dissector","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7045.json","cvss3_scoring_vector":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2019-16319","severity":"moderate","public_date":"2019-08-25T00:00:00Z","advisories":[],"bugzilla":"1775149","bugzilla_description":"CVE-2019-16319 wireshark: gryphon dissector infinite loop (wnpa-sec-2019-21)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16319.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2019-19553","severity":"moderate","public_date":"2019-08-02T00:00:00Z","advisories":[],"bugzilla":"1782988","bugzilla_description":"CVE-2019-19553 wireshark: CMS dissector crash (wnpa-sec-2019-22)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-456","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19553.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-13619","severity":"moderate","public_date":"2019-07-17T00:00:00Z","advisories":[],"bugzilla":"1731022","bugzilla_description":"CVE-2019-13619 wireshark: ASN.1 BER dissector crash (wnpa-sec-2019-20)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13619.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-12295","severity":"moderate","public_date":"2019-05-21T00:00:00Z","advisories":[],"bugzilla":"1831675","bugzilla_description":"CVE-2019-12295 wireshark: missing dissection recursion checks leads to denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-674","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12295.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-10901","severity":"moderate","public_date":"2019-03-19T00:00:00Z","advisories":[],"bugzilla":"1697938","bugzilla_description":"CVE-2019-10901 wireshark: LDSS dissector crash (wnpa-sec-2019-17)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10901.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2019-10902","severity":"moderate","public_date":"2019-03-19T00:00:00Z","advisories":[],"bugzilla":"1697942","bugzilla_description":"CVE-2019-10902 wireshark: TSDNS dissector crash (wnpa-sec-2019-16)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10902.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2019-10896","severity":"moderate","public_date":"2019-03-18T00:00:00Z","advisories":[],"bugzilla":"1697944","bugzilla_description":"CVE-2019-10896 wireshark: DOF dissector crash (wnpa-sec-2019-15)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10896.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2019-10894","severity":"moderate","public_date":"2019-03-18T00:00:00Z","advisories":[],"bugzilla":"1697947","bugzilla_description":"CVE-2019-10894 wireshark: GSS-API dissector crash (wnpa-sec-2019-14)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-617","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10894.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2019-10900","severity":"moderate","public_date":"2019-03-18T00:00:00Z","advisories":[],"bugzilla":"1697952","bugzilla_description":"CVE-2019-10900 wireshark: Rbm dissector infinite loop (wnpa-sec-2019-13)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10900.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2019-10898","severity":"moderate","public_date":"2019-03-10T00:00:00Z","advisories":[],"bugzilla":"1697955","bugzilla_description":"CVE-2019-10898 wireshark: GSUP dissector infinite loop (wnpa-sec-2019-18)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10898.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2019-10903","severity":"moderate","public_date":"2019-03-05T00:00:00Z","advisories":[],"bugzilla":"1697898","bugzilla_description":"CVE-2019-10903 wireshark: DCERPC SPOOLSS dissector crash (wnpa-sec-2019-18)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20->CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10903.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2019-10897","severity":"moderate","public_date":"2019-03-04T00:00:00Z","advisories":[],"bugzilla":"1697961","bugzilla_description":"CVE-2019-10897 wireshark: IEEE 802.11 dissector infinite loop (wnpa-sec-2019-11 )","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10897.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"4.5"},{"CVE":"CVE-2019-10899","severity":"moderate","public_date":"2019-03-01T00:00:00Z","advisories":[],"bugzilla":"1697979","bugzilla_description":"CVE-2019-10899 wireshark: SRVLOC dissector crash (wnpa-sec-2019-10)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10899.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2019-9214","severity":"moderate","public_date":"2019-02-27T00:00:00Z","advisories":[],"bugzilla":"1684115","bugzilla_description":"CVE-2019-9214 wireshark: null-deference read in RPCAP dissector","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9214.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-10895","severity":"moderate","public_date":"2019-02-13T00:00:00Z","advisories":[],"bugzilla":"1697982","bugzilla_description":"CVE-2019-10895 wireshark: NetScaler file parser crash (wnpa-sec-2019-09)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10895.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2019-9208","severity":"moderate","public_date":"2019-01-29T00:00:00Z","advisories":[],"bugzilla":"1685001","bugzilla_description":"CVE-2019-9208 wireshark: null-pointer dereference in TCAP dissector","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9208.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-9209","severity":"low","public_date":"2019-01-25T00:00:00Z","advisories":[],"bugzilla":"1685009","bugzilla_description":"CVE-2019-9209 wireshark: Stack-based off-by-one buffer overflow in dissect_ber_GeneralizedTime","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9209.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"7.3"},{"CVE":"CVE-2019-5721","severity":"moderate","public_date":"2019-01-08T00:00:00Z","advisories":[],"bugzilla":"1666277","bugzilla_description":"CVE-2019-5721 wireshark: use-after-free in ENIP dissector results in denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5721.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-5716","severity":"low","public_date":"2019-01-08T00:00:00Z","advisories":[],"bugzilla":"1667579","bugzilla_description":"CVE-2019-5716 wireshark: reachable assertion in fast_ensure_contiguous() from 6LoWPAN dissector","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-617","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5716.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2019-5717","severity":"low","public_date":"2019-01-08T00:00:00Z","advisories":[],"bugzilla":"1667581","bugzilla_description":"CVE-2019-5717 wireshark: P_MUL dissector crash in epan/dissectors/packet-p_mul.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5717.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2019-5718","severity":"low","public_date":"2019-01-08T00:00:00Z","advisories":[],"bugzilla":"1667586","bugzilla_description":"CVE-2019-5718 wireshark: out-of-bounds read in get_t61_string() in epan/charsets.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5718.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.5"},{"CVE":"CVE-2019-5719","severity":"low","public_date":"2019-01-08T00:00:00Z","advisories":[],"bugzilla":"1667592","bugzilla_description":"CVE-2019-5719 wireshark: ISAKMP dissector crash in epan/dissectors/packet-isakmp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5719.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-19622","severity":"low","public_date":"2018-11-27T00:00:00Z","advisories":["RHSA-2020:1047"],"bugzilla":"1655932","bugzilla_description":"CVE-2018-19622 wireshark: Infinite loop in the MMSE dissector","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":["wireshark-0:1.10.14-24.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19622.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-19623","severity":"moderate","public_date":"2018-11-27T00:00:00Z","advisories":[],"bugzilla":"1655933","bugzilla_description":"CVE-2018-19623 wireshark: Heap buffer overflow in packet-lbmpdm.c:dissect_segment_ofstable() allows denial of service or possibly arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19623.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-19624","severity":"low","public_date":"2018-11-27T00:00:00Z","advisories":[],"bugzilla":"1655934","bugzilla_description":"CVE-2018-19624 wireshark: NULL pointer dereference resulting in a PVFS dissector crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19624.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-19625","severity":"low","public_date":"2018-11-27T00:00:00Z","advisories":[],"bugzilla":"1655935","bugzilla_description":"CVE-2018-19625 wireshark: Heap-based buffer over-read in the dissection engine","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19625.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-19626","severity":"moderate","public_date":"2018-11-27T00:00:00Z","advisories":[],"bugzilla":"1655936","bugzilla_description":"CVE-2018-19626 wireshark: DCOM dissector crash resulting in information leak","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-456","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19626.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2018-19627","severity":"low","public_date":"2018-11-27T00:00:00Z","advisories":[],"bugzilla":"1655940","bugzilla_description":"CVE-2018-19627 wireshark: IxVeriWave parser crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19627.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.1"},{"CVE":"CVE-2018-19628","severity":"low","public_date":"2018-11-27T00:00:00Z","advisories":[],"bugzilla":"1655941","bugzilla_description":"CVE-2018-19628 wireshark: ZigBee ZCL dissector crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-369","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19628.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2018-18227","severity":"moderate","public_date":"2018-10-10T00:00:00Z","advisories":[],"bugzilla":"1642909","bugzilla_description":"CVE-2018-18227 wireshark: MS-WSP dissector crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18227.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-18226","severity":"moderate","public_date":"2018-10-10T00:00:00Z","advisories":[],"bugzilla":"1642910","bugzilla_description":"CVE-2018-18226 wireshark: Steam IHS Discovery dissector memory leak","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18226.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-18225","severity":"moderate","public_date":"2018-10-10T00:00:00Z","advisories":[],"bugzilla":"1642913","bugzilla_description":"CVE-2018-18225 wireshark: CoAP dissector crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18225.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-12086","severity":"moderate","public_date":"2018-10-10T00:00:00Z","advisories":[],"bugzilla":"1642915","bugzilla_description":"CVE-2018-12086 wireshark: OpcUa dissector crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12086.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-16058","severity":"moderate","public_date":"2018-08-29T00:00:00Z","advisories":[],"bugzilla":"1625921","bugzilla_description":"CVE-2018-16058 wireshark: Bluetooth AVDTP dissector crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16058.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-16056","severity":"moderate","public_date":"2018-08-29T00:00:00Z","advisories":[],"bugzilla":"1625922","bugzilla_description":"CVE-2018-16056 wireshark: Bluetooth Attribute Protocol dissector crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16056.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-16057","severity":"low","public_date":"2018-08-29T00:00:00Z","advisories":["RHSA-2020:1047"],"bugzilla":"1625925","bugzilla_description":"CVE-2018-16057 wireshark: Radiotap dissector crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["wireshark-0:1.10.14-24.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16057.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"3.7"},{"CVE":"CVE-2018-11770","severity":"moderate","public_date":"2018-08-14T00:00:00Z","advisories":[],"bugzilla":"1615652","bugzilla_description":"CVE-2018-11770 spark: Missing authentication allows users to run driver programs via the REST API","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-306","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11770.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2018-14342","severity":"moderate","public_date":"2018-07-18T00:00:00Z","advisories":[],"bugzilla":"1607321","bugzilla_description":"CVE-2018-14342 wireshark: BGP dissector large loop (wnpa-sec-2018-34)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14342.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-14344","severity":"moderate","public_date":"2018-07-18T00:00:00Z","advisories":[],"bugzilla":"1607322","bugzilla_description":"CVE-2018-14344 wireshark: ISMP dissector crash (wnpa-sec-2018-35)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14344.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-14340","severity":"moderate","public_date":"2018-07-18T00:00:00Z","advisories":["RHSA-2020:1047"],"bugzilla":"1607323","bugzilla_description":"CVE-2018-14340 wireshark: Multiple dissectors could crash (wnpa-sec-2018-36)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["wireshark-0:1.10.14-24.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14340.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-14343","severity":"moderate","public_date":"2018-07-18T00:00:00Z","advisories":[],"bugzilla":"1607324","bugzilla_description":"CVE-2018-14343 wireshark: ASN.1 BER and related dissectors crash (wnpa-sec-2018-37)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14343.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-14339","severity":"moderate","public_date":"2018-07-18T00:00:00Z","advisories":[],"bugzilla":"1607325","bugzilla_description":"CVE-2018-14339 wireshark: MMSE dissector infinite loop (wnpa-sec-2018-38)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14339.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-14341","severity":"moderate","public_date":"2018-07-18T00:00:00Z","advisories":["RHSA-2020:1047"],"bugzilla":"1607326","bugzilla_description":"CVE-2018-14341 wireshark: DICOM dissector infinite loop (wnpa-sec-2018-39)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":["wireshark-0:1.10.14-24.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14341.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-14368","severity":"moderate","public_date":"2018-07-18T00:00:00Z","advisories":["RHSA-2020:1047"],"bugzilla":"1607327","bugzilla_description":"CVE-2018-14368 wireshark: Bazaar dissector infinite loop (wnpa-sec-2018-40)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":["wireshark-0:1.10.14-24.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14368.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-14369","severity":"moderate","public_date":"2018-07-18T00:00:00Z","advisories":[],"bugzilla":"1607328","bugzilla_description":"CVE-2018-14369 wireshark: HTTP2 dissector infinite loop (wnpa-sec-2018-41)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14369.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-14367","severity":"moderate","public_date":"2018-07-18T00:00:00Z","advisories":[],"bugzilla":"1607329","bugzilla_description":"CVE-2018-14367 wireshark: CoAP dissector infinite loop (wnpa-sec-2018-42)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14367.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-14370","severity":"moderate","public_date":"2018-07-18T00:00:00Z","advisories":[],"bugzilla":"1607331","bugzilla_description":"CVE-2018-14370 wireshark: IEEE dissector infinite loop (wnpa-sec-2018-43)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14370.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-14438","severity":"moderate","public_date":"2018-06-28T00:00:00Z","advisories":[],"bugzilla":"1609948","bugzilla_description":"CVE-2018-14438 wireshark: Improper Access Control in create_app_running_mutex function in wsutil/file_util.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-284","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14438.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2018-11359","severity":"moderate","public_date":"2018-05-18T00:00:00Z","advisories":[],"bugzilla":"1581778","bugzilla_description":"CVE-2018-11359 wireshark: Out-of-bounds Read in proto.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11359.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.3"},{"CVE":"CVE-2018-11358","severity":"moderate","public_date":"2018-05-13T00:00:00Z","advisories":[],"bugzilla":"1581773","bugzilla_description":"CVE-2018-11358 wireshark: Use after free in packet-q931.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11358.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2018-11355","severity":"moderate","public_date":"2018-05-12T00:00:00Z","advisories":[],"bugzilla":"1581758","bugzilla_description":"CVE-2018-11355 wireshark: Heap-based Buffer Overflow in packet-rtcp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11355.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-11356","severity":"moderate","public_date":"2018-05-12T00:00:00Z","advisories":[],"bugzilla":"1581768","bugzilla_description":"CVE-2018-11356 wireshark: DNS dissector crash in packet-dns.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11356.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-11357","severity":"moderate","public_date":"2018-05-12T00:00:00Z","advisories":[],"bugzilla":"1581771","bugzilla_description":"CVE-2018-11357 wireshark: Uncontrolled Resource Consumption in epan/tvbuff.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11357.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-11360","severity":"moderate","public_date":"2018-05-12T00:00:00Z","advisories":[],"bugzilla":"1581781","bugzilla_description":"CVE-2018-11360 wireshark: Heap-based Buffer Overflow in packet-gsm_a_dtap.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11360.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2018-11361","severity":"moderate","public_date":"2018-05-12T00:00:00Z","advisories":[],"bugzilla":"1581782","bugzilla_description":"CVE-2018-11361 wireshark: Heap-based Buffer Overflow in dot11decrypt.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11361.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-11354","severity":"moderate","public_date":"2018-05-02T00:00:00Z","advisories":[],"bugzilla":"1581752","bugzilla_description":"CVE-2018-11354 wireshark: Out-of-bounds Read in packet-ieee1905.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11354.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-11362","severity":"moderate","public_date":"2018-04-24T00:00:00Z","advisories":["RHSA-2020:1047"],"bugzilla":"1581787","bugzilla_description":"CVE-2018-11362 wireshark: Out-of-bounds read in packet-ldss.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["wireshark-0:1.10.14-24.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11362.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-9263","severity":"low","public_date":"2018-03-28T00:00:00Z","advisories":[],"bugzilla":"1565749","bugzilla_description":"CVE-2018-9263 wireshark: Kerberos dissector crash in epan/dissectors/packet-kerberos.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-665","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9263.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-9257","severity":"low","public_date":"2018-03-14T00:00:00Z","advisories":[],"bugzilla":"1565683","bugzilla_description":"CVE-2018-9257 wireshark: infinite loop in the CQL dissector in epan/dissectors/packet-cql.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9257.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"4.3"},{"CVE":"CVE-2018-9159","severity":"moderate","public_date":"2018-03-06T00:00:00Z","advisories":["RHSA-2018:2020","RHSA-2018:2405"],"bugzilla":"1563732","bugzilla_description":"CVE-2018-9159 spark: Absolute and relative pathnames allow for unintended static file disclosure","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-22","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9159.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2018-9264","severity":"low","public_date":"2018-03-06T00:00:00Z","advisories":[],"bugzilla":"1565751","bugzilla_description":"CVE-2018-9264 wireshark: memory leak in ui/failure_message.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9264.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-9265","severity":"low","public_date":"2018-03-06T00:00:00Z","advisories":[],"bugzilla":"1565785","bugzilla_description":"CVE-2018-9265 wireshark: memory leak in epan/dissectors/packet-tn3270.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9265.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-9266","severity":"low","public_date":"2018-03-06T00:00:00Z","advisories":[],"bugzilla":"1565789","bugzilla_description":"CVE-2018-9266 wireshark: memory leak in epan/dissectors/packet-isup.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9266.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-9267","severity":"low","public_date":"2018-03-06T00:00:00Z","advisories":[],"bugzilla":"1565798","bugzilla_description":"CVE-2018-9267 wireshark: memory leak in epan/dissectors/packet-lapd.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9267.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-9268","severity":"low","public_date":"2018-03-06T00:00:00Z","advisories":[],"bugzilla":"1565812","bugzilla_description":"CVE-2018-9268 wireshark: memory leak in epan/dissectors/packet-smb2.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9268.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-9269","severity":"low","public_date":"2018-03-06T00:00:00Z","advisories":[],"bugzilla":"1565813","bugzilla_description":"CVE-2018-9269 wireshark: memory leak in epan/dissectors/packet-giop.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9269.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-9270","severity":"low","public_date":"2018-03-06T00:00:00Z","advisories":[],"bugzilla":"1565817","bugzilla_description":"CVE-2018-9270 wireshark: memory leak in epan/oids.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9270.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-9271","severity":"low","public_date":"2018-03-06T00:00:00Z","advisories":[],"bugzilla":"1565823","bugzilla_description":"CVE-2018-9271 wireshark: memory leak in epan/dissectors/packet-multipart.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9271.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-9272","severity":"low","public_date":"2018-03-06T00:00:00Z","advisories":[],"bugzilla":"1565825","bugzilla_description":"CVE-2018-9272 wireshark: memory leak in epan/dissectors/packet-h223.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9272.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-9273","severity":"low","public_date":"2018-03-06T00:00:00Z","advisories":[],"bugzilla":"1565832","bugzilla_description":"CVE-2018-9273 wireshark: memory leak in epan/dissectors/packet-pcp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9273.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-9274","severity":"low","public_date":"2018-03-06T00:00:00Z","advisories":[],"bugzilla":"1565833","bugzilla_description":"CVE-2018-9274 wireshark: memory leak in ui/failure_message.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9274.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-9256","severity":"low","public_date":"2018-03-02T00:00:00Z","advisories":[],"bugzilla":"1565674","bugzilla_description":"CVE-2018-9256 wireshark: stack overflow via crafted LWAPP Layer 3 Packet","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9256.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-9258","severity":"low","public_date":"2018-03-02T00:00:00Z","advisories":[],"bugzilla":"1565710","bugzilla_description":"CVE-2018-9258 wireshark: TCP dissector could crash in epan/dissectors/packet-tcp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-841","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9258.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-9260","severity":"low","public_date":"2018-03-02T00:00:00Z","advisories":[],"bugzilla":"1565731","bugzilla_description":"CVE-2018-9260 wireshark: IEEE 802.15.4 dissector crash in epan/dissectors/packet-ieee802154.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-665","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9260.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-9261","severity":"low","public_date":"2018-03-02T00:00:00Z","advisories":[],"bugzilla":"1565742","bugzilla_description":"CVE-2018-9261 wireshark: NBAP dissector crash in epan/dissectors/packet-nbap.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9261.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-9262","severity":"low","public_date":"2018-03-02T00:00:00Z","advisories":[],"bugzilla":"1565743","bugzilla_description":"CVE-2018-9262 wireshark: VLAN dissector crash in epan/dissectors/packet-vlan.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9262.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-7337","severity":"low","public_date":"2018-02-19T00:00:00Z","advisories":[],"bugzilla":"1549265","bugzilla_description":"CVE-2018-7337 wireshark: DOCSIS dissector crash in packet-docsis.c by injecting a malformed packet","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7337.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-7335","severity":"low","public_date":"2018-02-18T00:00:00Z","advisories":[],"bugzilla":"1549244","bugzilla_description":"CVE-2018-7335 wireshark: IEEE 802.11 dissector crash in airpdcap.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-130","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7335.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-7419","severity":"low","public_date":"2018-02-18T00:00:00Z","advisories":[],"bugzilla":"1549308","bugzilla_description":"CVE-2018-7419 wireshark: NBAP dissector crash in nbap.cnf","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-665","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7419.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-7417","severity":"low","public_date":"2018-02-11T00:00:00Z","advisories":[],"bugzilla":"1549301","bugzilla_description":"CVE-2018-7417 wireshark: IPMI dissector crash in packet-ipmi-picmg.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-170","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7417.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-7418","severity":"low","public_date":"2018-02-11T00:00:00Z","advisories":["RHSA-2020:1047"],"bugzilla":"1549305","bugzilla_description":"CVE-2018-7418 wireshark: SIGCOMP dissector crash in packet-sigcomp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["wireshark-0:1.10.14-24.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7418.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-7420","severity":"low","public_date":"2018-02-08T00:00:00Z","advisories":[],"bugzilla":"1549284","bugzilla_description":"CVE-2018-7420 wireshark: Pcapng file parser crash in pcapng.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-770","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7420.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-7320","severity":"low","public_date":"2018-02-06T00:00:00Z","advisories":[],"bugzilla":"1549277","bugzilla_description":"CVE-2018-7320 wireshark: Heap-based Buffer Overflow in SIGCOMP dissector crash in packet-sigcomp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7320.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-6836","severity":"low","public_date":"2018-02-05T00:00:00Z","advisories":[],"bugzilla":"1543582","bugzilla_description":"CVE-2018-6836 wireshark: free operation on an uninitialized memory address in wiretap/netmon.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6836.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-7336","severity":"low","public_date":"2018-01-30T00:00:00Z","advisories":[],"bugzilla":"1549270","bugzilla_description":"CVE-2018-7336 wireshark: FCP dissector crash in packet-fcp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7336.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-7334","severity":"low","public_date":"2018-01-13T00:00:00Z","advisories":[],"bugzilla":"1549255","bugzilla_description":"CVE-2018-7334 wireshark: out of bounds access in UMTS MAC dissector in packet-umts_mac.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7334.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-5334","severity":"moderate","public_date":"2018-01-11T00:00:00Z","advisories":[],"bugzilla":"1534361","bugzilla_description":"CVE-2018-5334 wireshark: IxVeriWave file parser crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5334.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-5335","severity":"moderate","public_date":"2018-01-11T00:00:00Z","advisories":[],"bugzilla":"1534364","bugzilla_description":"CVE-2018-5335 wireshark: WCP dissector crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5335.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-5336","severity":"moderate","public_date":"2018-01-11T00:00:00Z","advisories":[],"bugzilla":"1534374","bugzilla_description":"CVE-2018-5336 wireshark: Missing recursion limit in epan/tvbparse.c can cause multiple dissectors to crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5336.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-17997","severity":"moderate","public_date":"2017-12-29T00:00:00Z","advisories":[],"bugzilla":"1530893","bugzilla_description":"CVE-2017-17997 wireshark: Misuse of NULL pointer in MRDISC dissector","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17997.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-17935","severity":"low","public_date":"2017-12-27T00:00:00Z","advisories":[],"bugzilla":"1529592","bugzilla_description":"CVE-2017-17935 Wireshark: denial of service in the File_read_line function in epan/wslua/wslua_file.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17935.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"4.3"},{"CVE":"CVE-2017-17084","severity":"moderate","public_date":"2017-11-30T00:00:00Z","advisories":[],"bugzilla":"1524471","bugzilla_description":"CVE-2017-17084 wireshark: IWARP_MPA dissector crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17084.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-17083","severity":"moderate","public_date":"2017-11-30T00:00:00Z","advisories":[],"bugzilla":"1524474","bugzilla_description":"CVE-2017-17083 wireshark: NetBIOS dissector crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17083.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-17085","severity":"moderate","public_date":"2017-11-30T00:00:00Z","advisories":[],"bugzilla":"1524475","bugzilla_description":"CVE-2017-17085 wireshark: CIP Safety dissector crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17085.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-15189","severity":"moderate","public_date":"2017-10-10T00:00:00Z","advisories":[],"bugzilla":"1500762","bugzilla_description":"CVE-2017-15189 wireshark: DOCSIS infinite loop","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15189.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-15190","severity":"moderate","public_date":"2017-10-10T00:00:00Z","advisories":[],"bugzilla":"1500763","bugzilla_description":"CVE-2017-15190 wireshark: RTSP dissector crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15190.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-15191","severity":"moderate","public_date":"2017-10-10T00:00:00Z","advisories":[],"bugzilla":"1500765","bugzilla_description":"CVE-2017-15191 wireshark: DMP dissector crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15191.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-15192","severity":"moderate","public_date":"2017-10-10T00:00:00Z","advisories":[],"bugzilla":"1500767","bugzilla_description":"CVE-2017-15192 wireshark: BT ATT dissector crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15192.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-15193","severity":"moderate","public_date":"2017-10-10T00:00:00Z","advisories":[],"bugzilla":"1500768","bugzilla_description":"CVE-2017-15193 wireshark: MBIM dissector crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15193.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-13767","severity":"moderate","public_date":"2017-08-29T00:00:00Z","advisories":[],"bugzilla":"1486628","bugzilla_description":"CVE-2017-13767 wireshark: MSDP dissector infinite loop (wnpa-sec-2017-38)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13767.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-13766","severity":"moderate","public_date":"2017-08-29T00:00:00Z","advisories":[],"bugzilla":"1486629","bugzilla_description":"CVE-2017-13766 wireshark: Profinet I/O buffer overrun (wnpa-sec-2017-39)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13766.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-13764","severity":"moderate","public_date":"2017-08-29T00:00:00Z","advisories":[],"bugzilla":"1486630","bugzilla_description":"CVE-2017-13764 wireshark: Modbus dissector crash (wnpa-sec-2017-40)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13764.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-13765","severity":"moderate","public_date":"2017-08-29T00:00:00Z","advisories":[],"bugzilla":"1486631","bugzilla_description":"CVE-2017-13765 wireshark: IrCOMM dissector buffer overrun (wnpa-sec-2017-41)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13765.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-11408","severity":"moderate","public_date":"2017-07-18T00:00:00Z","advisories":[],"bugzilla":"1472766","bugzilla_description":"CVE-2017-11408 wireshark: AMQP dissector crash (wnpa-sec-2017-34)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11408.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-11407","severity":"moderate","public_date":"2017-07-18T00:00:00Z","advisories":[],"bugzilla":"1472767","bugzilla_description":"CVE-2017-11407 wireshark: MQ dissector crash (wnpa-sec-2017-35)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11407.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-11406","severity":"moderate","public_date":"2017-07-18T00:00:00Z","advisories":[],"bugzilla":"1472768","bugzilla_description":"CVE-2017-11406 wireshark: DOCSIS infinite loop (wnpa-sec-2017-36)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11406.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-11409","severity":"moderate","public_date":"2017-07-18T00:00:00Z","advisories":[],"bugzilla":"1472769","bugzilla_description":"CVE-2017-11409 wireshark: GPRS LLC dissector large loop. (wnpa-sec-2017-37)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11409.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-9766","severity":"low","public_date":"2017-06-19T00:00:00Z","advisories":[],"bugzilla":"1464051","bugzilla_description":"CVE-2017-9766 wireshark: PROFINET IO data with a high recursion depth can cause stack exhaustion","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9766.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-9617","severity":"low","public_date":"2017-06-13T00:00:00Z","advisories":[],"bugzilla":"1464050","bugzilla_description":"CVE-2017-9617 wireshark: Deeply nested DAAP data may cause stack exhaustion","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-674","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9617.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-9616","severity":"low","public_date":"2017-06-08T00:00:00Z","advisories":[],"bugzilla":"1464048","bugzilla_description":"CVE-2017-9616 wireshark: Overly deep mp4 chunks may cause stack exhaustion","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-674","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9616.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-9259","severity":"low","public_date":"2017-06-08T00:00:00Z","advisories":[],"bugzilla":"1565721","bugzilla_description":"CVE-2018-9259 wirehsark: MP4 dissector crash in epan/dissectors/file-mp4.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-674","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9259.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2017-9352","severity":"moderate","public_date":"2017-06-01T00:00:00Z","advisories":[],"bugzilla":"1458136","bugzilla_description":"CVE-2017-9352 wireshark: Bazaar dissector infinite loop (wnpa-sec-2017-22)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9352.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-9348","severity":"moderate","public_date":"2017-06-01T00:00:00Z","advisories":[],"bugzilla":"1458137","bugzilla_description":"CVE-2017-9348 wireshark: DOF dissector read overflow (wnpa-sec-2017-23)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9348.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-9351","severity":"moderate","public_date":"2017-06-01T00:00:00Z","advisories":[],"bugzilla":"1458138","bugzilla_description":"CVE-2017-9351 wireshark: DHCP dissector read overflow (wnpa-sec-2017-24)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9351.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-9346","severity":"moderate","public_date":"2017-06-01T00:00:00Z","advisories":[],"bugzilla":"1458139","bugzilla_description":"CVE-2017-9346 wireshark: SoulSeek dissector infinite loop (wnpa-sec-2017-25)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9346.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-9345","severity":"moderate","public_date":"2017-06-01T00:00:00Z","advisories":[],"bugzilla":"1458140","bugzilla_description":"CVE-2017-9345 wireshark: DNS dissector infinite loop (wnpa-sec-2017-26)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9345.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-9349","severity":"moderate","public_date":"2017-06-01T00:00:00Z","advisories":[],"bugzilla":"1458141","bugzilla_description":"CVE-2017-9349 wireshark: DICOM dissector infinite loop (wnpa-sec-2017-27)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9349.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-11411","severity":"moderate","public_date":"2017-06-01T00:00:00Z","advisories":[],"bugzilla":"1458142","bugzilla_description":"CVE-2017-9350 CVE-2017-11411 wireshark: openSAFETY dissector memory exhaustion (wnpa-sec-2017-28)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11411.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-9350","severity":"moderate","public_date":"2017-06-01T00:00:00Z","advisories":[],"bugzilla":"1458142","bugzilla_description":"CVE-2017-9350 CVE-2017-11411 wireshark: openSAFETY dissector memory exhaustion (wnpa-sec-2017-28)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9350.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-9344","severity":"moderate","public_date":"2017-06-01T00:00:00Z","advisories":[],"bugzilla":"1458143","bugzilla_description":"CVE-2017-9344 wireshark: BT L2CAP dissector divide by zero (wnpa-sec-2017-29)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9344.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-9343","severity":"moderate","public_date":"2017-06-01T00:00:00Z","advisories":[],"bugzilla":"1458144","bugzilla_description":"CVE-2017-9343 wireshark: MSNIP dissector crash (wnpa-sec-2017-30)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9343.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-9347","severity":"moderate","public_date":"2017-06-01T00:00:00Z","advisories":[],"bugzilla":"1458145","bugzilla_description":"CVE-2017-9347 wireshark: ROS dissector crash (wnpa-sec-2017-31)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9347.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-9354","severity":"moderate","public_date":"2017-06-01T00:00:00Z","advisories":[],"bugzilla":"1458147","bugzilla_description":"CVE-2017-9354 wireshark: RGMP dissector crash (wnpa-sec-2017-32)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9354.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-9353","severity":"moderate","public_date":"2017-06-01T00:00:00Z","advisories":[],"bugzilla":"1458148","bugzilla_description":"CVE-2017-9353 wireshark: IPv6 dissector crash (wnpa-sec-2017-33)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9353.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-7703","severity":"moderate","public_date":"2017-04-12T00:00:00Z","advisories":[],"bugzilla":"1441969","bugzilla_description":"CVE-2017-7703 wireshark: IMAP dissector crash (wnpa-sec-2017-12)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7703.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-11410","severity":"moderate","public_date":"2017-04-12T00:00:00Z","advisories":[],"bugzilla":"1441970","bugzilla_description":"CVE-2017-7702 CVE-2017-11410 wireshark: WBXML dissector infinite loop (wnpa-sec-2017-13)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11410.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-7702","severity":"moderate","public_date":"2017-04-12T00:00:00Z","advisories":[],"bugzilla":"1441970","bugzilla_description":"CVE-2017-7702 CVE-2017-11410 wireshark: WBXML dissector infinite loop (wnpa-sec-2017-13)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7702.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-7700","severity":"moderate","public_date":"2017-04-12T00:00:00Z","advisories":[],"bugzilla":"1441971","bugzilla_description":"CVE-2017-7700 wireshark: NetScaler file parser infinite loop (wnpa-sec-2017-14)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7700.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-7705","severity":"moderate","public_date":"2017-04-12T00:00:00Z","advisories":[],"bugzilla":"1441972","bugzilla_description":"CVE-2017-7705 wireshark: RPCoRDMA dissector infinite loop (wnpa-sec-2017-15)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7705.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-7701","severity":"moderate","public_date":"2017-04-12T00:00:00Z","advisories":[],"bugzilla":"1441973","bugzilla_description":"CVE-2017-7701 wireshark: BGP dissector infinite loop (wnpa-sec-2017-16)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7701.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-7704","severity":"moderate","public_date":"2017-04-12T00:00:00Z","advisories":[],"bugzilla":"1441975","bugzilla_description":"CVE-2017-7704 wireshark: DOF dissector infinite loop (wnpa-sec-2017-17)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7704.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-7747","severity":"moderate","public_date":"2017-04-12T00:00:00Z","advisories":[],"bugzilla":"1441976","bugzilla_description":"CVE-2017-7747 wireshark: PacketBB dissector crash (wnpa-sec-2017-18)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7747.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-7746","severity":"moderate","public_date":"2017-04-12T00:00:00Z","advisories":[],"bugzilla":"1441978","bugzilla_description":"CVE-2017-7746 wireshark: SLSK dissector long loop (wnpa-sec-2017-19)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7746.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-7745","severity":"moderate","public_date":"2017-04-12T00:00:00Z","advisories":[],"bugzilla":"1441979","bugzilla_description":"CVE-2017-7745 wireshark: SIGCOMP dissector infinite loop (wnpa-sec-2017-20)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7745.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-7748","severity":"moderate","public_date":"2017-04-12T00:00:00Z","advisories":[],"bugzilla":"1441980","bugzilla_description":"CVE-2017-7748 wireshark: WSP dissector infinite loop (wnpa-sec-2017-21)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7748.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-6469","severity":"moderate","public_date":"2017-03-03T00:00:00Z","advisories":[],"bugzilla":"1429579","bugzilla_description":"CVE-2017-6469 wireshark: LDSS dissector crash (wnpa-sec-2017-03)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6469.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-6472","severity":"moderate","public_date":"2017-03-03T00:00:00Z","advisories":[],"bugzilla":"1429580","bugzilla_description":"CVE-2017-6472 wireshark: RTMPT dissector infinite loop (wnpa-sec-2017-04)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6472.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-6471","severity":"moderate","public_date":"2017-03-03T00:00:00Z","advisories":[],"bugzilla":"1429581","bugzilla_description":"CVE-2017-6471 wireshark: WSP infinite loop (wnpa-sec-2017-05)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6471.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-6474","severity":"moderate","public_date":"2017-03-03T00:00:00Z","advisories":[],"bugzilla":"1429583","bugzilla_description":"CVE-2017-6474 wireshark: NetScaler file parser infinite loop (wnpa-sec-2017-07)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6474.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-6468","severity":"moderate","public_date":"2017-03-03T00:00:00Z","advisories":[],"bugzilla":"1429585","bugzilla_description":"CVE-2017-6468 wireshark: NetScaler file parser crash (wnpa-sec-2017-08)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6468.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-6473","severity":"moderate","public_date":"2017-03-03T00:00:00Z","advisories":[],"bugzilla":"1429586","bugzilla_description":"CVE-2017-6473 wireshark: K12 file parser crash (wnpa-sec-2017-09)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6473.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-6470","severity":"moderate","public_date":"2017-03-03T00:00:00Z","advisories":[],"bugzilla":"1429588","bugzilla_description":"CVE-2017-6470 wireshark: IAX2 infinite loop (wnpa-sec-2017-10)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6470.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-6467","severity":"moderate","public_date":"2017-03-03T00:00:00Z","advisories":[],"bugzilla":"1429589","bugzilla_description":"CVE-2017-6467 wireshark: Netscaler file parser infinite loop (wnpa-sec-2017-11)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6467.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-6014","severity":"low","public_date":"2017-02-16T00:00:00Z","advisories":[],"bugzilla":"1425375","bugzilla_description":"CVE-2017-6014 wireshark: Memory exhaustion/infinite loop via malformed STANAG 4607 capture file","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-835|CWE-400)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6014.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-5596","severity":"moderate","public_date":"2017-01-23T00:00:00Z","advisories":[],"bugzilla":"1415964","bugzilla_description":"CVE-2017-5596 wireshark: ASTERIX infinite loop (wnpa-sec-2017-01)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5596.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-5597","severity":"moderate","public_date":"2017-01-23T00:00:00Z","advisories":[],"bugzilla":"1415965","bugzilla_description":"CVE-2017-5597 wireshark: DHCPv6 large loop (wnpa-sec-2017-02)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5597.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-5330","severity":"moderate","public_date":"2017-01-10T00:00:00Z","advisories":[],"bugzilla":"1411819","bugzilla_description":"CVE-2017-5330 ark: Unintended execution of scripts and executable files","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5330.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2016-9372","severity":"moderate","public_date":"2016-11-16T00:00:00Z","advisories":[],"bugzilla":"1396409","bugzilla_description":"CVE-2016-9372 wireshark: Profinet I/O dissector long loop (wnpa-sec-2016-58)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9372.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-9374","severity":"moderate","public_date":"2016-11-16T00:00:00Z","advisories":[],"bugzilla":"1396410","bugzilla_description":"CVE-2016-9374 wireshark: AllJoyn crash (wnpa-sec-2016-59)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9374.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-9376","severity":"moderate","public_date":"2016-11-16T00:00:00Z","advisories":[],"bugzilla":"1396411","bugzilla_description":"CVE-2016-9376 wireshark: OpenFlow crash (wnpa-sec-2016-60)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9376.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-9373","severity":"moderate","public_date":"2016-11-16T00:00:00Z","advisories":[],"bugzilla":"1396413","bugzilla_description":"CVE-2016-9373 wireshark: DCERPC crash (wnpa-sec-2016-61)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9373.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-9375","severity":"moderate","public_date":"2016-11-16T00:00:00Z","advisories":[],"bugzilla":"1396415","bugzilla_description":"CVE-2016-9375 wireshark: DTN infinite loop (wnpa-sec-2016-62)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9375.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-7957","severity":"moderate","public_date":"2016-10-04T00:00:00Z","advisories":[],"bugzilla":"1381837","bugzilla_description":"CVE-2016-7957 wireshark: Bluetooth L2CAP dissector crash","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7957.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-7958","severity":"moderate","public_date":"2016-10-04T00:00:00Z","advisories":[],"bugzilla":"1381838","bugzilla_description":"CVE-2016-7958 wireshark: NCP dissector crash","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7958.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-7175","severity":"moderate","public_date":"2016-09-08T00:00:00Z","advisories":[],"bugzilla":"1375109","bugzilla_description":"CVE-2016-7175 wireshark: QNX6 QNET dissector crash","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7175.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-7176","severity":"moderate","public_date":"2016-09-08T00:00:00Z","advisories":[],"bugzilla":"1375112","bugzilla_description":"CVE-2016-7176 wireshark: H.225 dissector crash","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7176.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-7177","severity":"moderate","public_date":"2016-09-08T00:00:00Z","advisories":[],"bugzilla":"1375115","bugzilla_description":"CVE-2016-7177 wireshark: Catapult DCT2000 dissector crash","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7177.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-7178","severity":"moderate","public_date":"2016-09-08T00:00:00Z","advisories":[],"bugzilla":"1375116","bugzilla_description":"CVE-2016-7178 wireshark: UMTS FP dissector crash","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7178.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-7179","severity":"moderate","public_date":"2016-09-08T00:00:00Z","advisories":[],"bugzilla":"1375118","bugzilla_description":"CVE-2016-7179 wireshark: Catapult DCT2000 dissector crash","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7179.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-7180","severity":"moderate","public_date":"2016-09-08T00:00:00Z","advisories":[],"bugzilla":"1375119","bugzilla_description":"CVE-2016-7180 wireshark: IPMI Trace dissector crash","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7180.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-6505","severity":"moderate","public_date":"2016-07-27T00:00:00Z","advisories":[],"bugzilla":"1361135","bugzilla_description":"CVE-2016-6505 wireshark: PacketBB crash (wnpa-sec-2016-41)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6505.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-6506","severity":"moderate","public_date":"2016-07-27T00:00:00Z","advisories":[],"bugzilla":"1361137","bugzilla_description":"CVE-2016-6506 wireshark: WSP infinite loop (wnpa-sec-2016-42)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6506.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-6507","severity":"moderate","public_date":"2016-07-27T00:00:00Z","advisories":[],"bugzilla":"1361138","bugzilla_description":"CVE-2016-6507 wireshark: MMSE infinite loop (wnpa-sec-2016-43)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6507.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-6508","severity":"moderate","public_date":"2016-07-27T00:00:00Z","advisories":[],"bugzilla":"1361139","bugzilla_description":"CVE-2016-6508 wireshark: RLC long loop (wnpa-sec-2016-44)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6508.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-6509","severity":"moderate","public_date":"2016-07-27T00:00:00Z","advisories":[],"bugzilla":"1361140","bugzilla_description":"CVE-2016-6509 wireshark: LDSS dissector crash (wnpa-sec-2016-45)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6509.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-6510","severity":"moderate","public_date":"2016-07-27T00:00:00Z","advisories":[],"bugzilla":"1361141","bugzilla_description":"CVE-2016-6510 wireshark: RLC dissector crash (wnpa-sec-2016-46)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6510.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-6511","severity":"moderate","public_date":"2016-07-27T00:00:00Z","advisories":[],"bugzilla":"1361142","bugzilla_description":"CVE-2016-6511 wireshark: OpenFlow long loop (wnpa-sec-2016-47)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6511.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-6512","severity":"moderate","public_date":"2016-07-27T00:00:00Z","advisories":[],"bugzilla":"1361143","bugzilla_description":"CVE-2016-6512 wireshark: MMSE, WAP, WBXML, and WSP infinite loop. (wnpa-sec-2016-48)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6512.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-6513","severity":"moderate","public_date":"2016-07-27T00:00:00Z","advisories":[],"bugzilla":"1361144","bugzilla_description":"CVE-2016-6513 wireshark: WBXML crash (wnpa-sec-2016-49)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6513.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-5350","severity":"moderate","public_date":"2016-06-07T00:00:00Z","advisories":[],"bugzilla":"1343963","bugzilla_description":"CVE-2016-5350 wireshark: SPOOLS infinite loop (wnpa-sec-2016-29)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5350.json"},{"CVE":"CVE-2016-5351","severity":"moderate","public_date":"2016-06-07T00:00:00Z","advisories":[],"bugzilla":"1343964","bugzilla_description":"CVE-2016-5351 wireshark: IEEE 802.11 dissector crash (wnpa-sec-2016-30)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5351.json"},{"CVE":"CVE-2016-5352","severity":"moderate","public_date":"2016-06-07T00:00:00Z","advisories":[],"bugzilla":"1343965","bugzilla_description":"CVE-2016-5352 wireshark: IEEE 802.11 dissector crash (wnpa-sec-2016-31)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5352.json"},{"CVE":"CVE-2016-5353","severity":"moderate","public_date":"2016-06-07T00:00:00Z","advisories":[],"bugzilla":"1343966","bugzilla_description":"CVE-2016-5353 wireshark: UMTS FP crash (wnpa-sec-2016-32)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5353.json"},{"CVE":"CVE-2016-5354","severity":"moderate","public_date":"2016-06-07T00:00:00Z","advisories":[],"bugzilla":"1343967","bugzilla_description":"CVE-2016-5354 wireshark: USB dissector crash (wnpa-sec-2016-33)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5354.json"},{"CVE":"CVE-2016-5355","severity":"moderate","public_date":"2016-06-07T00:00:00Z","advisories":[],"bugzilla":"1343968","bugzilla_description":"CVE-2016-5355 wireshark: Toshiba file parser crash (wnpa-sec-2016-34)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5355.json"},{"CVE":"CVE-2016-5356","severity":"moderate","public_date":"2016-06-07T00:00:00Z","advisories":[],"bugzilla":"1343969","bugzilla_description":"CVE-2016-5356 wireshark: CoSine file parser crash (wnpa-sec-2016-35)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5356.json"},{"CVE":"CVE-2016-5357","severity":"moderate","public_date":"2016-06-07T00:00:00Z","advisories":[],"bugzilla":"1343970","bugzilla_description":"CVE-2016-5357 wireshark: NetScreen file parser crash (wnpa-sec-2016-36)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5357.json"},{"CVE":"CVE-2016-5358","severity":"moderate","public_date":"2016-06-07T00:00:00Z","advisories":[],"bugzilla":"1343971","bugzilla_description":"CVE-2016-5358 wireshark: Ethernet dissector crash (wnpa-sec-2016-37)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5358.json"},{"CVE":"CVE-2016-5359","severity":"moderate","public_date":"2016-06-07T00:00:00Z","advisories":[],"bugzilla":"1343972","bugzilla_description":"CVE-2016-5359 wireshark: WBXML infinite loop (wnpa-sec-2016-38)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5359.json"},{"CVE":"CVE-2016-4076","severity":"moderate","public_date":"2016-04-22T00:00:00Z","advisories":[],"bugzilla":"1330066","bugzilla_description":"CVE-2016-4076 wireshark: NCP dissector crash (wnpa-sec-2016-19)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4076.json"},{"CVE":"CVE-2016-4077","severity":"moderate","public_date":"2016-04-22T00:00:00Z","advisories":[],"bugzilla":"1330067","bugzilla_description":"CVE-2016-4077 wireshark: TShark reassembly crash (wnpa-sec-2016-20)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4077.json"},{"CVE":"CVE-2016-4078","severity":"moderate","public_date":"2016-04-22T00:00:00Z","advisories":[],"bugzilla":"1330068","bugzilla_description":"CVE-2016-4078 wireshark: IEEE 802.11 dissector crash (wnpa-sec-2016-21)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4078.json"},{"CVE":"CVE-2016-4079","severity":"moderate","public_date":"2016-04-22T00:00:00Z","advisories":[],"bugzilla":"1330069","bugzilla_description":"CVE-2016-4079 wireshark: PKTC dissector crash (wnpa-sec-2016-22)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4079.json"},{"CVE":"CVE-2016-4080","severity":"moderate","public_date":"2016-04-22T00:00:00Z","advisories":[],"bugzilla":"1330070","bugzilla_description":"CVE-2016-4080 wireshark: PKTC dissector crash (wnpa-sec-2016-23)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4080.json"},{"CVE":"CVE-2016-4081","severity":"moderate","public_date":"2016-04-22T00:00:00Z","advisories":[],"bugzilla":"1330071","bugzilla_description":"CVE-2016-4081 wireshark: IAX2 infinite loop (wnpa-sec-2016-24)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4081.json"},{"CVE":"CVE-2016-4006","severity":"moderate","public_date":"2016-04-22T00:00:00Z","advisories":[],"bugzilla":"1330073","bugzilla_description":"CVE-2016-4006 wireshark: Wireshark and TShark crash (wnpa-sec-2016-25)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4006.json"},{"CVE":"CVE-2016-4082","severity":"moderate","public_date":"2016-04-22T00:00:00Z","advisories":[],"bugzilla":"1330075","bugzilla_description":"CVE-2016-4082 wireshark: GSM CBCH dissector crash (wnpa-sec-2016-26)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4082.json"},{"CVE":"CVE-2016-4083","severity":"moderate","public_date":"2016-04-22T00:00:00Z","advisories":[],"bugzilla":"1330076","bugzilla_description":"CVE-2016-4083 CVE-2016-4084 wireshark: MS-WSP dissector crash (wnpa-sec-2016-27)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4083.json"},{"CVE":"CVE-2016-4084","severity":"moderate","public_date":"2016-04-22T00:00:00Z","advisories":[],"bugzilla":"1330076","bugzilla_description":"CVE-2016-4083 CVE-2016-4084 wireshark: MS-WSP dissector crash (wnpa-sec-2016-27)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4084.json"},{"CVE":"CVE-2016-4085","severity":"moderate","public_date":"2016-04-22T00:00:00Z","advisories":[],"bugzilla":"1330077","bugzilla_description":"CVE-2016-4085 wireshark: NCP dissector crash (wnpa-sec-2016-28)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4085.json"},{"CVE":"CVE-2016-2521","severity":"moderate","public_date":"2016-02-26T00:00:00Z","advisories":[],"bugzilla":"1312776","bugzilla_description":"CVE-2016-2521 wireshark: DLL hijacking vulnerability (wnpa-sec-2016-01)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2521.json"},{"CVE":"CVE-2016-2522","severity":"moderate","public_date":"2016-02-26T00:00:00Z","advisories":[],"bugzilla":"1312777","bugzilla_description":"CVE-2016-2522 wireshark: ASN.1 BER dissector crash (wnpa-sec-2016-02)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2522.json"},{"CVE":"CVE-2016-2523","severity":"moderate","public_date":"2016-02-26T00:00:00Z","advisories":[],"bugzilla":"1312779","bugzilla_description":"CVE-2016-2523 wireshark: DNP3 dissector infinite loop (wnpa-sec-2016-03)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2523.json"},{"CVE":"CVE-2016-2524","severity":"moderate","public_date":"2016-02-26T00:00:00Z","advisories":[],"bugzilla":"1312780","bugzilla_description":"CVE-2016-2524 wireshark: X.509AF crash (wnpa-sec-2016-04)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2524.json"},{"CVE":"CVE-2016-2525","severity":"moderate","public_date":"2016-02-26T00:00:00Z","advisories":[],"bugzilla":"1312781","bugzilla_description":"CVE-2016-2525 wireshark: HTTP/2 dissector crash (wnpa-sec-2016-05)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2525.json"},{"CVE":"CVE-2016-2526","severity":"moderate","public_date":"2016-02-26T00:00:00Z","advisories":[],"bugzilla":"1312783","bugzilla_description":"CVE-2016-2526 wireshark: HiQnet dissector crash (wnpa-sec-2016-06)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2526.json"},{"CVE":"CVE-2016-2527","severity":"moderate","public_date":"2016-02-26T00:00:00Z","advisories":[],"bugzilla":"1312784","bugzilla_description":"CVE-2016-2527 wireshark: 3GPP TS 32.423 Trace file parser crash (wnpa-sec-2016-07)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2527.json"},{"CVE":"CVE-2016-2528","severity":"moderate","public_date":"2016-02-26T00:00:00Z","advisories":[],"bugzilla":"1312785","bugzilla_description":"CVE-2016-2528 wireshark: LBMC dissector crash (wnpa-sec-2016-08)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2528.json"},{"CVE":"CVE-2016-2529","severity":"moderate","public_date":"2016-02-26T00:00:00Z","advisories":[],"bugzilla":"1312787","bugzilla_description":"CVE-2016-2529 wireshark: iSeries file parser crash (wnpa-sec-2016-09)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2529.json"},{"CVE":"CVE-2016-2530","severity":"moderate","public_date":"2016-02-26T00:00:00Z","advisories":[],"bugzilla":"1312790","bugzilla_description":"CVE-2016-2530 CVE-2016-2531 wireshark: RSL dissector crash (wnpa-sec-2016-10)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2530.json"},{"CVE":"CVE-2016-2531","severity":"moderate","public_date":"2016-02-26T00:00:00Z","advisories":[],"bugzilla":"1312790","bugzilla_description":"CVE-2016-2530 CVE-2016-2531 wireshark: RSL dissector crash (wnpa-sec-2016-10)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2531.json"},{"CVE":"CVE-2016-2532","severity":"moderate","public_date":"2016-02-26T00:00:00Z","advisories":[],"bugzilla":"1312792","bugzilla_description":"CVE-2016-2532 wireshark: LLRP dissector crash (wnpa-sec-2016-11)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2532.json"},{"CVE":"CVE-2016-4415","severity":"moderate","public_date":"2016-02-26T00:00:00Z","advisories":[],"bugzilla":"1312795","bugzilla_description":"CVE-2016-4415 wireshark: Ixia IxVeriWave file parser crash (wnpa-sec-2016-12)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4415.json"},{"CVE":"CVE-2016-4416","severity":"moderate","public_date":"2016-02-26T00:00:00Z","advisories":[],"bugzilla":"1312796","bugzilla_description":"CVE-2016-4416 wireshark: IEEE 802.11 dissector crash (wnpa-sec-2016-13)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4416.json"},{"CVE":"CVE-2016-4417","severity":"moderate","public_date":"2016-02-26T00:00:00Z","advisories":[],"bugzilla":"1312797","bugzilla_description":"CVE-2016-4417 wireshark: GSM A-bis OML dissector crash (wnpa-sec-2016-14)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4417.json"},{"CVE":"CVE-2016-4418","severity":"moderate","public_date":"2016-02-26T00:00:00Z","advisories":[],"bugzilla":"1312798","bugzilla_description":"CVE-2016-4418 wireshark: ASN.1 BER dissector crash (wnpa-sec-2016-15)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4418.json"},{"CVE":"CVE-2016-4419","severity":"moderate","public_date":"2016-02-26T00:00:00Z","advisories":[],"bugzilla":"1312799","bugzilla_description":"CVE-2016-4419 wireshark: SPICE dissector large loop (wnpa-sec-2016-16)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4419.json"},{"CVE":"CVE-2016-4420","severity":"moderate","public_date":"2016-02-26T00:00:00Z","advisories":[],"bugzilla":"1312800","bugzilla_description":"CVE-2016-4420 wireshark: NFS dissector crash (wnpa-sec-2016-17)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4420.json"},{"CVE":"CVE-2016-4421","severity":"moderate","public_date":"2016-02-26T00:00:00Z","advisories":[],"bugzilla":"1312801","bugzilla_description":"CVE-2016-4421 wireshark: ASN.1 BER dissector crash. (wnpa-sec-2016-18)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4421.json"},{"CVE":"CVE-2015-8711","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296054","bugzilla_description":"CVE-2015-8711 wireshark: NBAP dissector crashes (wnpa-sec-2015-31)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8711.json"},{"CVE":"CVE-2015-8712","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296055","bugzilla_description":"CVE-2015-8712 CVE-2015-8713 wireshark: UMTS FP dissector crashes (wnpa-sec-2015-32)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8712.json"},{"CVE":"CVE-2015-8713","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296055","bugzilla_description":"CVE-2015-8712 CVE-2015-8713 wireshark: UMTS FP dissector crashes (wnpa-sec-2015-32)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8713.json"},{"CVE":"CVE-2015-8714","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296056","bugzilla_description":"CVE-2015-8714 wireshark: DCOM dissector crash (wnpa-sec-2015-33)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-456","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8714.json"},{"CVE":"CVE-2015-8715","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296057","bugzilla_description":"CVE-2015-8715 wireshark: AllJoyn dissector infinite loop (wnpa-sec-2015-34)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8715.json"},{"CVE":"CVE-2015-8716","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296059","bugzilla_description":"CVE-2015-8716 wireshark: T.38 dissector crash (wnpa-sec-2015-35)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8716.json"},{"CVE":"CVE-2015-8717","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296061","bugzilla_description":"CVE-2015-8717 wireshark: SDP dissector crash (wnpa-sec-2015-36)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8717.json"},{"CVE":"CVE-2015-8718","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296062","bugzilla_description":"CVE-2015-8718 wireshark: NLM dissector crash (wnpa-sec-2015-37)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8718.json"},{"CVE":"CVE-2015-8719","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296063","bugzilla_description":"CVE-2015-8719 wireshark: DNS dissector crash (wnpa-sec-2015-38)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8719.json"},{"CVE":"CVE-2015-8720","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296064","bugzilla_description":"CVE-2015-8720 wireshark: BER dissector crash (wnpa-sec-2015-39)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8720.json"},{"CVE":"CVE-2015-8721","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296065","bugzilla_description":"CVE-2015-8721 wireshark: Zlib decompression crash (wnpa-sec-2015-40)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8721.json"},{"CVE":"CVE-2015-8722","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296066","bugzilla_description":"CVE-2015-8722 wireshark: SCTP dissector crash (wnpa-sec-2015-41)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8722.json"},{"CVE":"CVE-2015-8723","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296067","bugzilla_description":"CVE-2015-8723 CVE-2015-8724 wireshark: 802.11 decryption crash (wnpa-sec-2015-42)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"(CWE-121|CWE-122)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8723.json"},{"CVE":"CVE-2015-8724","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296067","bugzilla_description":"CVE-2015-8723 CVE-2015-8724 wireshark: 802.11 decryption crash (wnpa-sec-2015-42)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"(CWE-121|CWE-122)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8724.json"},{"CVE":"CVE-2015-8725","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296068","bugzilla_description":"CVE-2015-8725 wireshark: DIAMETER dissector crash (wnpa-sec-2015-43)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-121","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8725.json"},{"CVE":"CVE-2015-8726","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296070","bugzilla_description":"CVE-2015-8726 wireshark: VeriWave file parser crashes (wnpa-sec-2015-44)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"(CWE-125|CWE-121)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8726.json"},{"CVE":"CVE-2015-8727","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296072","bugzilla_description":"CVE-2015-8727 wireshark: RSVP dissector crash (wnpa-sec-2015-45)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8727.json"},{"CVE":"CVE-2015-8728","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296075","bugzilla_description":"CVE-2015-8728 wireshark: ANSI A & GSM A dissector crashes (wnpa-sec-2015-46)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8728.json"},{"CVE":"CVE-2015-8729","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296077","bugzilla_description":"CVE-2015-8729 wireshark: Ascend file parser crash (wnpa-sec-2015-47)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8729.json"},{"CVE":"CVE-2015-8730","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296078","bugzilla_description":"CVE-2015-8730 wireshark: NBAP dissector crash (wnpa-sec-2015-48)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8730.json"},{"CVE":"CVE-2015-8731","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296079","bugzilla_description":"CVE-2015-8731 wireshark: RSL dissector crash (wnpa-sec-2015-49)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8731.json"},{"CVE":"CVE-2015-8732","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296081","bugzilla_description":"CVE-2015-8732 wireshark: ZigBee ZCL dissector crash (wnpa-sec-2015-50)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8732.json"},{"CVE":"CVE-2015-8733","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296082","bugzilla_description":"CVE-2015-8733 wireshark: Sniffer file parser crash (wnpa-sec-2015-51)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"(CWE-122|CWE-125)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8733.json"},{"CVE":"CVE-2015-8734","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296083","bugzilla_description":"CVE-2015-8734 wireshark: NWP dissector crash (wnpa-sec-2015-52)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8734.json"},{"CVE":"CVE-2015-8735","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296084","bugzilla_description":"CVE-2015-8735 wireshark: BT ATT dissector crash (wnpa-sec-2015-53)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8735.json"},{"CVE":"CVE-2015-8736","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296085","bugzilla_description":"CVE-2015-8736 wireshark: MP2T file parser crash (wnpa-sec-2015-54)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8736.json"},{"CVE":"CVE-2015-8737","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296086","bugzilla_description":"CVE-2015-8737 wireshark: MP2T file parser crash (wnpa-sec-2015-55)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8737.json"},{"CVE":"CVE-2015-8738","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296087","bugzilla_description":"CVE-2015-8738 wireshark: S7COMM dissector crash (wnpa-sec-2015-56)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8738.json"},{"CVE":"CVE-2015-8739","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296088","bugzilla_description":"CVE-2015-8739 wireshark: IPMI dissector crash (wnpa-sec-2015-57)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8739.json"},{"CVE":"CVE-2015-8740","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296089","bugzilla_description":"CVE-2015-8740 wireshark: TDS dissector crash (wnpa-sec-2015-58)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8740.json"},{"CVE":"CVE-2015-8741","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296090","bugzilla_description":"CVE-2015-8741 wireshark: PPI dissector crash (wnpa-sec-2015-59)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8741.json"},{"CVE":"CVE-2015-8742","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296091","bugzilla_description":"CVE-2015-8742 wireshark: MS-WSP dissector crash (wnpa-sec-2015-60)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8742.json"},{"CVE":"CVE-2015-7830","severity":"moderate","public_date":"2015-10-14T00:00:00Z","advisories":[],"bugzilla":"1272016","bugzilla_description":"CVE-2015-7830 wireshark: Pcapng file parser crash","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-704->CWE-480","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7830.json"},{"CVE":"CVE-2015-6241","severity":"moderate","public_date":"2015-08-11T00:00:00Z","advisories":[],"bugzilla":"1253352","bugzilla_description":"CVE-2015-6241 wireshark: protocol tree crash (wnpa-sec-2015-21)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6241.json"},{"CVE":"CVE-2015-6242","severity":"moderate","public_date":"2015-08-11T00:00:00Z","advisories":[],"bugzilla":"1253353","bugzilla_description":"CVE-2015-6242 wireshark: memory manager crash (wnpa-sec-2015-22)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6242.json"},{"CVE":"CVE-2015-6243","severity":"moderate","public_date":"2015-08-11T00:00:00Z","advisories":["RHSA-2015:2393"],"bugzilla":"1253354","bugzilla_description":"CVE-2015-6243 wireshark: Dissector table crash (wnpa-sec-2015-23)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-190","affected_packages":["wireshark-0:1.10.14-7.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6243.json"},{"CVE":"CVE-2015-6244","severity":"moderate","public_date":"2015-08-11T00:00:00Z","advisories":["RHSA-2015:2393"],"bugzilla":"1253355","bugzilla_description":"CVE-2015-6244 wireshark: ZigBee dissector crash (wnpa-sec-2015-24)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-130","affected_packages":["wireshark-0:1.10.14-7.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6244.json"},{"CVE":"CVE-2015-6245","severity":"moderate","public_date":"2015-08-11T00:00:00Z","advisories":["RHSA-2015:2393"],"bugzilla":"1253356","bugzilla_description":"CVE-2015-6245 wireshark: GSM RLC/MAC dissector infinite loop (wnpa-sec-2015-25)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.10.14-7.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6245.json"},{"CVE":"CVE-2015-6246","severity":"moderate","public_date":"2015-08-11T00:00:00Z","advisories":["RHSA-2015:2393"],"bugzilla":"1253357","bugzilla_description":"CVE-2015-6246 wireshark: WaveAgent dissector crash (wnpa-sec-2015-26)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.10.14-7.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6246.json"},{"CVE":"CVE-2015-6247","severity":"moderate","public_date":"2015-08-11T00:00:00Z","advisories":[],"bugzilla":"1253359","bugzilla_description":"CVE-2015-6247 wireshark: OpenFlow dissector infinite loop (wnpa-sec-2015-27)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6247.json"},{"CVE":"CVE-2015-6248","severity":"moderate","public_date":"2015-08-11T00:00:00Z","advisories":["RHSA-2015:2393"],"bugzilla":"1253360","bugzilla_description":"CVE-2015-6248 wireshark: Ptvcursor crash (wnpa-sec-2015-28)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.10.14-7.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6248.json"},{"CVE":"CVE-2015-6249","severity":"moderate","public_date":"2015-08-11T00:00:00Z","advisories":[],"bugzilla":"1253361","bugzilla_description":"CVE-2015-6249 wireshark: WCCP dissector crash (wnpa-sec-2015-29)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6249.json"},{"CVE":"CVE-2015-4651","severity":"low","public_date":"2015-06-17T00:00:00Z","advisories":[],"bugzilla":"1234415","bugzilla_description":"CVE-2015-4651 wireshark: WCCP dissector crash (wnpa-sec-2015-19)","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4651.json"},{"CVE":"CVE-2015-4652","severity":"low","public_date":"2015-06-17T00:00:00Z","advisories":[],"bugzilla":"1234416","bugzilla_description":"CVE-2015-4652 wireshark: GSM DTAP dissector crash (wnpa-sec-2015-20)","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4652.json"},{"CVE":"CVE-2015-3808","severity":"moderate","public_date":"2015-05-12T00:00:00Z","advisories":[],"bugzilla":"1222433","bugzilla_description":"CVE-2015-3808 CVE-2015-3809 wireshark: LBMR infinite loop (wnpa-sec-2015-12)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3808.json"},{"CVE":"CVE-2015-3809","severity":"moderate","public_date":"2015-05-12T00:00:00Z","advisories":[],"bugzilla":"1222433","bugzilla_description":"CVE-2015-3808 CVE-2015-3809 wireshark: LBMR infinite loop (wnpa-sec-2015-12)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3809.json"},{"CVE":"CVE-2015-3810","severity":"moderate","public_date":"2015-05-12T00:00:00Z","advisories":["RHSA-2015:2393"],"bugzilla":"1222434","bugzilla_description":"CVE-2015-3810 wireshark: WebSocket DoS (wnpa-sec-2015-13)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.10.14-7.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3810.json"},{"CVE":"CVE-2015-3811","severity":"moderate","public_date":"2015-05-12T00:00:00Z","advisories":["RHSA-2017:0631","RHSA-2015:2393"],"bugzilla":"1222436","bugzilla_description":"CVE-2015-3811 wireshark: WCP dissector crash (wnpa-sec-2015-14)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-665","affected_packages":["wireshark-0:1.10.14-7.el7","wireshark-0:1.8.10-25.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3811.json"},{"CVE":"CVE-2015-3812","severity":"moderate","public_date":"2015-05-12T00:00:00Z","advisories":["RHSA-2017:0631","RHSA-2015:2393"],"bugzilla":"1222437","bugzilla_description":"CVE-2015-3812 wireshark: X11 memory leak (wnpa-sec-2015-15)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-401","affected_packages":["wireshark-0:1.10.14-7.el7","wireshark-0:1.8.10-25.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3812.json"},{"CVE":"CVE-2015-3813","severity":"moderate","public_date":"2015-05-12T00:00:00Z","advisories":["RHSA-2017:0631","RHSA-2015:2393"],"bugzilla":"1222438","bugzilla_description":"CVE-2015-3813 wireshark: Reassembly memory leak (wnpa-sec-2015-16)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-401","affected_packages":["wireshark-0:1.10.14-7.el7","wireshark-0:1.8.10-25.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3813.json"},{"CVE":"CVE-2015-3814","severity":"moderate","public_date":"2015-05-12T00:00:00Z","advisories":[],"bugzilla":"1222439","bugzilla_description":"CVE-2015-3814 wireshark: IEEE 802.11 infinite loop (wnpa-sec-2015-17)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3814.json"},{"CVE":"CVE-2015-3815","severity":"moderate","public_date":"2015-05-12T00:00:00Z","advisories":[],"bugzilla":"1222440","bugzilla_description":"CVE-2015-3815 wireshark: Android Logcat file parser crash (wnpa-sec-2015-18)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3815.json"},{"CVE":"CVE-2015-3182","severity":"moderate","public_date":"2015-05-07T00:00:00Z","advisories":["RHSA-2015:2393"],"bugzilla":"1219409","bugzilla_description":"CVE-2015-3182 wireshark: crash on sample file genbroad.snoop","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-704","affected_packages":["wireshark-0:1.10.14-7.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3182.json"},{"CVE":"CVE-2015-2187","severity":"low","public_date":"2015-03-04T00:00:00Z","advisories":[],"bugzilla":"1199162","bugzilla_description":"CVE-2015-2187 wireshark: ATN-CPDLC dissector could crash (wnpa-sec-2015-06)","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2187.json"},{"CVE":"CVE-2015-2188","severity":"low","public_date":"2015-03-04T00:00:00Z","advisories":["RHSA-2015:2393"],"bugzilla":"1199163","bugzilla_description":"CVE-2015-2188 wireshark: The WCP dissector could crash while decompressing data (wnpa-sec-2015-07)","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":["wireshark-0:1.10.14-7.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2188.json"},{"CVE":"CVE-2015-2189","severity":"low","public_date":"2015-03-04T00:00:00Z","advisories":["RHSA-2015:2393","RHSA-2015:1460"],"bugzilla":"1199165","bugzilla_description":"CVE-2015-2189 wireshark: The pcapng file parser could crash (wnpa-sec-2015-08)","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-193","affected_packages":["wireshark-0:1.10.14-7.el7","wireshark-0:1.8.10-17.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2189.json"},{"CVE":"CVE-2015-2190","severity":"low","public_date":"2015-03-04T00:00:00Z","advisories":[],"bugzilla":"1199166","bugzilla_description":"CVE-2015-2190 wireshark: LLDP dissector could crash (wnpa-sec-2015-09)","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2190.json"},{"CVE":"CVE-2015-2191","severity":"low","public_date":"2015-03-04T00:00:00Z","advisories":["RHSA-2015:2393","RHSA-2015:1460"],"bugzilla":"1199167","bugzilla_description":"CVE-2015-2191 wireshark: The TNEF dissector could go into an infinite loop on 32-bit architectures (wnpa-sec-2015-10)","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.10.14-7.el7","wireshark-0:1.8.10-17.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2191.json"},{"CVE":"CVE-2015-2192","severity":"low","public_date":"2015-03-04T00:00:00Z","advisories":[],"bugzilla":"1199168","bugzilla_description":"CVE-2015-2192 wireshark: SCSI OSD dissector could go into an infinite loop (wnpa-sec-2015-11)","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2192.json"},{"CVE":"CVE-2015-0559","severity":"moderate","public_date":"2015-01-07T00:00:00Z","advisories":[],"bugzilla":"1180167","bugzilla_description":"CVE-2015-0559 CVE-2015-0560 wireshark: WCCP dissector crash (wnpa-sec-2015-01)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0559.json"},{"CVE":"CVE-2015-0560","severity":"moderate","public_date":"2015-01-07T00:00:00Z","advisories":[],"bugzilla":"1180167","bugzilla_description":"CVE-2015-0559 CVE-2015-0560 wireshark: WCCP dissector crash (wnpa-sec-2015-01)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0560.json"},{"CVE":"CVE-2015-0561","severity":"moderate","public_date":"2015-01-07T00:00:00Z","advisories":[],"bugzilla":"1180171","bugzilla_description":"CVE-2015-0561 wireshark: LPP dissector crash (wnpa-sec-2015-02)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0561.json"},{"CVE":"CVE-2015-0562","severity":"moderate","public_date":"2015-01-07T00:00:00Z","advisories":["RHSA-2015:2393","RHSA-2015:1460"],"bugzilla":"1180182","bugzilla_description":"CVE-2015-0562 wireshark: DEC DNA Routing Protocol dissector crash (wnpa-sec-2015-03)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-416","affected_packages":["wireshark-0:1.10.14-7.el7","wireshark-0:1.8.10-17.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0562.json"},{"CVE":"CVE-2015-0563","severity":"moderate","public_date":"2015-01-07T00:00:00Z","advisories":["RHSA-2015:2393"],"bugzilla":"1180195","bugzilla_description":"CVE-2015-0563 wireshark: SMTP dissector crash (wnpa-sec-2015-04)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-131","affected_packages":["wireshark-0:1.10.14-7.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0563.json"},{"CVE":"CVE-2015-0564","severity":"moderate","public_date":"2015-01-07T00:00:00Z","advisories":["RHSA-2015:2393","RHSA-2015:1460"],"bugzilla":"1180197","bugzilla_description":"CVE-2015-0564 wireshark: TLS/SSL decryption crash (wnpa-sec-2015-05)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-131","affected_packages":["wireshark-0:1.10.14-7.el7","wireshark-0:1.8.10-17.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0564.json"},{"CVE":"CVE-2014-8710","severity":"moderate","public_date":"2014-11-04T00:00:00Z","advisories":["RHSA-2015:2393","RHSA-2015:1460"],"bugzilla":"1163584","bugzilla_description":"CVE-2014-8710 wireshark: SigComp dissector crash (wnpa-sec-2014-20)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.10.14-7.el7","wireshark-0:1.8.10-17.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8710.json"},{"CVE":"CVE-2014-8714","severity":"moderate","public_date":"2014-10-20T00:00:00Z","advisories":["RHSA-2015:2393","RHSA-2015:1460"],"bugzilla":"1163581","bugzilla_description":"CVE-2014-8714 wireshark: TN5250 infinite loop (wnpa-sec-2014-23)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.10.14-7.el7","wireshark-0:1.8.10-17.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8714.json"},{"CVE":"CVE-2014-8711","severity":"moderate","public_date":"2014-10-17T00:00:00Z","advisories":["RHSA-2015:2393","RHSA-2015:1460"],"bugzilla":"1163583","bugzilla_description":"CVE-2014-8711 wireshark: AMQP dissector crash (wnpa-sec-2014-21)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.10.14-7.el7","wireshark-0:1.8.10-17.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8711.json"},{"CVE":"CVE-2014-8712","severity":"moderate","public_date":"2014-10-09T00:00:00Z","advisories":["RHSA-2015:2393","RHSA-2015:1460"],"bugzilla":"1163582","bugzilla_description":"CVE-2014-8712 CVE-2014-8713 wireshark: NCP dissector crashes (wnpa-sec-2014-22)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.10.14-7.el7","wireshark-0:1.8.10-17.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8712.json"},{"CVE":"CVE-2014-8713","severity":"moderate","public_date":"2014-10-09T00:00:00Z","advisories":["RHSA-2015:2393","RHSA-2015:1460"],"bugzilla":"1163582","bugzilla_description":"CVE-2014-8712 CVE-2014-8713 wireshark: NCP dissector crashes (wnpa-sec-2014-22)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.10.14-7.el7","wireshark-0:1.8.10-17.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8713.json"},{"CVE":"CVE-2014-6429","severity":"moderate","public_date":"2014-09-10T00:00:00Z","advisories":["RHSA-2014:1676","RHSA-2014:1677"],"bugzilla":"1142602","bugzilla_description":"CVE-2014-6429 CVE-2014-6430 CVE-2014-6431 CVE-2014-6432 wireshark: DOS Sniffer file parser flaw (wnpa-sec-2014-19)","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-8.el6_6","wireshark-0:1.0.15-7.el5_11","wireshark-0:1.10.3-12.el7_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6429.json"},{"CVE":"CVE-2014-6430","severity":"moderate","public_date":"2014-09-10T00:00:00Z","advisories":["RHSA-2014:1676","RHSA-2014:1677"],"bugzilla":"1142602","bugzilla_description":"CVE-2014-6429 CVE-2014-6430 CVE-2014-6431 CVE-2014-6432 wireshark: DOS Sniffer file parser flaw (wnpa-sec-2014-19)","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-8.el6_6","wireshark-0:1.0.15-7.el5_11","wireshark-0:1.10.3-12.el7_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6430.json"},{"CVE":"CVE-2014-6431","severity":"moderate","public_date":"2014-09-10T00:00:00Z","advisories":["RHSA-2014:1676","RHSA-2014:1677"],"bugzilla":"1142602","bugzilla_description":"CVE-2014-6429 CVE-2014-6430 CVE-2014-6431 CVE-2014-6432 wireshark: DOS Sniffer file parser flaw (wnpa-sec-2014-19)","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-8.el6_6","wireshark-0:1.0.15-7.el5_11","wireshark-0:1.10.3-12.el7_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6431.json"},{"CVE":"CVE-2014-6432","severity":"moderate","public_date":"2014-09-10T00:00:00Z","advisories":["RHSA-2014:1676","RHSA-2014:1677"],"bugzilla":"1142602","bugzilla_description":"CVE-2014-6429 CVE-2014-6430 CVE-2014-6431 CVE-2014-6432 wireshark: DOS Sniffer file parser flaw (wnpa-sec-2014-19)","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-8.el6_6","wireshark-0:1.0.15-7.el5_11","wireshark-0:1.10.3-12.el7_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6432.json"},{"CVE":"CVE-2014-6428","severity":"moderate","public_date":"2014-09-07T00:00:00Z","advisories":["RHSA-2014:1676","RHSA-2014:1677"],"bugzilla":"1142603","bugzilla_description":"CVE-2014-6428 wireshark: SES dissector crash (wnpa-sec-2014-18)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-456","affected_packages":["wireshark-0:1.8.10-8.el6_6","wireshark-0:1.0.15-7.el5_11","wireshark-0:1.10.3-12.el7_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6428.json"},{"CVE":"CVE-2014-6427","severity":"moderate","public_date":"2014-08-14T00:00:00Z","advisories":["RHSA-2014:1676"],"bugzilla":"1142604","bugzilla_description":"CVE-2014-6427 wireshark: RTSP dissector crash (wnpa-sec-2014-17)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.8.10-8.el6_6","wireshark-0:1.10.3-12.el7_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6427.json"},{"CVE":"CVE-2014-6426","severity":"moderate","public_date":"2014-08-14T00:00:00Z","advisories":["RHSA-2014:1676"],"bugzilla":"1142606","bugzilla_description":"CVE-2014-6426 wireshark: HIP dissector infinite loop (wnpa-sec-2014-16)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.8.10-8.el6_6","wireshark-0:1.10.3-12.el7_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6426.json"},{"CVE":"CVE-2014-6424","severity":"moderate","public_date":"2014-08-13T00:00:00Z","advisories":["RHSA-2014:1676"],"bugzilla":"1142609","bugzilla_description":"CVE-2014-6424 wireshark: Netflow dissector crash (wnpa-sec-2014-14)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-8.el6_6","wireshark-0:1.10.3-12.el7_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6424.json"},{"CVE":"CVE-2014-6425","severity":"moderate","public_date":"2014-08-07T00:00:00Z","advisories":["RHSA-2014:1676","RHSA-2014:1677"],"bugzilla":"1142608","bugzilla_description":"CVE-2014-6425 wireshark: CUPS dissector crash (wnpa-sec-2014-15)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-228->CWE-125","affected_packages":["wireshark-0:1.8.10-8.el6_6","wireshark-0:1.0.15-7.el5_11","wireshark-0:1.10.3-12.el7_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6425.json"},{"CVE":"CVE-2014-6423","severity":"moderate","public_date":"2014-08-01T00:00:00Z","advisories":["RHSA-2014:1676","RHSA-2014:1677"],"bugzilla":"1142610","bugzilla_description":"CVE-2014-6423 wireshark: MEGACO dissector infinite loop (wnpa-sec-2014-13)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.8.10-8.el6_6","wireshark-0:1.0.15-7.el5_11","wireshark-0:1.10.3-12.el7_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6423.json"},{"CVE":"CVE-2014-5161","severity":"moderate","public_date":"2014-07-31T00:00:00Z","advisories":[],"bugzilla":"1125767","bugzilla_description":"CVE-2014-5161 CVE-2014-5162 wireshark: Catapult DCT2000 and IrDA dissectors buffer underrun (wnpa-sec-2014-08)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5161.json"},{"CVE":"CVE-2014-5162","severity":"moderate","public_date":"2014-07-31T00:00:00Z","advisories":[],"bugzilla":"1125767","bugzilla_description":"CVE-2014-5161 CVE-2014-5162 wireshark: Catapult DCT2000 and IrDA dissectors buffer underrun (wnpa-sec-2014-08)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5162.json"},{"CVE":"CVE-2014-5163","severity":"moderate","public_date":"2014-06-21T00:00:00Z","advisories":[],"bugzilla":"1125766","bugzilla_description":"CVE-2014-5163 wireshark: GTP and GSM Management dissectors crash (wnpa-sec-2014-09)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5163.json"},{"CVE":"CVE-2014-5165","severity":"moderate","public_date":"2014-06-17T00:00:00Z","advisories":[],"bugzilla":"1125761","bugzilla_description":"CVE-2014-5165 wireshark: ASN.1 BER dissector crash (wnpa-sec-2014-11)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5165.json"},{"CVE":"CVE-2014-2907","severity":"moderate","public_date":"2014-04-22T00:00:00Z","advisories":[],"bugzilla":"1090177","bugzilla_description":"CVE-2014-2907 wireshark: RTP dissector crash (wnpa-sec-2014-06)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2907.json"},{"CVE":"CVE-2014-4020","severity":"moderate","public_date":"2014-04-17T00:00:00Z","advisories":[],"bugzilla":"1109034","bugzilla_description":"CVE-2014-4020 wireshark: Frame metadissector crash (wnpa-sec-2014-07)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4020.json"},{"CVE":"CVE-2014-4174","severity":"moderate","public_date":"2014-04-09T00:00:00Z","advisories":[],"bugzilla":"1086033","bugzilla_description":"CVE-2014-4174 libpcap: file parser crash (wnpa-sec-2014-05)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4174.json"},{"CVE":"CVE-2014-6421","severity":"moderate","public_date":"2014-03-23T00:00:00Z","advisories":["RHSA-2014:1676","RHSA-2014:1677"],"bugzilla":"1142611","bugzilla_description":"CVE-2014-6421 CVE-2014-6422 wireshark: RTP dissector crash (wnpa-sec-2014-12)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-416","affected_packages":["wireshark-0:1.8.10-8.el6_6","wireshark-0:1.0.15-7.el5_11","wireshark-0:1.10.3-12.el7_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6421.json"},{"CVE":"CVE-2014-6422","severity":"moderate","public_date":"2014-03-23T00:00:00Z","advisories":["RHSA-2014:1676","RHSA-2014:1677"],"bugzilla":"1142611","bugzilla_description":"CVE-2014-6421 CVE-2014-6422 wireshark: RTP dissector crash (wnpa-sec-2014-12)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-416","affected_packages":["wireshark-0:1.8.10-8.el6_6","wireshark-0:1.0.15-7.el5_11","wireshark-0:1.10.3-12.el7_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6422.json"},{"CVE":"CVE-2014-2299","severity":"moderate","public_date":"2014-03-07T00:00:00Z","advisories":["RHSA-2014:0342","RHSA-2014:0341"],"bugzilla":"1074109","bugzilla_description":"CVE-2014-2299 wireshark: buffer overflow in MPEG file parser (wnpa-sec-2014-04)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-119","affected_packages":["wireshark-0:1.8.10-7.el6_5","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2299.json"},{"CVE":"CVE-2014-2283","severity":"moderate","public_date":"2014-03-07T00:00:00Z","advisories":["RHSA-2014:0342"],"bugzilla":"1074111","bugzilla_description":"CVE-2014-2283 wireshark: RLC dissector crash (wnpa-sec-2014-03)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-7.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2283.json"},{"CVE":"CVE-2014-2282","severity":"moderate","public_date":"2014-03-07T00:00:00Z","advisories":[],"bugzilla":"1074112","bugzilla_description":"CVE-2014-2282 wireshark: M3UA dissector crash (wnpa-sec-2014-02)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2282.json"},{"CVE":"CVE-2014-2281","severity":"moderate","public_date":"2014-03-07T00:00:00Z","advisories":["RHSA-2014:0342","RHSA-2014:0341"],"bugzilla":"1074114","bugzilla_description":"CVE-2014-2281 wireshark: NFS dissector crash (wnpa-sec-2014-01)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-119","affected_packages":["wireshark-0:1.8.10-7.el6_5","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2281.json"},{"CVE":"CVE-2014-5164","severity":"moderate","public_date":"2014-02-21T00:00:00Z","advisories":[],"bugzilla":"1125763","bugzilla_description":"CVE-2014-5164 wireshark: RLC dissector crash (wnpa-sec-2014-10)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5164.json"},{"CVE":"CVE-2013-7112","severity":"low","public_date":"2013-12-17T00:00:00Z","advisories":["RHSA-2014:0342","RHSA-2014:0341"],"bugzilla":"1044508","bugzilla_description":"CVE-2013-7112 wireshark: SIP dissector could go into an infinite loop (wnpa-sec-2013-66)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.8.10-7.el6_5","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7112.json"},{"CVE":"CVE-2013-7113","severity":"low","public_date":"2013-12-17T00:00:00Z","advisories":[],"bugzilla":"1044509","bugzilla_description":"CVE-2013-7113 wireshark: BSSGP dissector could crash (wnpa-sec-2013-67)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7113.json"},{"CVE":"CVE-2013-7114","severity":"low","public_date":"2013-12-17T00:00:00Z","advisories":["RHSA-2014:0342"],"bugzilla":"1044510","bugzilla_description":"CVE-2013-7114 wireshark: NTLMSSP v2 dissector could crash (wnpa-sec-2013-68)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-7.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7114.json"},{"CVE":"CVE-2013-6336","severity":"moderate","public_date":"2013-11-01T00:00:00Z","advisories":["RHSA-2014:0342"],"bugzilla":"1026534","bugzilla_description":"CVE-2013-6336 wireshark: IEEE 802.15.4 dissector crash (wnpa-sec-2013-61)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-7.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6336.json"},{"CVE":"CVE-2013-6337","severity":"moderate","public_date":"2013-11-01T00:00:00Z","advisories":["RHSA-2014:0342"],"bugzilla":"1026538","bugzilla_description":"CVE-2013-6337 wireshark: NBAP dissector crash (wnpa-sec-2013-62)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-7.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6337.json"},{"CVE":"CVE-2013-6338","severity":"moderate","public_date":"2013-11-01T00:00:00Z","advisories":["RHSA-2014:0342"],"bugzilla":"1026539","bugzilla_description":"CVE-2013-6338 wireshark: SIP dissector crash (wnpa-sec-2013-63)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-7.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6338.json"},{"CVE":"CVE-2013-6339","severity":"moderate","public_date":"2013-11-01T00:00:00Z","advisories":["RHSA-2014:0342"],"bugzilla":"1026540","bugzilla_description":"CVE-2013-6339 wireshark: ActiveMQ OpenWire dissector large loop (wnpa-sec-2013-64)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-7.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6339.json"},{"CVE":"CVE-2013-6340","severity":"moderate","public_date":"2013-11-01T00:00:00Z","advisories":["RHSA-2014:0342"],"bugzilla":"1026541","bugzilla_description":"CVE-2013-6340 wireshark: TCP dissector crash (wnpa-sec-2013-65)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-7.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6340.json"},{"CVE":"CVE-2013-5717","severity":"low","public_date":"2013-09-10T00:00:00Z","advisories":[],"bugzilla":"1007177","bugzilla_description":"CVE-2013-5717 wireshark: Bluetooth HCI ACL dissector crash (wnpa-sec-2013-54, upstream bug 8827)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5717.json"},{"CVE":"CVE-2013-5718","severity":"low","public_date":"2013-09-10T00:00:00Z","advisories":[],"bugzilla":"1007182","bugzilla_description":"CVE-2013-5718 wireshark: NBAP dissector crash (wnpa-sec-2013-55, upstream bug 9005)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5718.json"},{"CVE":"CVE-2013-5719","severity":"low","public_date":"2013-09-10T00:00:00Z","advisories":[],"bugzilla":"1007185","bugzilla_description":"CVE-2013-5719 wireshark: ASSA R3 dissector crash (wnpa-sec-2013-56, upstream bug 9020)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5719.json"},{"CVE":"CVE-2013-5720","severity":"low","public_date":"2013-09-10T00:00:00Z","advisories":[],"bugzilla":"1007192","bugzilla_description":"CVE-2013-5720 wireshark: RTPS dissector crash (wnpa-sec-2013-57)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5720.json"},{"CVE":"CVE-2013-5721","severity":"low","public_date":"2013-09-10T00:00:00Z","advisories":["RHSA-2013:1569","RHSA-2014:0341"],"bugzilla":"1007197","bugzilla_description":"CVE-2013-5721 wireshark: MQ dissector crash (wnpa-sec-2013-58, upstream bug 9079)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5721.json"},{"CVE":"CVE-2013-5722","severity":"low","public_date":"2013-09-10T00:00:00Z","advisories":[],"bugzilla":"1007201","bugzilla_description":"CVE-2013-5722 wireshark: LDAP dissector crash (wnpa-sec-2013-59)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5722.json"},{"CVE":"CVE-2013-4920","severity":"low","public_date":"2013-07-26T00:00:00Z","advisories":[],"bugzilla":"990155","bugzilla_description":"CVE-2013-4920 wireshark: DoS (application crash) in the P1 dissector (wnpa-sec-2013-42)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4920.json"},{"CVE":"CVE-2013-4921","severity":"low","public_date":"2013-07-26T00:00:00Z","advisories":[],"bugzilla":"990156","bugzilla_description":"CVE-2013-4921 wireshark: Off-by-one (application crash) in the Radiotap dissector (wnpa-sec-2013-43)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-193","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4921.json"},{"CVE":"CVE-2013-4922","severity":"moderate","public_date":"2013-07-26T00:00:00Z","advisories":[],"bugzilla":"990157","bugzilla_description":"CVE-2013-4922 wireshark: Double-free in the DCOM ISystemActivator dissector (wnpa-sec-2013-44)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4922.json"},{"CVE":"CVE-2013-4923","severity":"low","public_date":"2013-07-26T00:00:00Z","advisories":[],"bugzilla":"990160","bugzilla_description":"CVE-2013-4923 wireshark: Memory leak (DoS, memory consumption) in the DCOM ISystemActivator dissector (wnpa-sec-2013-44)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-401","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4923.json"},{"CVE":"CVE-2013-4924","severity":"low","public_date":"2013-07-26T00:00:00Z","advisories":[],"bugzilla":"990163","bugzilla_description":"CVE-2013-4924 wireshark: Assertion failure in the DCOM ISystemActivator dissector (wnpa-sec-2013-44)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4924.json"},{"CVE":"CVE-2013-4925","severity":"low","public_date":"2013-07-26T00:00:00Z","advisories":[],"bugzilla":"990164","bugzilla_description":"CVE-2013-4925 wireshark: Integer signedness error in the DCOM ISystemActivator dissector (wnpa-sec-2013-44)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4925.json"},{"CVE":"CVE-2013-4926","severity":"low","public_date":"2013-07-26T00:00:00Z","advisories":[],"bugzilla":"990165","bugzilla_description":"CVE-2013-4926 wireshark: DoS in the DCOM ISystemActivator dissector due improper remaining data to process presence check (wnpa-sec-2013-44)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4926.json"},{"CVE":"CVE-2013-4927","severity":"low","public_date":"2013-07-26T00:00:00Z","advisories":["RHSA-2013:1569","RHSA-2014:0341"],"bugzilla":"990166","bugzilla_description":"CVE-2013-4927 wireshark: Integer signedness error in the Bluetooth SDP dissector (wnpa-sec-2013-45)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4927.json"},{"CVE":"CVE-2013-4928","severity":"low","public_date":"2013-07-26T00:00:00Z","advisories":[],"bugzilla":"990167","bugzilla_description":"CVE-2013-4928 wireshark: Integer signedness error in the Bluetooth OBEX dissector (wnpa-sec-2013-46)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4928.json"},{"CVE":"CVE-2013-4929","severity":"low","public_date":"2013-07-26T00:00:00Z","advisories":[],"bugzilla":"990168","bugzilla_description":"CVE-2013-4929 wireshark: DoS (infinite loop) in the DIS dissector (wnpa-sec-2013-47)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4929.json"},{"CVE":"CVE-2013-4930","severity":"low","public_date":"2013-07-26T00:00:00Z","advisories":[],"bugzilla":"990169","bugzilla_description":"CVE-2013-4930 wireshark: Assertion failure in the DVB-CI dissector (wnpa-sec-2013-48)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4930.json"},{"CVE":"CVE-2013-4931","severity":"low","public_date":"2013-07-26T00:00:00Z","advisories":["RHSA-2013:1569","RHSA-2014:0341"],"bugzilla":"990170","bugzilla_description":"CVE-2013-4931 wireshark: DoS (infinite loop) in the GSM RR dissector (wnpa-sec-2013-49)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4931.json"},{"CVE":"CVE-2013-4932","severity":"low","public_date":"2013-07-26T00:00:00Z","advisories":["RHSA-2013:1569","RHSA-2014:0341"],"bugzilla":"990172","bugzilla_description":"CVE-2013-4932 wireshark: Multiple array index errors in the GSM A Common dissector (wnpa-sec-2013-50)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4932.json"},{"CVE":"CVE-2013-4933","severity":"low","public_date":"2013-07-26T00:00:00Z","advisories":["RHSA-2013:1569","RHSA-2014:0341"],"bugzilla":"990175","bugzilla_description":"CVE-2013-4933 wireshark: DoS (application crash) in the Netmon file parser (wnpa-sec-2013-51)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4933.json"},{"CVE":"CVE-2013-4934","severity":"low","public_date":"2013-07-26T00:00:00Z","advisories":["RHSA-2013:1569","RHSA-2014:0341"],"bugzilla":"990178","bugzilla_description":"CVE-2013-4934 wireshark: DoS (application crash) in the Netmon file parser (wnpa-sec-2013-51) (A different flaw than CVE-2013-4933)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4934.json"},{"CVE":"CVE-2013-4935","severity":"low","public_date":"2013-07-26T00:00:00Z","advisories":["RHSA-2013:1569","RHSA-2014:0341"],"bugzilla":"990179","bugzilla_description":"CVE-2013-4935 wireshark: DoS (application crash) in the ASN.1 PER dissector (wnpa-sec-2013-52)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4935.json"},{"CVE":"CVE-2013-4936","severity":"low","public_date":"2013-07-26T00:00:00Z","advisories":["RHSA-2013:1569"],"bugzilla":"990180","bugzilla_description":"CVE-2013-4936 wireshark: DoS (NULL pointer dereference, crash) in the PROFINET Real-Time dissector (wnpa-sec-2013-53)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-476","affected_packages":["wireshark-0:1.8.10-4.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4936.json"},{"CVE":"CVE-2013-4074","severity":"low","public_date":"2013-06-07T00:00:00Z","advisories":[],"bugzilla":"972679","bugzilla_description":"CVE-2013-4074 wireshark: DoS (crash) in the CAPWAP dissector (wnpa-sec-2013-32)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4074.json"},{"CVE":"CVE-2013-4075","severity":"low","public_date":"2013-06-07T00:00:00Z","advisories":["RHSA-2017:0631"],"bugzilla":"972680","bugzilla_description":"CVE-2013-4075 wireshark: DoS (crash) in the GMR-1 BCCH dissector (wnpa-sec-2013-33)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-25.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4075.json"},{"CVE":"CVE-2013-4076","severity":"moderate","public_date":"2013-06-07T00:00:00Z","advisories":[],"bugzilla":"972681","bugzilla_description":"CVE-2013-4076 wireshark: Invalid free in the PPP dissector (wnpa-sec-2013-34)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4076.json"},{"CVE":"CVE-2013-4077","severity":"moderate","public_date":"2013-06-07T00:00:00Z","advisories":[],"bugzilla":"972682","bugzilla_description":"CVE-2013-4077 wireshark: Array index error in the NBAP dissector (wnpa-sec-2013-35)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4077.json"},{"CVE":"CVE-2013-4078","severity":"low","public_date":"2013-06-07T00:00:00Z","advisories":[],"bugzilla":"972683","bugzilla_description":"CVE-2013-4078 wireshark: DoS (infinite loop) in the RDP dissector (wnpa-sec-2013-36)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4078.json"},{"CVE":"CVE-2013-4079","severity":"low","public_date":"2013-06-07T00:00:00Z","advisories":[],"bugzilla":"972684","bugzilla_description":"CVE-2013-4079 wireshark: DoS (infinite loop, application hang) in the GSM CBCH dissector (wnpa-sec-2013-37)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4079.json"},{"CVE":"CVE-2013-4080","severity":"low","public_date":"2013-06-07T00:00:00Z","advisories":[],"bugzilla":"972685","bugzilla_description":"CVE-2013-4080 wireshark: DoS (infinite loop, CPU & memory consumption) in the Assa Abloy R3 dissector (wnpa-sec-2013-38)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4080.json"},{"CVE":"CVE-2013-4081","severity":"low","public_date":"2013-06-07T00:00:00Z","advisories":["RHSA-2013:1569","RHSA-2014:0341"],"bugzilla":"972686","bugzilla_description":"CVE-2013-4081 wireshark: DoS (infinite loop) in the HTTP dissector (wnpa-sec-2013-39)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4081.json"},{"CVE":"CVE-2013-4082","severity":"moderate","public_date":"2013-06-07T00:00:00Z","advisories":[],"bugzilla":"972687","bugzilla_description":"CVE-2013-4082 wireshark: Heap-based buffer overflow in the Ixia IxVeriWave file parser (wnpa-sec-2013-40)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4082.json"},{"CVE":"CVE-2013-4083","severity":"moderate","public_date":"2013-06-07T00:00:00Z","advisories":["RHSA-2013:1569","RHSA-2014:0341"],"bugzilla":"972688","bugzilla_description":"CVE-2013-4083 wireshark: Invalid free in the DCP ETSI dissector (wnpa-sec-2013-41)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4083.json"},{"CVE":"CVE-2013-3562","severity":"low","public_date":"2013-05-17T00:00:00Z","advisories":[],"bugzilla":"965112","bugzilla_description":"CVE-2013-3562 wireshark: DoS (stack overflow, crash) in the Websocket dissector (wnpa-sec-2013-29, upstream #8448, #8499)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3562.json"},{"CVE":"CVE-2013-3560","severity":"low","public_date":"2013-05-17T00:00:00Z","advisories":[],"bugzilla":"965186","bugzilla_description":"CVE-2013-3560 wireshark: DoS (crash) in the MPEG DSM-CC dissector (wnpa-sec-2013-28, upstream #8481)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3560.json"},{"CVE":"CVE-2013-3559","severity":"moderate","public_date":"2013-05-17T00:00:00Z","advisories":["RHSA-2013:1569","RHSA-2014:0341"],"bugzilla":"965190","bugzilla_description":"CVE-2013-3559 wireshark: DoS (crash) in the DCP ETSI dissector (wnpa-sec-2013-27, upstream #8231, #8540, #8541)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3559.json"},{"CVE":"CVE-2013-3558","severity":"low","public_date":"2013-05-17T00:00:00Z","advisories":[],"bugzilla":"965192","bugzilla_description":"CVE-2013-3558 wireshark: DoS (crash) in the PPP CCP dissector (wnpa-sec-2013-26, upstream #8638)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3558.json"},{"CVE":"CVE-2013-3557","severity":"low","public_date":"2013-05-17T00:00:00Z","advisories":["RHSA-2013:1569","RHSA-2014:0341"],"bugzilla":"965193","bugzilla_description":"CVE-2013-3557 wireshark: DoS (crash) in the ASN.1 BER dissector (wnpa-sec-2013-25, upstream #8599)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3557.json"},{"CVE":"CVE-2013-3555","severity":"low","public_date":"2013-05-17T00:00:00Z","advisories":[],"bugzilla":"965194","bugzilla_description":"CVE-2013-3555 wireshark: DoS (crash) in the GTPv2 dissector (wnpa-sec-2013-24, upstream #8493)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3555.json"},{"CVE":"CVE-2013-3556","severity":"low","public_date":"2013-05-17T00:00:00Z","advisories":[],"bugzilla":"966054","bugzilla_description":"CVE-2013-3556 wireshark: DoS (crash) in the ASN.1 BER dissector (wnpa-sec-2013-25, upstream #8599)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3556.json"},{"CVE":"CVE-2013-3561","severity":"low","public_date":"2013-05-17T00:00:00Z","advisories":["RHSA-2013:1569"],"bugzilla":"966331","bugzilla_description":"CVE-2013-3561 wireshark: Multiple Denial of Service flaws","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-4.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3561.json"},{"CVE":"CVE-2013-2475","severity":"low","public_date":"2013-03-06T00:00:00Z","advisories":[],"bugzilla":"919129","bugzilla_description":"CVE-2013-2475 wireshark: TCP dissector crash (wnpa-sec-2013-10, upstream bug 8274)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2475.json"},{"CVE":"CVE-2013-2476","severity":"low","public_date":"2013-03-06T00:00:00Z","advisories":[],"bugzilla":"919130","bugzilla_description":"CVE-2013-2476 wireshark: Infinite loop in the HART/IP dissector (wnpa-sec-2013-11, upstream bug 8360)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2476.json"},{"CVE":"CVE-2013-2477","severity":"low","public_date":"2013-03-06T00:00:00Z","advisories":[],"bugzilla":"919131","bugzilla_description":"CVE-2013-2477 wireshark: Crash in the CSN.1 dissector (wnpa-sec-2013-12, upstream bug 8383)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2477.json"},{"CVE":"CVE-2013-2478","severity":"low","public_date":"2013-03-06T00:00:00Z","advisories":[],"bugzilla":"919133","bugzilla_description":"CVE-2013-2478 wireshark: Crash in the MS-MMS dissector (wnpa-sec-2013-13, upstream bug 8382)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2478.json"},{"CVE":"CVE-2013-2479","severity":"low","public_date":"2013-03-06T00:00:00Z","advisories":[],"bugzilla":"919135","bugzilla_description":"CVE-2013-2479 wireshark: Infinite loop in the MPLS Echo dissector (wnpa-sec-2013-14, upstream bug 8039)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2479.json"},{"CVE":"CVE-2013-2480","severity":"low","public_date":"2013-03-06T00:00:00Z","advisories":[],"bugzilla":"919137","bugzilla_description":"CVE-2013-2480 wireshark: Crash in the RTPS and RTPS2 dissectors (wnpa-sec-2013-15, upstream bug 8332)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2480.json"},{"CVE":"CVE-2013-2481","severity":"low","public_date":"2013-03-06T00:00:00Z","advisories":[],"bugzilla":"919139","bugzilla_description":"CVE-2013-2481 wireshark: Crash in the Mount dissector (wnpa-sec-2013-16, upstream bug 8335)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2481.json"},{"CVE":"CVE-2013-2482","severity":"low","public_date":"2013-03-06T00:00:00Z","advisories":[],"bugzilla":"919141","bugzilla_description":"CVE-2013-2482 wireshark: Infinite loop in the AMPQ dissector (wnpa-sec-2013-17, upstream bug 8337)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2482.json"},{"CVE":"CVE-2013-2483","severity":"low","public_date":"2013-03-06T00:00:00Z","advisories":[],"bugzilla":"919142","bugzilla_description":"CVE-2013-2483 wireshark: Divide by zero in the ACN dissector (wnpa-sec-2013-18, upstream bug 8340)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2483.json"},{"CVE":"CVE-2013-2484","severity":"low","public_date":"2013-03-06T00:00:00Z","advisories":[],"bugzilla":"919143","bugzilla_description":"CVE-2013-2484 wireshark: Crash in the CIMD dissector (wnpa-sec-2013-19, upstream bug 8346)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2484.json"},{"CVE":"CVE-2013-2485","severity":"low","public_date":"2013-03-06T00:00:00Z","advisories":[],"bugzilla":"919144","bugzilla_description":"CVE-2013-2485 wireshark: Infinite loop in the FCSP dissector (wnpa-sec-2013-20, upstream bug 8359)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2485.json"},{"CVE":"CVE-2013-2486","severity":"low","public_date":"2013-03-06T00:00:00Z","advisories":[],"bugzilla":"919146","bugzilla_description":"CVE-2013-2486 wireshark: Infinite loop in the RELOAD dissector (wnpa-sec-2013-21, upstream bug 8364) [A different flaw than CVE-2013-2487]","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2486.json"},{"CVE":"CVE-2013-2487","severity":"low","public_date":"2013-03-06T00:00:00Z","advisories":[],"bugzilla":"919147","bugzilla_description":"CVE-2013-2487 wireshark: Infinite loop in the RELOAD dissector (wnpa-sec-2013-21, upstream bug 8364) [A different flaw than CVE-2013-2486]","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2487.json"},{"CVE":"CVE-2013-2488","severity":"low","public_date":"2013-03-06T00:00:00Z","advisories":[],"bugzilla":"919148","bugzilla_description":"CVE-2013-2488 wireshark: Crash in the DTLS dissector (wnpa-sec-2013-22, upstream bug 8380)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2488.json"},{"CVE":"CVE-2013-1572","severity":"low","public_date":"2013-01-29T00:00:00Z","advisories":[],"bugzilla":"906328","bugzilla_description":"CVE-2013-1572 wireshark: Infinite loop in the Slow Protocols dissector (wnpa-sec-2013-01, bug 8036)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1572.json"},{"CVE":"CVE-2013-1573","severity":"low","public_date":"2013-01-29T00:00:00Z","advisories":[],"bugzilla":"906329","bugzilla_description":"CVE-2013-1573 wireshark: Infinite loop in the CSN.1 dissector (wnpa-sec-2013-01, bug 8037)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1573.json"},{"CVE":"CVE-2013-1574","severity":"low","public_date":"2013-01-29T00:00:00Z","advisories":[],"bugzilla":"906330","bugzilla_description":"CVE-2013-1574 wireshark: Infinite loop in the Bluetooth HCI dissector (wnpa-sec-2013-01, bug 8038)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1574.json"},{"CVE":"CVE-2013-1575","severity":"low","public_date":"2013-01-29T00:00:00Z","advisories":[],"bugzilla":"906331","bugzilla_description":"CVE-2013-1575 wireshark: Infinite loop in the R3 dissector (wnpa-sec-2013-01, bug 8040)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1575.json"},{"CVE":"CVE-2013-1576","severity":"low","public_date":"2013-01-29T00:00:00Z","advisories":[],"bugzilla":"906332","bugzilla_description":"CVE-2013-1576 wireshark: Infinite loop in the SDP dissector (wnpa-sec-2013-01, bug 8041)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1576.json"},{"CVE":"CVE-2013-1577","severity":"low","public_date":"2013-01-29T00:00:00Z","advisories":[],"bugzilla":"906333","bugzilla_description":"CVE-2013-1577 wireshark: Infinite loop in the SIP dissector (wnpa-sec-2013-01, bug 8042)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1577.json"},{"CVE":"CVE-2013-1578","severity":"low","public_date":"2013-01-29T00:00:00Z","advisories":[],"bugzilla":"906335","bugzilla_description":"CVE-2013-1578 wireshark: MPLS payload starting with valid-looking ethernet address dissected twice (wnpa-sec-2013-01, bug 8043)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1578.json"},{"CVE":"CVE-2013-1579","severity":"low","public_date":"2013-01-29T00:00:00Z","advisories":[],"bugzilla":"906337","bugzilla_description":"CVE-2013-1579 wireshark: Nested loop (crash) in the RTPS dissector (wnpa-sec-2013-01, bug 8198)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1579.json"},{"CVE":"CVE-2013-1580","severity":"low","public_date":"2013-01-29T00:00:00Z","advisories":[],"bugzilla":"906339","bugzilla_description":"CVE-2013-1580 wireshark: Infinite loop in the DOCSIS 3.0 CM-STATUS dissector (wnpa-sec-2013-01, bug 8199)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1580.json"},{"CVE":"CVE-2013-1581","severity":"low","public_date":"2013-01-29T00:00:00Z","advisories":[],"bugzilla":"906342","bugzilla_description":"CVE-2013-1581 wireshark: Infinite loop in the DCP-ETSI dissector (wnpa-sec-2013-01, bug 8222)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1581.json"},{"CVE":"CVE-2013-1582","severity":"low","public_date":"2013-01-29T00:00:00Z","advisories":[],"bugzilla":"906343","bugzilla_description":"CVE-2013-1582 wireshark: Infinite loop / crash in the CLNP dissector (wnpa-sec-2013-02, bug 7871)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1582.json"},{"CVE":"CVE-2013-1583","severity":"low","public_date":"2013-01-29T00:00:00Z","advisories":[],"bugzilla":"906344","bugzilla_description":"CVE-2013-1583 wireshark: Invalid read (crash) in the DTN dissector (wnpa-sec-2013-03, bug 7945)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1583.json"},{"CVE":"CVE-2013-1584","severity":"low","public_date":"2013-01-29T00:00:00Z","advisories":[],"bugzilla":"906347","bugzilla_description":"CVE-2013-1584 wireshark: Invalid read (crash) in the DTN dissector (wnpa-sec-2013-03, bug 7945) [A different issue than CVE-2013-1583]","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1584.json"},{"CVE":"CVE-2013-1585","severity":"low","public_date":"2013-01-29T00:00:00Z","advisories":[],"bugzilla":"906348","bugzilla_description":"CVE-2013-1585 wireshark: MS-MMC dissector crash (wnpa-sec-2013-04, bug 8112)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1585.json"},{"CVE":"CVE-2013-1586","severity":"low","public_date":"2013-01-29T00:00:00Z","advisories":[],"bugzilla":"906349","bugzilla_description":"CVE-2013-1586 wireshark: DTLS dissector crash (wnpa-sec-2013-05, bug 8111)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1586.json"},{"CVE":"CVE-2013-1587","severity":"low","public_date":"2013-01-29T00:00:00Z","advisories":[],"bugzilla":"906350","bugzilla_description":"CVE-2013-1587 wireshark: ROHC dissector crash (wnpa-sec-2013-06, bug 7679)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1587.json"},{"CVE":"CVE-2013-1588","severity":"moderate","public_date":"2013-01-29T00:00:00Z","advisories":[],"bugzilla":"906351","bugzilla_description":"CVE-2013-1588 wireshark: DCP-ETSI dissector crash (wnpa-sec-2013-07, bug 8213)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1588.json"},{"CVE":"CVE-2013-1589","severity":"moderate","public_date":"2013-01-29T00:00:00Z","advisories":[],"bugzilla":"906353","bugzilla_description":"CVE-2013-1589 wireshark: Wireshark dissection engine invalid read / crash (wnpa-sec-2013-08, bug 8197)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1589.json"},{"CVE":"CVE-2013-1590","severity":"moderate","public_date":"2013-01-29T00:00:00Z","advisories":[],"bugzilla":"906354","bugzilla_description":"CVE-2013-1590 wireshark: Buffer overflow in the NTLMSSP dissector (wnpa-sec-2013-09)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1590.json"},{"CVE":"CVE-2012-5602","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":[],"bugzilla":"881701","bugzilla_description":"CVE-2012-5602 CVE-2012-6058 wireshark: DoS (infinite loop) in the ICMPv6 dissector (wnpa-sec-2012-40)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5602.json"},{"CVE":"CVE-2012-6058","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":[],"bugzilla":"881701","bugzilla_description":"CVE-2012-5602 CVE-2012-6058 wireshark: DoS (infinite loop) in the ICMPv6 dissector (wnpa-sec-2012-40)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6058.json"},{"CVE":"CVE-2012-5601","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":[],"bugzilla":"881706","bugzilla_description":"CVE-2012-5601 CVE-2012-6055 wireshark: DoS (infinite loop) in the 3GPP2 A11 dissector (wnpa-sec-2012-39)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5601.json"},{"CVE":"CVE-2012-6055","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":[],"bugzilla":"881706","bugzilla_description":"CVE-2012-5601 CVE-2012-6055 wireshark: DoS (infinite loop) in the 3GPP2 A11 dissector (wnpa-sec-2012-39)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6055.json"},{"CVE":"CVE-2012-5600","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":["RHSA-2013:1569","RHSA-2014:0341"],"bugzilla":"881742","bugzilla_description":"CVE-2012-5600 CVE-2012-6062 wireshark: DoS (infinite loop) in the RTCP dissector (wnpa-sec-2012-38)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5600.json"},{"CVE":"CVE-2012-6062","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":["RHSA-2013:1569","RHSA-2014:0341"],"bugzilla":"881742","bugzilla_description":"CVE-2012-5600 CVE-2012-6062 wireshark: DoS (infinite loop) in the RTCP dissector (wnpa-sec-2012-38)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6062.json"},{"CVE":"CVE-2012-5599","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":["RHSA-2013:1569","RHSA-2014:0341"],"bugzilla":"881748","bugzilla_description":"CVE-2012-5599 CVE-2012-6061 wireshark: DoS (infinite loop) in the WTP dissector (wnpa-sec-2012-37)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5599.json"},{"CVE":"CVE-2012-6061","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":["RHSA-2013:1569","RHSA-2014:0341"],"bugzilla":"881748","bugzilla_description":"CVE-2012-5599 CVE-2012-6061 wireshark: DoS (infinite loop) in the WTP dissector (wnpa-sec-2012-37)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6061.json"},{"CVE":"CVE-2012-5598","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":["RHSA-2013:1569","RHSA-2014:0341"],"bugzilla":"881771","bugzilla_description":"CVE-2012-5598 CVE-2012-6060 wireshark: DoS (infinite loop) in the iSCSI dissector (wnpa-sec-2012-36)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5598.json"},{"CVE":"CVE-2012-6060","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":["RHSA-2013:1569","RHSA-2014:0341"],"bugzilla":"881771","bugzilla_description":"CVE-2012-5598 CVE-2012-6060 wireshark: DoS (infinite loop) in the iSCSI dissector (wnpa-sec-2012-36)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6060.json"},{"CVE":"CVE-2012-5597","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":["RHSA-2013:1569"],"bugzilla":"881790","bugzilla_description":"CVE-2012-5597 CVE-2012-6059 wireshark: DoS (crash) in the ISAKMP dissector (wnpa-sec-2012-35)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-4.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5597.json"},{"CVE":"CVE-2012-6059","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":["RHSA-2013:1569"],"bugzilla":"881790","bugzilla_description":"CVE-2012-5597 CVE-2012-6059 wireshark: DoS (crash) in the ISAKMP dissector (wnpa-sec-2012-35)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-4.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6059.json"},{"CVE":"CVE-2012-5596","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":[],"bugzilla":"881805","bugzilla_description":"CVE-2012-5596 CVE-2012-6057 wireshark: DoS (infinite loop) in the EIGRP dissector (wnpa-sec-2012-34)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5596.json"},{"CVE":"CVE-2012-6057","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":[],"bugzilla":"881805","bugzilla_description":"CVE-2012-5596 CVE-2012-6057 wireshark: DoS (infinite loop) in the EIGRP dissector (wnpa-sec-2012-34)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6057.json"},{"CVE":"CVE-2012-5595","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":["RHSA-2013:1569","RHSA-2014:0341"],"bugzilla":"881809","bugzilla_description":"CVE-2012-5595 CVE-2012-6056 wireshark: DoS (infinite loop) in the SCTP dissector (wnpa-sec-2012-33)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5595.json"},{"CVE":"CVE-2012-6056","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":["RHSA-2013:1569","RHSA-2014:0341"],"bugzilla":"881809","bugzilla_description":"CVE-2012-5595 CVE-2012-6056 wireshark: DoS (infinite loop) in the SCTP dissector (wnpa-sec-2012-33)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6056.json"},{"CVE":"CVE-2012-5594","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":[],"bugzilla":"881816","bugzilla_description":"CVE-2012-5594 CVE-2012-6054 wireshark: DoS (infinite loop) in the sFlow dissector (wnpa-sec-2012-32)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5594.json"},{"CVE":"CVE-2012-6054","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":[],"bugzilla":"881816","bugzilla_description":"CVE-2012-5594 CVE-2012-6054 wireshark: DoS (infinite loop) in the sFlow dissector (wnpa-sec-2012-32)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6054.json"},{"CVE":"CVE-2012-5593","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":[],"bugzilla":"881822","bugzilla_description":"CVE-2012-5593 CVE-2012-6053 wireshark: DoS (infinite loop) in the USB dissector (wnpa-sec-2012-31)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5593.json"},{"CVE":"CVE-2012-6053","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":[],"bugzilla":"881822","bugzilla_description":"CVE-2012-5593 CVE-2012-6053 wireshark: DoS (infinite loop) in the USB dissector (wnpa-sec-2012-31)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6053.json"},{"CVE":"CVE-2012-5592","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":[],"bugzilla":"881855","bugzilla_description":"CVE-2012-5592 CVE-2012-6052 wireshark: pcap-ng hostname disclosure (wnpa-sec-2012-30)","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5592.json"},{"CVE":"CVE-2012-6052","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":[],"bugzilla":"881855","bugzilla_description":"CVE-2012-5592 CVE-2012-6052 wireshark: pcap-ng hostname disclosure (wnpa-sec-2012-30)","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6052.json"},{"CVE":"CVE-2012-5237","severity":"low","public_date":"2012-10-02T00:00:00Z","advisories":[],"bugzilla":"862504","bugzilla_description":"CVE-2012-5237 wireshark: Infinite loop in the HSRP dissector","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5237.json"},{"CVE":"CVE-2012-5238","severity":"low","public_date":"2012-10-02T00:00:00Z","advisories":[],"bugzilla":"862507","bugzilla_description":"CVE-2012-5238 wireshark: Application abort due to wrong variable type in PPP dissector","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5238.json"},{"CVE":"CVE-2012-5239","severity":"low","public_date":"2012-10-02T00:00:00Z","advisories":[],"bugzilla":"862508","bugzilla_description":"CVE-2012-5239 wireshark: Infinite loop in the DRDA dissector","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5239.json"},{"CVE":"CVE-2012-5240","severity":"moderate","public_date":"2012-10-02T00:00:00Z","advisories":[],"bugzilla":"862510","bugzilla_description":"CVE-2012-5240 wireshark: Stack-based buffer overflow in the LDP dissector","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-121","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5240.json"},{"CVE":"CVE-2012-3548","severity":"low","public_date":"2012-08-21T00:00:00Z","advisories":[],"bugzilla":"849926","bugzilla_description":"CVE-2012-3548 wireshark (X >= 1.6.8): DoS (excessive CPU use and infinite loop) in DRDA dissector","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3548.json"},{"CVE":"CVE-2012-4285","severity":"low","public_date":"2012-08-15T00:00:00Z","advisories":["RHSA-2013:0125","RHSA-2013:1569"],"bugzilla":"848541","bugzilla_description":"CVE-2012-4285 wireshark: crash due to zero division in DCP ETSI dissector (wnpa-sec-2012-13)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-5.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4285.json"},{"CVE":"CVE-2012-4287","severity":"moderate","public_date":"2012-08-15T00:00:00Z","advisories":[],"bugzilla":"848544","bugzilla_description":"CVE-2012-4287 wireshark: DoS via excessive CPU consumption in MongoDB dissector (wnpa-sec-2012-14)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4287.json"},{"CVE":"CVE-2012-4288","severity":"low","public_date":"2012-08-15T00:00:00Z","advisories":["RHSA-2013:1569"],"bugzilla":"848548","bugzilla_description":"CVE-2012-4288 wireshark: DoS via excessive resource consumption in XTP dissector (wnpa-sec-2012-15)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-4.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4288.json"},{"CVE":"CVE-2012-4294","severity":"moderate","public_date":"2012-08-15T00:00:00Z","advisories":[],"bugzilla":"848554","bugzilla_description":"CVE-2012-4294 CVE-2012-4295 wireshark: buffer overflow in ERF dissector (wnpa-sec-2012-16)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4294.json"},{"CVE":"CVE-2012-4295","severity":"moderate","public_date":"2012-08-15T00:00:00Z","advisories":[],"bugzilla":"848554","bugzilla_description":"CVE-2012-4294 CVE-2012-4295 wireshark: buffer overflow in ERF dissector (wnpa-sec-2012-16)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4295.json"},{"CVE":"CVE-2012-4289","severity":"low","public_date":"2012-08-15T00:00:00Z","advisories":["RHSA-2013:0125","RHSA-2013:1569"],"bugzilla":"848561","bugzilla_description":"CVE-2012-4289 wireshark: DoS via excessive CPU consumption in AFP dissector (wnpa-sec-2012-17)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-5.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4289.json"},{"CVE":"CVE-2012-4296","severity":"low","public_date":"2012-08-15T00:00:00Z","advisories":[],"bugzilla":"848565","bugzilla_description":"CVE-2012-4296 wireshark: DoS via excessive CPU consumption in RTPS2 dissector (wnpa-sec-2012-18)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4296.json"},{"CVE":"CVE-2012-4297","severity":"moderate","public_date":"2012-08-15T00:00:00Z","advisories":[],"bugzilla":"848568","bugzilla_description":"CVE-2012-4297 wireshark: buffer overflow in GSM RLC MAC dissector (wnpa-sec-2012-19)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4297.json"},{"CVE":"CVE-2012-4291","severity":"low","public_date":"2012-08-15T00:00:00Z","advisories":["RHSA-2013:0125","RHSA-2013:1569"],"bugzilla":"848572","bugzilla_description":"CVE-2012-4291 wireshark: DoS via excessive system resource consumption in CIP dissector (wnpa-sec-2012-20)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-5.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4291.json"},{"CVE":"CVE-2012-4292","severity":"low","public_date":"2012-08-15T00:00:00Z","advisories":["RHSA-2013:1569"],"bugzilla":"848575","bugzilla_description":"CVE-2012-4292 wireshark: crash in STUN dissector (wnpa-sec-2012-21)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-4.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4292.json"},{"CVE":"CVE-2012-4293","severity":"low","public_date":"2012-08-15T00:00:00Z","advisories":[],"bugzilla":"848577","bugzilla_description":"CVE-2012-4293 wireshark: premature exit in EtherCAT Mailbox dissector (wnpa-sec-2012-22)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4293.json"},{"CVE":"CVE-2012-4290","severity":"low","public_date":"2012-08-15T00:00:00Z","advisories":["RHSA-2013:0125","RHSA-2013:1569"],"bugzilla":"848578","bugzilla_description":"CVE-2012-4290 wireshark: DoS via excessive CPU consumption in CTDB dissector (wnpa-sec-2012-23)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-5.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4290.json"},{"CVE":"CVE-2012-4286","severity":"low","public_date":"2012-08-15T00:00:00Z","advisories":[],"bugzilla":"848584","bugzilla_description":"CVE-2012-4286 wireshark: crash due to zero division in pcnap-ng file parser (wnpa-sec-2012-24)","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4286.json"},{"CVE":"CVE-2012-4298","severity":"moderate","public_date":"2012-08-15T00:00:00Z","advisories":[],"bugzilla":"848588","bugzilla_description":"CVE-2012-4298 wireshark: buffer overflow in Ixia IxVeriWave file parser (wnpa-sec-2012-25)","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4298.json"},{"CVE":"CVE-2012-4048","severity":"moderate","public_date":"2012-07-22T00:00:00Z","advisories":[],"bugzilla":"842516","bugzilla_description":"CVE-2012-4048 wireshark: Out-of-bounds memory write in PPP dissector","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4048.json"},{"CVE":"CVE-2012-4049","severity":"low","public_date":"2012-07-22T00:00:00Z","advisories":[],"bugzilla":"842518","bugzilla_description":"CVE-2012-4049 wireshark: Excessive CPU usage in NFS dissector","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4049.json"},{"CVE":"CVE-2012-2392","severity":"low","public_date":"2012-05-21T00:00:00Z","advisories":["RHSA-2013:1569"],"bugzilla":"824411","bugzilla_description":"CVE-2012-2392 wireshark: Infinite and large loops in ANSI MAP, ASF, IEEE 802.11, IEEE 802.3, and LTP dissectors (wnpa-sec-2012-08)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-4.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2392.json"},{"CVE":"CVE-2012-2393","severity":"low","public_date":"2012-05-21T00:00:00Z","advisories":[],"bugzilla":"824413","bugzilla_description":"CVE-2012-2393 wireshark: Memory allocation flaw in the DIAMETER dissector (wnpa-sec-2012-09)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2393.json"},{"CVE":"CVE-2012-2394","severity":"low","public_date":"2012-05-21T00:00:00Z","advisories":[],"bugzilla":"824419","bugzilla_description":"CVE-2012-2394 wireshark: Denial of service (crash) due memory alignment problem on SPARC and Itanium processors (wnpa-sec-2012-10)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2394.json"},{"CVE":"CVE-2012-3825","severity":"low","public_date":"2012-04-16T00:00:00Z","advisories":["RHSA-2013:1569"],"bugzilla":"836960","bugzilla_description":"CVE-2012-3825 wireshark: Integer overflows in BACapp and Bluetooth HCI dissectors, leading to DoS (wnpa-sec-2012-08)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-190","affected_packages":["wireshark-0:1.8.10-4.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3825.json"},{"CVE":"CVE-2012-3826","severity":"low","public_date":"2012-04-16T00:00:00Z","advisories":[],"bugzilla":"836961","bugzilla_description":"CVE-2012-3826 wireshark: Integer overflows in the R3 dissector, leading to DoS (wnpa-sec-2012-08)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3826.json"},{"CVE":"CVE-2012-1596","severity":"low","public_date":"2012-02-11T00:00:00Z","advisories":[],"bugzilla":"807661","bugzilla_description":"CVE-2012-1596 wireshark: MP2T dissector memory allocation flaw","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1596.json"},{"CVE":"CVE-2012-1593","severity":"low","public_date":"2012-02-10T00:00:00Z","advisories":[],"bugzilla":"807611","bugzilla_description":"CVE-2012-1593 wireshark: NULL pointer dereference in ANSI A dissector","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1593.json"},{"CVE":"CVE-2012-1594","severity":"low","public_date":"2012-02-08T00:00:00Z","advisories":[],"bugzilla":"807624","bugzilla_description":"CVE-2012-1594 wireshark: Infinite loop in the IEEE 802.11 dissector","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1594.json"},{"CVE":"CVE-2012-1595","severity":"moderate","public_date":"2012-02-07T00:00:00Z","advisories":["RHSA-2012:0509"],"bugzilla":"807644","bugzilla_description":"CVE-2012-1595 wireshark: Heap-based buffer overflow when reading ERF packets from pcap/pcap-ng trace files","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":["wireshark-0:1.2.15-2.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1595.json"},{"CVE":"CVE-2012-0041","severity":"low","public_date":"2012-01-10T00:00:00Z","advisories":["RHSA-2012:0509","RHSA-2013:0125"],"bugzilla":"773726","bugzilla_description":"CVE-2012-0041 wireshark: multiple file parser vulnerabilities (wnpa-sec-2012-01)","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.15-5.el5","wireshark-0:1.2.15-2.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0041.json"},{"CVE":"CVE-2012-0042","severity":"low","public_date":"2012-01-10T00:00:00Z","advisories":["RHSA-2012:0509","RHSA-2013:0125"],"bugzilla":"773728","bugzilla_description":"CVE-2012-0042 wireshark: NULL pointer vulnerabilities (wnpa-sec-2012-02)","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.15-5.el5","wireshark-0:1.2.15-2.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0042.json"},{"CVE":"CVE-2012-0043","severity":"moderate","public_date":"2012-01-10T00:00:00Z","advisories":[],"bugzilla":"773729","bugzilla_description":"CVE-2012-0043 wireshark: RLC dissector buffer overflow (wnpa-sec-2012-03)","cvss_score":5.4,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0043.json"},{"CVE":"CVE-2012-0066","severity":"low","public_date":"2012-01-10T00:00:00Z","advisories":["RHSA-2012:0509","RHSA-2013:0125"],"bugzilla":"783360","bugzilla_description":"CVE-2012-0066 Wireshark: Dos via large buffer allocation request","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.15-5.el5","wireshark-0:1.2.15-2.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0066.json"},{"CVE":"CVE-2012-0067","severity":"low","public_date":"2012-01-10T00:00:00Z","advisories":["RHSA-2012:0509","RHSA-2013:0125"],"bugzilla":"783363","bugzilla_description":"CVE-2012-0067 Wireshark: Dos due to integer overflow in IPTrace capture format parser","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-190","affected_packages":["wireshark-0:1.0.15-5.el5","wireshark-0:1.2.15-2.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0067.json"},{"CVE":"CVE-2012-0068","severity":"moderate","public_date":"2012-01-10T00:00:00Z","advisories":[],"bugzilla":"783370","bugzilla_description":"CVE-2012-0068 Wireshark: Heap-buffer underflow when parsing LANalyzer packet capture files","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0068.json"},{"CVE":"CVE-2011-4102","severity":"moderate","public_date":"2011-10-21T00:00:00Z","advisories":["RHSA-2012:0509","RHSA-2013:0125"],"bugzilla":"750648","bugzilla_description":"CVE-2011-4102 wireshark: buffer overflow in the ERF file reader","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.15-5.el5","wireshark-0:1.2.15-2.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4102.json"},{"CVE":"CVE-2011-4101","severity":"low","public_date":"2011-10-20T00:00:00Z","advisories":[],"bugzilla":"750645","bugzilla_description":"CVE-2011-4101 wireshark: NULL pointer dereference in Infiniband dissector can cause a crash","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4101.json"},{"CVE":"CVE-2011-4100","severity":"low","public_date":"2011-09-16T00:00:00Z","advisories":[],"bugzilla":"750643","bugzilla_description":"CVE-2011-4100 wireshark: uninitialized variable in the CSN.1 dissector can cause a crash","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4100.json"},{"CVE":"CVE-2011-3266","severity":"low","public_date":"2011-07-28T00:00:00Z","advisories":[],"bugzilla":"732947","bugzilla_description":"CVE-2011-3266 Wireshark proto_tree_add_item DoS","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3266.json"},{"CVE":"CVE-2011-3360","severity":"low","public_date":"2011-07-28T00:00:00Z","advisories":[],"bugzilla":"737784","bugzilla_description":"CVE-2011-3360 Wireshark: Lua script execution vulnerability","cvss_score":4.1,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3360.json"},{"CVE":"CVE-2011-2698","severity":"low","public_date":"2011-06-20T00:00:00Z","advisories":["RHSA-2012:0509","RHSA-2013:0125"],"bugzilla":"723215","bugzilla_description":"CVE-2011-2698 wireshark: Infinite loop in the ANSI A Interface (IS-634/IOS) dissector","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.0.15-5.el5","wireshark-0:1.2.15-2.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2698.json"},{"CVE":"CVE-2011-1957","severity":"low","public_date":"2011-05-31T00:00:00Z","advisories":["RHSA-2012:0509"],"bugzilla":"710021","bugzilla_description":"CVE-2011-1957 wireshark: Infinite loop in the DICOM dissector","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.2.15-2.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1957.json"},{"CVE":"CVE-2011-1959","severity":"low","public_date":"2011-05-31T00:00:00Z","advisories":["RHSA-2012:0509","RHSA-2013:0125"],"bugzilla":"710039","bugzilla_description":"CVE-2011-1959 wireshark: Stack-based buffer over-read from tvbuff buffer when reading snoop capture files","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.15-5.el5","wireshark-0:1.2.15-2.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1959.json"},{"CVE":"CVE-2011-2174","severity":"low","public_date":"2011-05-31T00:00:00Z","advisories":["RHSA-2012:0509"],"bugzilla":"710097","bugzilla_description":"CVE-2011-2174 wireshark: Double-free flaw by uncompressing of a zlib compressed packet","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.2.15-2.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2174.json"},{"CVE":"CVE-2011-2175","severity":"low","public_date":"2011-05-31T00:00:00Z","advisories":["RHSA-2012:0509","RHSA-2013:0125"],"bugzilla":"710109","bugzilla_description":"CVE-2011-2175 wireshark: Heap-based buffer over-read in Visual Networks dissector","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.15-5.el5","wireshark-0:1.2.15-2.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2175.json"},{"CVE":"CVE-2011-1958","severity":"low","public_date":"2011-05-31T00:00:00Z","advisories":["RHSA-2012:0509","RHSA-2013:0125"],"bugzilla":"710184","bugzilla_description":"CVE-2011-1958 wireshark (64bit): NULL pointer dereference by processing of a corrupted Diameter dictionary file","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:N/A:P","CWE":"CWE-476","affected_packages":["wireshark-0:1.0.15-5.el5","wireshark-0:1.2.15-2.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1958.json"},{"CVE":"CVE-2011-2597","severity":"low","public_date":"2011-05-31T00:00:00Z","advisories":["RHSA-2012:0509"],"bugzilla":"719753","bugzilla_description":"CVE-2011-2597 wireshark: infinite loop DoS in lucent/ascend file parser","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.2.15-2.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2597.json"},{"CVE":"CVE-2011-1590","severity":"moderate","public_date":"2011-04-15T00:00:00Z","advisories":["RHSA-2012:0509"],"bugzilla":"697741","bugzilla_description":"CVE-2011-1590 Wireshark: Use-after-free causes heap-based buffer overflow in X.509if dissector","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":["wireshark-0:1.2.15-2.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1590.json"},{"CVE":"CVE-2011-0024","severity":"moderate","public_date":"2011-03-21T00:00:00Z","advisories":["RHSA-2011:0370"],"bugzilla":"671331","bugzilla_description":"CVE-2011-0024 wireshark: heap-based buffer overflow in wireshark < 1.2 when reading malformed capture files","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":["wireshark-0:1.0.15-2.el4","wireshark-0:1.0.15-1.el5_6.4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0024.json"},{"CVE":"CVE-2011-1139","severity":"low","public_date":"2011-03-01T00:00:00Z","advisories":["RHSA-2011:0370","RHSA-2011:0369"],"bugzilla":"681748","bugzilla_description":"CVE-2011-1139 Wireshark: Denial Of Service (application crash) via a pcap-ng file that contains a large packet-length field","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.2.15-1.el6_0.1","wireshark-0:1.0.15-2.el4","wireshark-0:1.0.15-1.el5_6.4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1139.json"},{"CVE":"CVE-2011-1138","severity":"low","public_date":"2011-03-01T00:00:00Z","advisories":[],"bugzilla":"681753","bugzilla_description":"CVE-2011-1138 Wireshark: Off-by-one error in the dissect_6lowpan_iphc function causes application crash (Denial Of Service)","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-193","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1138.json"},{"CVE":"CVE-2011-1140","severity":"low","public_date":"2011-03-01T00:00:00Z","advisories":["RHSA-2011:0370","RHSA-2011:0369"],"bugzilla":"681754","bugzilla_description":"CVE-2011-1140 Wireshark: Multiple stack consumption vulnerabilities caused DoS via crafted SMB or CLDAP packet","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.2.15-1.el6_0.1","wireshark-0:1.0.15-2.el4","wireshark-0:1.0.15-1.el5_6.4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1140.json"},{"CVE":"CVE-2011-1141","severity":"low","public_date":"2011-03-01T00:00:00Z","advisories":["RHSA-2011:0370","RHSA-2011:0369"],"bugzilla":"681756","bugzilla_description":"CVE-2011-1141 Wireshark: Malformed LDAP filter string causes Denial of Service via excessive memory consumption","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.2.15-1.el6_0.1","wireshark-0:1.0.15-2.el4","wireshark-0:1.0.15-1.el5_6.4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1141.json"},{"CVE":"CVE-2011-1142","severity":"low","public_date":"2011-03-01T00:00:00Z","advisories":[],"bugzilla":"681758","bugzilla_description":"CVE-2011-1142 Wireshark: Stack consumption vulnerability in BER dissector can cause DoS","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1142.json"},{"CVE":"CVE-2011-1143","severity":"low","public_date":"2011-03-01T00:00:00Z","advisories":["RHSA-2012:0509","RHSA-2011:0370"],"bugzilla":"681760","bugzilla_description":"CVE-2011-1143 Wireshark: Null pointer dereference causing application crash when reading malformed pcap file","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-476","affected_packages":["wireshark-0:1.0.15-2.el4","wireshark-0:1.0.15-1.el5_6.4","wireshark-0:1.2.15-2.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1143.json"},{"CVE":"CVE-2011-0713","severity":"moderate","public_date":"2011-02-16T00:00:00Z","advisories":["RHSA-2011:0369"],"bugzilla":"678198","bugzilla_description":"CVE-2011-0713 Wireshark: heap-based buffer overflow when reading malformed Nokia DCT3 phone signalling traces","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":["wireshark-0:1.2.15-1.el6_0.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0713.json"},{"CVE":"CVE-2011-0538","severity":"low","public_date":"2011-02-03T00:00:00Z","advisories":["RHSA-2011:0370","RHSA-2011:0369"],"bugzilla":"676232","bugzilla_description":"CVE-2011-0538 Wireshark: memory corruption when reading a malformed pcap file (upstream bug #5652)","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.2.15-1.el6_0.1","wireshark-0:1.0.15-2.el4","wireshark-0:1.0.15-1.el5_6.4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0538.json"},{"CVE":"CVE-2011-0444","severity":"moderate","public_date":"2011-01-11T00:00:00Z","advisories":["RHSA-2011:0369"],"bugzilla":"669441","bugzilla_description":"CVE-2011-0444 wireshark: buffer overflow in MAC-LTE disector (upstream bug #5530)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P/","CWE":null,"affected_packages":["wireshark-0:1.2.15-1.el6_0.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0444.json"},{"CVE":"CVE-2011-0445","severity":"moderate","public_date":"2011-01-11T00:00:00Z","advisories":[],"bugzilla":"669443","bugzilla_description":"CVE-2011-0445 wireshark: DoS via crafted packets to ASN.1 BER dissector (upstream bug #5537)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P/","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0445.json"},{"CVE":"CVE-2010-4538","severity":"moderate","public_date":"2010-12-31T00:00:00Z","advisories":["RHSA-2011:0013"],"bugzilla":"666894","bugzilla_description":"CVE-2010-4538 Wireshark: Stack-based array index error in ENTTEC dissector (upstream bug #5539)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.15-1.el4_8.3","wireshark-0:1.0.15-1.el5_5.3","wireshark-0:1.2.13-1.el6_0.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4538.json"},{"CVE":"CVE-2010-4301","severity":"low","public_date":"2010-11-18T00:00:00Z","advisories":[],"bugzilla":"656437","bugzilla_description":"CVE-2010-4301 Wireshark: Infinite loop in Zigbee ZCL dissector","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P/","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4301.json"},{"CVE":"CVE-2010-4300","severity":"moderate","public_date":"2010-11-18T00:00:00Z","advisories":["RHSA-2010:0924"],"bugzilla":"656456","bugzilla_description":"CVE-2010-4300 Wireshark: Heap-based buffer overflow in LDSS dissector","cvss_score":4.9,"cvss_scoring_vector":"AV:A/AC:M/Au:S/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":["wireshark-0:1.2.13-1.el6_0.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4300.json"},{"CVE":"CVE-2010-3445","severity":"low","public_date":"2010-09-13T00:00:00Z","advisories":["RHSA-2010:0924","RHSA-2011:0370"],"bugzilla":"639486","bugzilla_description":"CVE-2010-3445 wireshark: stack overflow in BER dissector","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.15-2.el4","wireshark-0:1.0.15-1.el5_6.4","wireshark-0:1.2.13-1.el6_0.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3445.json"},{"CVE":"CVE-2010-2283","severity":"low","public_date":"2010-06-09T00:00:00Z","advisories":["RHSA-2010:0625"],"bugzilla":"604290","bugzilla_description":"CVE-2010-2283 wireshark: SMB dissector NULL pointer dereference","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-476","affected_packages":["wireshark-0:1.0.15-1.el4_8.1","wireshark-0:1.0.15-1.el5_5.1","wireshark-0:1.0.15-EL3.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2283.json"},{"CVE":"CVE-2010-2284","severity":"low","public_date":"2010-06-09T00:00:00Z","advisories":["RHSA-2010:0625"],"bugzilla":"604292","bugzilla_description":"CVE-2010-2284 wireshark: ASN.1 BER dissector stack overrun","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.15-1.el4_8.1","wireshark-0:1.0.15-1.el5_5.1","wireshark-0:1.0.15-EL3.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2284.json"},{"CVE":"CVE-2010-2285","severity":null,"public_date":"2010-06-09T00:00:00Z","advisories":[],"bugzilla":"604299","bugzilla_description":"CVE-2010-2285 wireshark: SMB PIPE dissector NULL pointer dereference","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2285.json"},{"CVE":"CVE-2010-2286","severity":"low","public_date":"2010-06-09T00:00:00Z","advisories":["RHSA-2010:0625"],"bugzilla":"604302","bugzilla_description":"CVE-2010-2286 wireshark: SigComp UDVM dissector infinite loop","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.0.15-1.el4_8.1","wireshark-0:1.0.15-1.el5_5.1","wireshark-0:1.0.15-EL3.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2286.json"},{"CVE":"CVE-2010-2287","severity":"moderate","public_date":"2010-06-09T00:00:00Z","advisories":["RHSA-2010:0625"],"bugzilla":"604308","bugzilla_description":"CVE-2010-2995 wireshark: SigComp UDVM dissector buffer overruns","cvss_score":5.4,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.15-1.el4_8.1","wireshark-0:1.0.15-1.el5_5.1","wireshark-0:1.0.15-EL3.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2287.json"},{"CVE":"CVE-2010-2995","severity":"moderate","public_date":"2010-06-09T00:00:00Z","advisories":["RHSA-2010:0625"],"bugzilla":"604308","bugzilla_description":"CVE-2010-2995 wireshark: SigComp UDVM dissector buffer overruns","cvss_score":5.4,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.15-1.el4_8.1","wireshark-0:1.0.15-1.el5_5.1","wireshark-0:1.0.15-EL3.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2995.json"},{"CVE":"CVE-2010-1455","severity":"low","public_date":"2010-05-05T00:00:00Z","advisories":["RHSA-2010:0625"],"bugzilla":"590613","bugzilla_description":"CVE-2010-1455 wireshark: DOCSIS dissector crash","cvss_score":1.8,"cvss_scoring_vector":"AV:A/AC:H/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.15-1.el4_8.1","wireshark-0:1.0.15-1.el5_5.1","wireshark-0:1.0.15-EL3.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1455.json"},{"CVE":"CVE-2010-0304","severity":"moderate","public_date":"2010-01-27T00:00:00Z","advisories":["RHSA-2010:0360"],"bugzilla":"559793","bugzilla_description":"CVE-2010-0304 wireshark: crash in LWRES dissector","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.11-1.el5_5.5","wireshark-0:1.0.11-EL3.6","wireshark-0:1.0.11-1.el4_8.5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0304.json"},{"CVE":"CVE-2009-4377","severity":"moderate","public_date":"2009-12-17T00:00:00Z","advisories":["RHSA-2010:0360"],"bugzilla":"549578","bugzilla_description":"CVE-2009-4377 wireshark: invalid pointer dereference in SMB/SMB2 dissectors","cvss_score":5.4,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.11-1.el5_5.5","wireshark-0:1.0.11-EL3.6","wireshark-0:1.0.11-1.el4_8.5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4377.json"},{"CVE":"CVE-2009-3550","severity":"low","public_date":"2009-10-27T00:00:00Z","advisories":["RHSA-2010:0360"],"bugzilla":"531260","bugzilla_description":"CVE-2009-3550 Wireshark: NULL pointer dereference in the DCERPC over SMB packet disassembly","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-476","affected_packages":["wireshark-0:1.0.11-1.el5_5.5","wireshark-0:1.0.11-EL3.6","wireshark-0:1.0.11-1.el4_8.5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3550.json"},{"CVE":"CVE-2009-3829","severity":"low","public_date":"2009-10-05T00:00:00Z","advisories":["RHSA-2010:0360"],"bugzilla":"532479","bugzilla_description":"CVE-2009-3829 wireshark: unsigned integer wrap vulnerability in ERF reader (VU#676492)","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.11-1.el5_5.5","wireshark-0:1.0.11-EL3.6","wireshark-0:1.0.11-1.el4_8.5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3829.json"},{"CVE":"CVE-2009-2562","severity":"moderate","public_date":"2009-07-20T00:00:00Z","advisories":["RHSA-2010:0360"],"bugzilla":"512987","bugzilla_description":"CVE-2009-2562 Wireshark: Integer overflow in the AFS dissector","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-190","affected_packages":["wireshark-0:1.0.11-1.el5_5.5","wireshark-0:1.0.11-EL3.6","wireshark-0:1.0.11-1.el4_8.5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2562.json"},{"CVE":"CVE-2009-2563","severity":"low","public_date":"2009-07-20T00:00:00Z","advisories":["RHSA-2010:0360"],"bugzilla":"512992","bugzilla_description":"CVE-2009-2563 Wireshark: Null-ptr dereference in the InfiniBand dissector","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.11-1.el5_5.5","wireshark-0:1.0.11-EL3.6","wireshark-0:1.0.11-1.el4_8.5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2563.json"},{"CVE":"CVE-2009-2560","severity":"low","public_date":"2009-07-20T00:00:00Z","advisories":["RHSA-2010:0360"],"bugzilla":"513008","bugzilla_description":"CVE-2009-2560 Wireshark: various flaws in a) RADIUS, b) Bluetooth L2CAP, c) MIOP dissectors (DoS)","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.11-1.el5_5.5","wireshark-0:1.0.11-EL3.6","wireshark-0:1.0.11-1.el4_8.5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2560.json"},{"CVE":"CVE-2009-1829","severity":"low","public_date":"2009-05-21T00:00:00Z","advisories":["RHSA-2009:1100"],"bugzilla":"501929","bugzilla_description":"CVE-2009-1829 wireshark: PCNFSD dissector crash","cvss_score":3.3,"cvss_scoring_vector":"AV:A/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.8-1.el4_8.1","wireshark-0:1.0.8-1.el5_3.1","wireshark-0:1.0.8-EL3.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1829.json"},{"CVE":"CVE-2009-1268","severity":"low","public_date":"2009-04-08T00:00:00Z","advisories":["RHSA-2009:1100"],"bugzilla":"495119","bugzilla_description":"CVE-2009-1268 Wireshark CHAP dissector crash","cvss_score":3.3,"cvss_scoring_vector":"AV:A/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.8-1.el4_8.1","wireshark-0:1.0.8-1.el5_3.1","wireshark-0:1.0.8-EL3.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1268.json"},{"CVE":"CVE-2009-1269","severity":"low","public_date":"2009-04-08T00:00:00Z","advisories":["RHSA-2009:1100"],"bugzilla":"495121","bugzilla_description":"CVE-2009-1269 Wireshark Tektronix .rf5 file crash","cvss_score":3.3,"cvss_scoring_vector":"AV:A/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.8-1.el4_8.1","wireshark-0:1.0.8-1.el5_3.1","wireshark-0:1.0.8-EL3.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1269.json"},{"CVE":"CVE-2009-1210","severity":"moderate","public_date":"2009-03-30T00:00:00Z","advisories":["RHSA-2009:1100"],"bugzilla":"493973","bugzilla_description":"CVE-2009-1210 wireshark: format string in PROFINET dissector","cvss_score":5.8,"cvss_scoring_vector":"AV:A/AC:L/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.8-1.el4_8.1","wireshark-0:1.0.8-1.el5_3.1","wireshark-0:1.0.8-EL3.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1210.json"},{"CVE":"CVE-2009-0599","severity":"moderate","public_date":"2009-02-06T00:00:00Z","advisories":["RHSA-2009:0313"],"bugzilla":"485888","bugzilla_description":"CVE-2009-0599 wireshark: buffer overflows in NetScreen snoop file reader","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.6-EL3.3","wireshark-0:1.0.6-2.el4_7","wireshark-0:1.0.6-2.el5_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0599.json"},{"CVE":"CVE-2009-0600","severity":"low","public_date":"2009-02-06T00:00:00Z","advisories":["RHSA-2009:0313"],"bugzilla":"485889","bugzilla_description":"CVE-2009-0600 wireshark: denial of service (application crash) via a crafted Tektronix K12 text capture file","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.6-EL3.3","wireshark-0:1.0.6-2.el4_7","wireshark-0:1.0.6-2.el5_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0600.json"},{"CVE":"CVE-2008-6472","severity":"low","public_date":"2008-12-08T00:00:00Z","advisories":["RHSA-2009:0313"],"bugzilla":"490370","bugzilla_description":"CVE-2008-6472 wireshark: DoS vulnerability in WLCCP dissector","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:1.0.6-EL3.3","wireshark-0:1.0.6-2.el4_7","wireshark-0:1.0.6-2.el5_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-6472.json"},{"CVE":"CVE-2008-5285","severity":"low","public_date":"2008-11-22T00:00:00Z","advisories":["RHSA-2009:0313"],"bugzilla":"472737","bugzilla_description":"CVE-2008-5285 wireshark: DoS (infinite loop) in SMTP dissector via large SMTP request","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":["wireshark-0:1.0.6-EL3.3","wireshark-0:1.0.6-2.el4_7","wireshark-0:1.0.6-2.el5_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5285.json"},{"CVE":"CVE-2008-4681","severity":"low","public_date":"2008-10-20T00:00:00Z","advisories":["RHSA-2009:0313"],"bugzilla":"468167","bugzilla_description":"CVE-2008-4681 wireshark: DoS (app crash or abort) in Bluetooth RFCOMM dissector via unknown packets","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:1.0.6-EL3.3","wireshark-0:1.0.6-2.el4_7","wireshark-0:1.0.6-2.el5_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4681.json"},{"CVE":"CVE-2008-4680","severity":"low","public_date":"2008-10-01T00:00:00Z","advisories":["RHSA-2009:0313"],"bugzilla":"468166","bugzilla_description":"CVE-2008-4680 wireshark: DoS (app crash or abort) via malformed USB Request Block (URB).","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:1.0.6-EL3.3","wireshark-0:1.0.6-2.el4_7","wireshark-0:1.0.6-2.el5_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4680.json"},{"CVE":"CVE-2008-4682","severity":"low","public_date":"2008-10-01T00:00:00Z","advisories":["RHSA-2009:0313"],"bugzilla":"468169","bugzilla_description":"CVE-2008-4682 wireshark: DoS (app abort) via a malformed .ncf file with an unknown/unexpected packet type","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:1.0.6-EL3.3","wireshark-0:1.0.6-2.el4_7","wireshark-0:1.0.6-2.el5_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4682.json"},{"CVE":"CVE-2008-4685","severity":"low","public_date":"2008-09-13T00:00:00Z","advisories":["RHSA-2009:0313"],"bugzilla":"468175","bugzilla_description":"CVE-2008-4685 wireshark: DoS (app crash or abort) in Q.931 dissector via certain packets","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:1.0.6-EL3.3","wireshark-0:1.0.6-2.el4_7","wireshark-0:1.0.6-2.el5_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4685.json"},{"CVE":"CVE-2008-3146","severity":"moderate","public_date":"2008-09-03T00:00:00Z","advisories":["RHSA-2008:0890"],"bugzilla":"461242","bugzilla_description":"CVE-2008-3146 wireshark: multiple buffer overflows in NCP dissector","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:1.0.3-3.el4_7","wireshark-0:1.0.3-4.el5_2","wireshark-0:1.0.3-EL3.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3146.json"},{"CVE":"CVE-2008-3932","severity":"low","public_date":"2008-09-03T00:00:00Z","advisories":["RHSA-2008:0890"],"bugzilla":"461243","bugzilla_description":"CVE-2008-3932 wireshark: infinite loop in the NCP dissector","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":["wireshark-0:1.0.3-3.el4_7","wireshark-0:1.0.3-4.el5_2","wireshark-0:1.0.3-EL3.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3932.json"},{"CVE":"CVE-2008-3933","severity":"low","public_date":"2008-09-03T00:00:00Z","advisories":["RHSA-2008:0890"],"bugzilla":"461244","bugzilla_description":"CVE-2008-3933 wireshark: crash triggered by zlib-compressed packet data","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:1.0.3-3.el4_7","wireshark-0:1.0.3-4.el5_2","wireshark-0:1.0.3-EL3.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3933.json"},{"CVE":"CVE-2008-3934","severity":"low","public_date":"2008-09-03T00:00:00Z","advisories":["RHSA-2008:0890"],"bugzilla":"461245","bugzilla_description":"CVE-2008-3934 wireshark: crash via crafted Tektronix .rf5 file","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:1.0.3-3.el4_7","wireshark-0:1.0.3-4.el5_2","wireshark-0:1.0.3-EL3.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3934.json"},{"CVE":"CVE-2008-3145","severity":"low","public_date":"2008-07-10T00:00:00Z","advisories":["RHSA-2008:0890"],"bugzilla":"454984","bugzilla_description":"CVE-2008-3145 wireshark: crash in the packet reassembling","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:1.0.3-3.el4_7","wireshark-0:1.0.3-4.el5_2","wireshark-0:1.0.3-EL3.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3145.json"},{"CVE":"CVE-2008-3137","severity":"low","public_date":"2008-06-30T00:00:00Z","advisories":["RHSA-2008:0890"],"bugzilla":"454970","bugzilla_description":"CVE-2008-3137 wireshark: crash in the GSM SMS dissector","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:1.0.3-3.el4_7","wireshark-0:1.0.3-4.el5_2","wireshark-0:1.0.3-EL3.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3137.json"},{"CVE":"CVE-2008-3138","severity":"low","public_date":"2008-06-30T00:00:00Z","advisories":["RHSA-2008:0890"],"bugzilla":"454971","bugzilla_description":"CVE-2008-3138 wireshark: unexpected exit in the PANA and KISMET dissectors","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:1.0.3-3.el4_7","wireshark-0:1.0.3-4.el5_2","wireshark-0:1.0.3-EL3.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3138.json"},{"CVE":"CVE-2008-3141","severity":"low","public_date":"2008-06-30T00:00:00Z","advisories":["RHSA-2008:0890"],"bugzilla":"454975","bugzilla_description":"CVE-2008-3141 wireshark: memory disclosure in the RMI dissector","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:1.0.3-3.el4_7","wireshark-0:1.0.3-4.el5_2","wireshark-0:1.0.3-EL3.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3141.json"},{"CVE":"CVE-2008-4684","severity":"low","public_date":"2008-05-16T00:00:00Z","advisories":["RHSA-2009:0313"],"bugzilla":"468174","bugzilla_description":"CVE-2008-4684 wireshark: DoS (app crash) via certain series of packets by enabling the (1) PRP or (2) MATE post dissector","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:1.0.6-EL3.3","wireshark-0:1.0.6-2.el4_7","wireshark-0:1.0.6-2.el5_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4684.json"},{"CVE":"CVE-2008-1563","severity":"low","public_date":"2008-03-28T00:00:00Z","advisories":["RHSA-2008:0890"],"bugzilla":"439943","bugzilla_description":"CVE-2008-1563 wireshark: crash in SCCP dissector","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:1.0.3-3.el4_7","wireshark-0:1.0.3-4.el5_2","wireshark-0:1.0.3-EL3.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1563.json"},{"CVE":"CVE-2008-1561","severity":"low","public_date":"2008-03-28T00:00:00Z","advisories":["RHSA-2008:0890"],"bugzilla":"440014","bugzilla_description":"CVE-2008-1561 wireshark: crash in X.509sat and Roofnet dissectors","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:1.0.3-3.el4_7","wireshark-0:1.0.3-4.el5_2","wireshark-0:1.0.3-EL3.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1561.json"},{"CVE":"CVE-2008-1562","severity":"low","public_date":"2008-03-28T00:00:00Z","advisories":["RHSA-2008:0890"],"bugzilla":"440015","bugzilla_description":"CVE-2008-1562 wireshark: crash in LDAP dissector","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:1.0.3-3.el4_7","wireshark-0:1.0.3-4.el5_2","wireshark-0:1.0.3-EL3.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1562.json"},{"CVE":"CVE-2007-3393","severity":"low","public_date":"2007-05-26T00:00:00Z","advisories":["RHSA-2007:0709","RHSA-2008:0059","RHSA-2007:0710"],"bugzilla":"246221","bugzilla_description":"CVE-2007-3393 Wireshark corrupts the stack when inspecting BOOTP traffic","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.6-1.el5","wireshark-0:0.99.6-EL4.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3393.json"},{"CVE":"CVE-2008-4683","severity":"moderate","public_date":"2007-04-04T00:00:00Z","advisories":["RHSA-2009:0313"],"bugzilla":"468171","bugzilla_description":"CVE-2008-4683 wireshark: DoS (app crash or abort) in Bluetooth ACL dissector via a packet with an invalid length","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:1.0.6-EL3.3","wireshark-0:1.0.6-2.el4_7","wireshark-0:1.0.6-2.el5_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4683.json"},{"CVE":"CVE-2007-3391","severity":"low","public_date":"2007-03-10T00:00:00Z","advisories":["RHSA-2007:0709","RHSA-2008:0059","RHSA-2007:0710"],"bugzilla":"245797","bugzilla_description":"CVE-2007-3391 Wireshark loops infinitely when inspecting DCP ETSI traffic","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.6-1.el5","wireshark-0:0.99.6-EL4.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3391.json"},{"CVE":"CVE-2007-3390","severity":"low","public_date":"2007-03-05T00:00:00Z","advisories":["RHSA-2007:0709","RHSA-2008:0059","RHSA-2007:0710"],"bugzilla":"246225","bugzilla_description":"CVE-2007-3390 Wireshark crashes when inspecting iSeries traffic","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.6-1.el5","wireshark-0:0.99.6-EL4.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3390.json"},{"CVE":"CVE-2008-1070","severity":"low","public_date":"2007-02-27T00:00:00Z","advisories":["RHSA-2008:0890"],"bugzilla":"435481","bugzilla_description":"CVE-2008-1070 wireshark: SCTP dissector crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:1.0.3-3.el4_7","wireshark-0:1.0.3-4.el5_2","wireshark-0:1.0.3-EL3.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1070.json"},{"CVE":"CVE-2008-1071","severity":"low","public_date":"2007-02-27T00:00:00Z","advisories":["RHSA-2008:0890"],"bugzilla":"435482","bugzilla_description":"CVE-2008-1071 wireshark: SNMP dissector crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:1.0.3-3.el4_7","wireshark-0:1.0.3-4.el5_2","wireshark-0:1.0.3-EL3.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1071.json"},{"CVE":"CVE-2008-1072","severity":"low","public_date":"2007-02-27T00:00:00Z","advisories":["RHSA-2008:0890"],"bugzilla":"435483","bugzilla_description":"CVE-2008-1072 wireshark: TFTP dissector crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:1.0.3-3.el4_7","wireshark-0:1.0.3-4.el5_2","wireshark-0:1.0.3-EL3.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1072.json"},{"CVE":"CVE-2007-3389","severity":"low","public_date":"2007-02-22T00:00:00Z","advisories":["RHSA-2007:0709","RHSA-2008:0059","RHSA-2007:0710"],"bugzilla":"245796","bugzilla_description":"CVE-2007-3389 Wireshark crashes when inspecting HTTP traffic","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.6-1.el5","wireshark-0:0.99.6-EL4.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3389.json"},{"CVE":"CVE-2007-3392","severity":"low","public_date":"2007-02-17T00:00:00Z","advisories":["RHSA-2007:0709","RHSA-2008:0059","RHSA-2007:0710"],"bugzilla":"246229","bugzilla_description":"CVE-2007-3392 Wireshark crashes when inspecting MMS traffic","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.6-1.el5","wireshark-0:0.99.6-EL4.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3392.json"},{"CVE":"CVE-2007-0456","severity":"low","public_date":"2007-02-01T00:00:00Z","advisories":["RHSA-2007:0066"],"bugzilla":"227140","bugzilla_description":"CVE-2007-0456 Multiple Wireshark issues (CVE-2007-0457, CVE-2007-0458, CVE-2007-0459)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.5-1.el5","wireshark-0:0.99.5-EL3.1","wireshark-0:0.99.5-AS21.3","wireshark-0:0.99.5-EL4.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0456.json"},{"CVE":"CVE-2007-0457","severity":"low","public_date":"2007-02-01T00:00:00Z","advisories":["RHSA-2007:0066"],"bugzilla":"227140","bugzilla_description":"CVE-2007-0456 Multiple Wireshark issues (CVE-2007-0457, CVE-2007-0458, CVE-2007-0459)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.5-1.el5","wireshark-0:0.99.5-EL3.1","wireshark-0:0.99.5-AS21.3","wireshark-0:0.99.5-EL4.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0457.json"},{"CVE":"CVE-2007-0458","severity":"low","public_date":"2007-02-01T00:00:00Z","advisories":["RHSA-2007:0066"],"bugzilla":"227140","bugzilla_description":"CVE-2007-0456 Multiple Wireshark issues (CVE-2007-0457, CVE-2007-0458, CVE-2007-0459)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.5-1.el5","wireshark-0:0.99.5-EL3.1","wireshark-0:0.99.5-AS21.3","wireshark-0:0.99.5-EL4.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0458.json"},{"CVE":"CVE-2007-0459","severity":"low","public_date":"2007-02-01T00:00:00Z","advisories":["RHSA-2007:0066"],"bugzilla":"227140","bugzilla_description":"CVE-2007-0456 Multiple Wireshark issues (CVE-2007-0457, CVE-2007-0458, CVE-2007-0459)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.5-1.el5","wireshark-0:0.99.5-EL3.1","wireshark-0:0.99.5-AS21.3","wireshark-0:0.99.5-EL4.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0459.json"},{"CVE":"CVE-2006-4574","severity":"moderate","public_date":"2006-10-30T00:00:00Z","advisories":["RHSA-2006:0726"],"bugzilla":"1618197","bugzilla_description":"CVE-2006-4574 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.4-EL3.1","wireshark-0:0.99.4-EL4.1","wireshark-0:0.99.4-AS21.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4574.json"},{"CVE":"CVE-2006-4805","severity":"moderate","public_date":"2006-10-30T00:00:00Z","advisories":["RHSA-2006:0726"],"bugzilla":"1618202","bugzilla_description":"CVE-2006-4805 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.4-EL3.1","wireshark-0:0.99.4-EL4.1","wireshark-0:0.99.4-AS21.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4805.json"},{"CVE":"CVE-2006-5468","severity":"moderate","public_date":"2006-10-30T00:00:00Z","advisories":["RHSA-2006:0726"],"bugzilla":"1618215","bugzilla_description":"CVE-2006-5468 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.4-EL3.1","wireshark-0:0.99.4-EL4.1","wireshark-0:0.99.4-AS21.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5468.json"},{"CVE":"CVE-2006-5469","severity":"moderate","public_date":"2006-10-30T00:00:00Z","advisories":["RHSA-2006:0726"],"bugzilla":"1618216","bugzilla_description":"CVE-2006-5469 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.4-EL3.1","wireshark-0:0.99.4-EL4.1","wireshark-0:0.99.4-AS21.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5469.json"},{"CVE":"CVE-2006-5740","severity":"moderate","public_date":"2006-10-30T00:00:00Z","advisories":["RHSA-2006:0726"],"bugzilla":"1618222","bugzilla_description":"CVE-2006-5740 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.4-EL3.1","wireshark-0:0.99.4-EL4.1","wireshark-0:0.99.4-AS21.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5740.json"},{"CVE":"CVE-2006-4330","severity":"low","public_date":"2006-08-23T00:00:00Z","advisories":["RHSA-2006:0658"],"bugzilla":"1618178","bugzilla_description":"CVE-2006-4330 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.3-EL3.2","wireshark-0:0.99.3-EL4.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4330.json"},{"CVE":"CVE-2006-4331","severity":"low","public_date":"2006-08-23T00:00:00Z","advisories":["RHSA-2006:0658"],"bugzilla":"1618179","bugzilla_description":"CVE-2006-4331 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.3-EL3.2","wireshark-0:0.99.3-EL4.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4331.json"},{"CVE":"CVE-2006-4333","severity":"low","public_date":"2006-08-23T00:00:00Z","advisories":["RHSA-2006:0658"],"bugzilla":"1618180","bugzilla_description":"CVE-2006-4333 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.3-EL3.2","wireshark-0:0.99.3-EL4.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4333.json"},{"CVE":"CVE-2006-3627","severity":"low","public_date":"2006-07-17T00:00:00Z","advisories":["RHSA-2006:0602"],"bugzilla":"1618146","bugzilla_description":"CVE-2006-3627 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.2-EL4.1","wireshark-0:0.99.2-EL3.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3627.json"},{"CVE":"CVE-2006-3628","severity":"moderate","public_date":"2006-07-17T00:00:00Z","advisories":["RHSA-2006:0602"],"bugzilla":"1618147","bugzilla_description":"CVE-2006-3628 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.2-EL4.1","wireshark-0:0.99.2-EL3.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3628.json"},{"CVE":"CVE-2006-3629","severity":"low","public_date":"2006-07-17T00:00:00Z","advisories":["RHSA-2006:0602"],"bugzilla":"1618148","bugzilla_description":"CVE-2006-3629 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.2-EL4.1","wireshark-0:0.99.2-EL3.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3629.json"},{"CVE":"CVE-2006-3630","severity":"moderate","public_date":"2006-07-17T00:00:00Z","advisories":["RHSA-2006:0602"],"bugzilla":"1618149","bugzilla_description":"CVE-2006-3630 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.2-EL4.1","wireshark-0:0.99.2-EL3.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3630.json"},{"CVE":"CVE-2006-3631","severity":"low","public_date":"2006-07-17T00:00:00Z","advisories":["RHSA-2006:0602"],"bugzilla":"1618150","bugzilla_description":"CVE-2006-3631 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.2-EL4.1","wireshark-0:0.99.2-EL3.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3631.json"},{"CVE":"CVE-2006-3632","severity":"moderate","public_date":"2006-07-17T00:00:00Z","advisories":["RHSA-2006:0602"],"bugzilla":"1618151","bugzilla_description":"CVE-2006-3632 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.2-EL4.1","wireshark-0:0.99.2-EL3.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3632.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/arptables_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/arptables_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/arptables_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/arpwatch_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/arpwatch_security_api_results.json new file mode 100644 index 0000000..7435537 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/arpwatch_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2012-2653","severity":"moderate","public_date":"2012-05-24T00:00:00Z","advisories":[],"bugzilla":"825328","bugzilla_description":"CVE-2012-2653 arpwatch: fails to drop supplementary groups","cvss_score":3.3,"cvss_scoring_vector":"AV:A/AC:L/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2653.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/at-spi2-atk-devel_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/at-spi2-atk-devel_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/at-spi2-atk-devel_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/at-spi2-atk_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/at-spi2-atk_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/at-spi2-atk_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/at-spi2-core-devel_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/at-spi2-core-devel_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/at-spi2-core-devel_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/at-spi2-core_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/at-spi2-core_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/at-spi2-core_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/at_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/at_security_api_results.json new file mode 100644 index 0000000..70dddac --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/at_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2020-15157","severity":"moderate","public_date":"2020-10-15T00:00:00Z","advisories":[],"bugzilla":"1888248","bugzilla_description":"CVE-2020-15157 containerd: credentials leak during image pull","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15157.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2020-8563","severity":"moderate","public_date":"2020-10-14T00:00:00Z","advisories":[],"bugzilla":"1886635","bugzilla_description":"CVE-2020-8563 kubernetes: Secret leaks in kube-controller-manager when using vSphere Provider","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-117","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8563.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N","cvss3_score":"6.3"},{"CVE":"CVE-2020-8564","severity":"moderate","public_date":"2020-10-14T00:00:00Z","advisories":[],"bugzilla":"1886637","bugzilla_description":"CVE-2020-8564 kubernetes: Docker config secrets leaked when file is malformed and loglevel >= 4","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-117","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8564.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2020-8565","severity":"moderate","public_date":"2020-10-14T00:00:00Z","advisories":[],"bugzilla":"1886638","bugzilla_description":"CVE-2020-8565 kubernetes: Incomplete fix for CVE-2019-11250 allows for token leak in logs when logLevel >= 9","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-117","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8565.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2020-8566","severity":"moderate","public_date":"2020-10-14T00:00:00Z","advisories":[],"bugzilla":"1886640","bugzilla_description":"CVE-2020-8566 kubernetes: Ceph RBD adminSecrets exposed in logs when loglevel >= 4","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-117","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8566.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2020-13943","severity":"moderate","public_date":"2020-10-12T00:00:00Z","advisories":[],"bugzilla":"1887648","bugzilla_description":"CVE-2020-13943 tomcat: Apache Tomcat HTTP/2 Request mix-up","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13943.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2020-26945","severity":"moderate","public_date":"2020-10-10T00:00:00Z","advisories":[],"bugzilla":"1887257","bugzilla_description":"CVE-2020-26945 mybatis: mishandles deserialization of object streams which could result in remote code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-502","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26945.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"7.3"},{"CVE":"CVE-2020-8264","severity":"important","public_date":"2020-10-07T00:00:00Z","advisories":[],"bugzilla":"1886554","bugzilla_description":"CVE-2020-8264 rubygem-actionpack: possible XSS vulnerability in Action Pack in development mode","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-79","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8264.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L","cvss3_score":"7.7"},{"CVE":"CVE-2020-7743","severity":"moderate","public_date":"2020-10-07T00:00:00Z","advisories":[],"bugzilla":"1887999","bugzilla_description":"CVE-2020-7743 mathjs: prototype pollution via the deepExtend function that runs upon configuration updates","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7743.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"7.3"},{"CVE":"CVE-2020-10763","severity":"moderate","public_date":"2020-09-30T00:00:00Z","advisories":["RHSA-2020:4143"],"bugzilla":"1845387","bugzilla_description":"CVE-2020-10763 heketi: gluster-block volume password details available in logs","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-532","affected_packages":["heketi-0:9.0.0-9.5.el7rhgs"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10763.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2020-25644","severity":"important","public_date":"2020-09-22T00:00:00Z","advisories":["RHSA-2020:4257","RHSA-2020:4256"],"bugzilla":"1885485","bugzilla_description":"CVE-2020-25644 wildfly-openssl: memory leak per HTTP session creation in WildFly OpenSSL","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["eap7-wildfly-openssl-linux-x86_64-0:1.0.11-1.Final_redhat_00001.1.el8eap","eap7-wildfly-openssl-linux-x86_64-0:1.0.11-1.Final_redhat_00001.1.el6eap","eap7-wildfly-openssl-linux-x86_64-0:1.0.11-1.Final_redhat_00001.1.el7eap"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25644.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-24750","severity":"important","public_date":"2020-09-18T00:00:00Z","advisories":["RHSA-2020:4173"],"bugzilla":"1882310","bugzilla_description":"CVE-2020-24750 jackson-databind: Serialization gadgets in com.pastdev.httpcomponents.configuration.JndiConfiguration","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-502","affected_packages":["rh-maven35-jackson-databind-0:2.7.6-2.11.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24750.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2020-26160","severity":"moderate","public_date":"2020-09-15T00:00:00Z","advisories":[],"bugzilla":"1883371","bugzilla_description":"CVE-2020-26160 jwt-go: access restriction bypass vulnerability","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-284","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26160.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"7.5"},{"CVE":"CVE-2020-1968","severity":"low","public_date":"2020-09-09T00:00:00Z","advisories":[],"bugzilla":"1877458","bugzilla_description":"CVE-2020-1968 openssl: Information exposure when DH secret are reused across multiple TLS connections","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-385->CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1968.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.9"},{"CVE":"CVE-2020-15169","severity":"moderate","public_date":"2020-09-09T00:00:00Z","advisories":[],"bugzilla":"1877566","bugzilla_description":"CVE-2020-15169 rubygem-activeview: Cross-site scripting in translation helpers","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-79","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15169.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2020-14384","severity":"important","public_date":"2020-09-03T00:00:00Z","advisories":["RHSA-2020:3731","RHSA-2020:3730"],"bugzilla":"1875176","bugzilla_description":"CVE-2020-14384 jbossweb: Incomplete fix of CVE-2020-13935 for WebSocket in JBossWeb could lead to DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el7","jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el5","jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14384.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-14380","severity":"important","public_date":"2020-08-31T02:44:00Z","advisories":[],"bugzilla":"1873926","bugzilla_description":"CVE-2020-14380 Satellite: Local user impersonation by Single sign-on (SSO) user leads to account takeover","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-287","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14380.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-24616","severity":"important","public_date":"2020-08-25T00:00:00Z","advisories":[],"bugzilla":"1872707","bugzilla_description":"CVE-2020-24616 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-96","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24616.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2020-14364","severity":"important","public_date":"2020-08-24T12:00:00Z","advisories":["RHSA-2020:4049","RHSA-2020:4115","RHSA-2020:4048","RHSA-2020:4059","RHSA-2020:4047","RHSA-2020:4058","RHSA-2020:4079","RHSA-2020:4167","RHSA-2020:4056","RHSA-2020:4078","RHSA-2020:4111","RHSA-2020:4055","RHSA-2020:4176","RHSA-2020:4054","RHSA-2020:4053","RHSA-2020:4052","RHSA-2020:4162","RHSA-2020:4051","RHSA-2020:4172","RHSA-2020:4050","RHSA-2020:4291","RHSA-2020:4290"],"bugzilla":"1869201","bugzilla_description":"CVE-2020-14364 QEMU: usb: out-of-bounds r/w access issue while processing usb packets","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125->CWE-787","affected_packages":["qemu-kvm-10:1.5.3-105.el7_2.20","qemu-kvm-rhev-10:2.12.0-33.el7_7.12","qemu-kvm-10:1.5.3-175.el7_9.1","qemu-kvm-10:1.5.3-160.el7_6.8","qemu-kvm-10:1.5.3-141.el7_4.11","qemu-kvm-ma-10:2.12.0-33.el7_7.4","qemu-kvm-rhev-10:2.12.0-18.el7_6.12","qemu-kvm-2:0.12.1.2-2.448.el6_6.9","virt:rhel-8000020200910175113.f8e95b4e","qemu-kvm-ma-10:2.12.0-18.el7_6.7","qemu-kvm-10:1.5.3-167.el7_7.7","qemu-kvm-2:0.12.1.2-2.506.el6_10.8","qemu-kvm-2:0.12.1.2-2.415.el6_5.21","qemu-kvm-ma-10:2.12.0-48.el7_9.1","virt:rhel-8020020200909224913.4cda2c84","qemu-kvm-rhev-10:2.12.0-48.el7_9.1","qemu-kvm-10:1.5.3-126.el7_3.18","redhat-virtualization-host-0:4.4.2-20200930.0.el8_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14364.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L","cvss3_score":"5.0"},{"CVE":"CVE-2020-10758","severity":"important","public_date":"2020-08-18T00:00:00Z","advisories":["RHSA-2020:3501","RHSA-2020:3496","RHSA-2020:3497","RHSA-2020:3495","RHSA-2020:3539"],"bugzilla":"1843849","bugzilla_description":"CVE-2020-10758 keycloak: DoS by sending multiple simultaneous requests with a Content-Length header value greater than actual byte count of request body","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["rh-sso7-keycloak-0:9.0.5-1.redhat_00001.1.el6sso","rh-sso7-keycloak-0:9.0.5-1.redhat_00001.1.el7sso","rh-sso7-keycloak-0:9.0.5-1.redhat_00001.1.el8sso"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10758.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-14352","severity":"important","public_date":"2020-08-13T00:00:00Z","advisories":["RHSA-2020:3749","RHBA-2020:3609","RHSA-2020:3658","RHSA-2020:3756"],"bugzilla":"1866498","bugzilla_description":"CVE-2020-14352 librepo: missing path validation in repomd.xml may lead to directory traversal","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-22","affected_packages":["librepo-0:1.9.2-2.el8_0","librepo-0:1.10.3-4.el8_1","redhat-coreos-43.82.202009181853.0","librepo-0:1.11.0-3.el8_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14352.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.0"},{"CVE":"CVE-2020-8911","severity":"moderate","public_date":"2020-08-11T00:00:00Z","advisories":[],"bugzilla":"1869800","bugzilla_description":"CVE-2020-8911 aws/aws-sdk-go: CBC padding oracle issue in AWS S3 Crypto SDK for golang","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-327","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8911.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N","cvss3_score":"5.6"},{"CVE":"CVE-2020-8912","severity":"low","public_date":"2020-08-11T00:00:00Z","advisories":[],"bugzilla":"1869801","bugzilla_description":"CVE-2020-8912 aws-sdk-go: In-band key negotiation issue in AWS S3 Crypto SDK for golang","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-327","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8912.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"2.5"},{"CVE":"CVE-2020-1710","severity":"important","public_date":"2020-08-06T00:00:00Z","advisories":["RHSA-2020:3501","RHSA-2020:3642","RHSA-2020:3463","RHSA-2020:3464","RHSA-2020:3461","RHSA-2020:3462","RHSA-2020:3638","RHSA-2020:3539","RHSA-2020:3639","RHSA-2020:3779","RHSA-2020:3637"],"bugzilla":"1793970","bugzilla_description":"CVE-2020-1710 EAP: field-name is not parsed in accordance to RFC7230","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-74->CWE-113","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1710.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","cvss3_score":"7.5"},{"CVE":"CVE-2020-16845","severity":"moderate","public_date":"2020-08-06T00:00:00Z","advisories":["RHSA-2020:3665","RHSA-2020:4214","RHSA-2020:4201"],"bugzilla":"1867099","bugzilla_description":"CVE-2020-16845 golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":["container-native-virtualization/kubevirt-ssp-operator:v2.4.2-2","container-native-virtualization/virt-api:v2.4.2-1","go-toolset-1.13-golang-0:1.13.15-3.el7","go-toolset:rhel8-8020020200817154239.02f7cb7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-16845.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-24553","severity":"moderate","public_date":"2020-08-01T00:00:00Z","advisories":[],"bugzilla":"1874857","bugzilla_description":"CVE-2020-24553 golang: default Content-Type setting in net/http/cgi and net/http/fcgi could cause XSS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-79","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24553.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2020-16117","severity":"low","public_date":"2020-07-30T00:00:00Z","advisories":[],"bugzilla":"1862125","bugzilla_description":"CVE-2020-16117 evolution-data-server: NULL pointer dereference related to imapx_free_capability and imapx_connect_to_server","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-16117.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2020-10713","severity":"moderate","public_date":"2020-07-29T17:00:00Z","advisories":["RHSA-2020:3223","RHSA-2020:4115","RHSA-2020:3276","RHSA-2020:3274","RHSA-2020:3275","RHSA-2020:3273","RHSA-2020:3271","RHSA-2020:4172","RHSA-2020:3216","RHSA-2020:3227","RHSA-2020:3217"],"bugzilla":"1825243","bugzilla_description":"CVE-2020-10713 grub2: Crafted grub.cfg file can lead to arbitrary code execution during boot process","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787->CWE-78","affected_packages":["grub2-1:2.02-0.86.el7_8","fwupd-0:1.1.4-7.el8_2","fwupdate-0:12-6.el7_8","grub2-1:2.02-87.el8_2","shim-0:15-14.el8_2","shim-0:15-7.el7_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10713.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H","cvss3_score":"8.2"},{"CVE":"CVE-2020-14334","severity":"important","public_date":"2020-07-28T13:30:00Z","advisories":["RHSA-2020:4127"],"bugzilla":"1858284","bugzilla_description":"CVE-2020-14334 foreman: unauthorized cache read on RPM-based installations through local user","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":["foreman-0:1.24.1.28-3.el7sat"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14334.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-10731","severity":"important","public_date":"2020-07-28T00:00:00Z","advisories":["RHSA-2020:3410","RHSA-2020:3199","RHSA-2020:3406"],"bugzilla":"1831544","bugzilla_description":"CVE-2020-10731 openstack-tripleo-heat-templates: No sVirt protection for OSP16 VMs due to disabled SELinux","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-284->CWE-1220","affected_packages":["openstack-tripleo-heat-templates-0:11.3.2-0.20200405044628.ec9970c.el8ost","openstack-tripleo-heat-templates-0:10.6.3-0.20200113185561.cf467ea.el8ost","openstack-tripleo-heat-templates-0:11.3.2-0.20200616081532.396affd.el8ost"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10731.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","cvss3_score":"9.9"},{"CVE":"CVE-2020-10715","severity":"low","public_date":"2020-07-27T00:00:00Z","advisories":["RHSA-2020:2992"],"bugzilla":"1767665","bugzilla_description":"CVE-2020-10715 openshift/console: text injection on error page via crafted url","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["atomic-openshift-web-console-0:3.11.248-1.git.1.cc96c2d.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10715.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N","cvss3_score":"3.1"},{"CVE":"CVE-2020-8557","severity":"moderate","public_date":"2020-07-15T00:00:00Z","advisories":["RHSA-2020:3520","RHSA-2020:3809","RHSA-2020:3808","RHSA-2020:3580","RHSA-2020:3519","RHSA-2020:3579"],"bugzilla":"1835977","bugzilla_description":"CVE-2020-8557 kubernetes: Node disk DOS by writing to container /etc/hosts","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["openshift-0:4.3.37-202009120213.p0.git.0.dffefe4.el8","openshift4/ose-hyperkube:v4.4.0-202008250319.p0","openshift4/ose-hyperkube:v4.3.37-202009151447.p0","openshift4/ose-hyperkube:v4.5.0-202008130146.p0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8557.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2020-8559","severity":"moderate","public_date":"2020-07-15T00:00:00Z","advisories":[],"bugzilla":"1851422","bugzilla_description":"CVE-2020-8559 kubernetes: compromised node could escalate to cluster level privileges","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-601","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8559.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"6.4"},{"CVE":"CVE-2020-13935","severity":"important","public_date":"2020-07-15T00:00:00Z","advisories":["RHSA-2020:3303","RHSA-2020:4004","RHSA-2020:3382","RHSA-2020:3383","RHSA-2020:3806","RHSA-2020:3308","RHSA-2020:3306","RHSA-2020:3305"],"bugzilla":"1857024","bugzilla_description":"CVE-2020-13935 tomcat: multiple requests with invalid payload length in a WebSocket frame could lead to DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["jws5-tomcat-0:9.0.30-5.redhat_6.1.el6jws","tomcat-0:7.0.76-15.el7","jbossweb-0:7.5.31-2.Final_redhat_2.1.ep6.el7","jbossweb-0:7.5.31-2.Final_redhat_2.1.ep6.el5","jbossweb-0:7.5.31-2.Final_redhat_2.1.ep6.el6","jws5-tomcat-0:9.0.30-5.redhat_6.1.el8jws","jws5-tomcat-0:9.0.30-5.redhat_6.1.el7jws"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13935.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-13934","severity":"important","public_date":"2020-07-15T00:00:00Z","advisories":["RHSA-2020:3806","RHSA-2020:3308","RHSA-2020:3306"],"bugzilla":"1857040","bugzilla_description":"CVE-2020-13934 tomcat: OutOfMemoryException caused by HTTP/2 connection leak could lead to DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["jws5-tomcat-0:9.0.30-5.redhat_6.1.el6jws","jws5-tomcat-0:9.0.30-5.redhat_6.1.el8jws","jws5-tomcat-0:9.0.30-5.redhat_6.1.el7jws"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13934.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-15586","severity":"moderate","public_date":"2020-07-14T00:00:00Z","advisories":["RHSA-2020:3665","RHSA-2020:4214","RHSA-2020:4201"],"bugzilla":"1856953","bugzilla_description":"CVE-2020-15586 golang: data race in certain net/http servers including ReverseProxy can lead to DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":["container-native-virtualization/kubevirt-ssp-operator:v2.4.2-2","container-native-virtualization/virt-api:v2.4.2-1","go-toolset-1.13-golang-0:1.13.15-3.el7","go-toolset:rhel8-8020020200817154239.02f7cb7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15586.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2020-14336","severity":"low","public_date":"2020-07-13T00:00:00Z","advisories":[],"bugzilla":"1858981","bugzilla_description":"CVE-2020-14336 openshift: restricted SCC allows pods to craft custom network packets","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-770","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14336.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.1"},{"CVE":"CVE-2020-8558","severity":"moderate","public_date":"2020-07-08T00:00:00Z","advisories":["RHSA-2020:2412","RHSA-2020:2992","RHSA-2020:2927","RHSA-2020:3184","RHSA-2020:2926","RHSA-2020:3183","RHSA-2020:2413"],"bugzilla":"1843358","bugzilla_description":"CVE-2020-8558 kubernetes: node localhost services reachable via martian packets","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-300","affected_packages":["openshift-0:4.5.0-202007012112.p0.git.0.582d7fc.el7","atomic-openshift-0:3.11.248-1.git.0.92ee8ac.el7","openshift4/ose-hyperkube:v4.4.0-202007120152.p0","openshift4/ose-console:v4.5.0-202007012112.p0","openshift4/ose-hyperkube:v4.3.31-202007272153.p0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8558.json","cvss3_scoring_vector":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","cvss3_score":"5.4"},{"CVE":"CVE-2020-14313","severity":"moderate","public_date":"2020-07-06T00:00:00Z","advisories":["RHSA-2020:3525"],"bugzilla":"1853026","bugzilla_description":"CVE-2020-14313 quay: build triggers can disclose robot account names and existence of private repos within namespaces","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":["quay/quay-rhel8-operator:v3.3.1-4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14313.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2020-14928","severity":"low","public_date":"2020-07-04T00:00:00Z","advisories":[],"bugzilla":"1857470","bugzilla_description":"CVE-2020-14928 evolution-data-server: Response Injection via STARTTLS in SMTP and POP3","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14928.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2020-14306","severity":"important","public_date":"2020-06-30T00:00:00Z","advisories":["RHSA-2020:2795"],"bugzilla":"1850380","bugzilla_description":"CVE-2020-14306 openshift-service-mesh/istio-rhel8-operator: control plane can deploy gateway image to any namespace","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-648","affected_packages":["servicemesh-operator-0:1.1.4-3.el8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14306.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-8022","severity":"moderate","public_date":"2020-06-29T00:00:00Z","advisories":[],"bugzilla":"1852863","bugzilla_description":"CVE-2020-8022 tomcat: /usr/lib/tmpfiles.d/tomcat.conf is group-writable","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-276","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8022.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"7.7"},{"CVE":"CVE-2020-11996","severity":"moderate","public_date":"2020-06-25T00:00:00Z","advisories":[],"bugzilla":"1851420","bugzilla_description":"CVE-2020-11996 tomcat: specially crafted sequence of HTTP/2 requests can lead to DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11996.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-14316","severity":"important","public_date":"2020-06-23T00:00:00Z","advisories":["RHSA-2020:3194"],"bugzilla":"1848951","bugzilla_description":"CVE-2020-14316 kubevirt: VMIs can be used to access host files","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-284","affected_packages":["container-native-virtualization/kubevirt-ssp-operator:v2.4.0-71","container-native-virtualization/virt-api:v2.4.0-58"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14316.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","cvss3_score":"9.9"},{"CVE":"CVE-2020-14040","severity":"moderate","public_date":"2020-06-17T00:00:00Z","advisories":["RHSA-2020:3665","RHSA-2020:3369","RHSA-2020:3578","RHSA-2020:4214","RHSA-2020:3783","RHSA-2020:3087","RHSA-2020:3780","RHSA-2020:3372","RHSA-2020:3727"],"bugzilla":"1853652","bugzilla_description":"CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":["openshift3/ose-docker-registry:v3.11.286-1","servicemesh-grafana-0:6.4.3-13.el8","distributed-tracing/jaeger-query-rhel7:1.17.5-3","kiali-0:v1.12.10.redhat2-1.el7","ior-0:1.1.6-1.el8","openshift4/ose-cluster-version-operator:v4.5.0-202008280601.p0","distributed-tracing/jaeger-ingester-rhel7:1.17.5-3","distributed-tracing/jaeger-all-in-one-rhel7:1.17.5-3","distributed-tracing/jaeger-rhel7-operator:1.17.5-3","servicemesh-0:1.1.6-1.el8","servicemesh-cni-0:1.1.6-1.el8","servicemesh-prometheus-0:2.14.0-14.el8","openshift4/ose-cluster-network-operator:v4.4.0-202009120105.p0","openshift-service-mesh/3scale-istio-adapter-rhel8:1.0.0-8","distributed-tracing/jaeger-agent-rhel7:1.17.5-3","openshift4/ose-cluster-svcat-controller-manager-operator:v4.5.0-202008280221.p0","openshift4/ose-cluster-svcat-apiserver-operator:v4.5.0-202009112201.p0","distributed-tracing/jaeger-collector-rhel7:1.17.5-3","openshift4/ose-elasticsearch-operator:v4.5.0-202008310950.p0","servicemesh-operator-0:1.1.6-2.el8","go-toolset:rhel8-8020020200817154239.02f7cb7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14040.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-17566","severity":"moderate","public_date":"2020-06-15T00:00:00Z","advisories":[],"bugzilla":"1848617","bugzilla_description":"CVE-2019-17566 batik: SSRF via \"xlink:href\"","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-352","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17566.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","cvss3_score":"7.5"},{"CVE":"CVE-2020-8184","severity":"moderate","public_date":"2020-06-15T00:00:00Z","advisories":[],"bugzilla":"1849141","bugzilla_description":"CVE-2020-8184 rubygem-rack: percent-encoded cookies can be used to overwrite existing prefixed cookie names","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-807","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8184.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","cvss3_score":"7.5"},{"CVE":"CVE-2020-15780","severity":"moderate","public_date":"2020-06-15T00:00:00Z","advisories":["RHBA-2020:3180","RHSA-2020:3222","RHSA-2020:3218","RHSA-2020:3219","RHSA-2020:3228"],"bugzilla":"1852962","bugzilla_description":"CVE-2020-15780 kernel: lockdown: bypass through ACPI write via acpi_configfs","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-284","affected_packages":["kernel-rt-0:4.18.0-193.14.3.rt13.67.el8_2","kernel-0:4.18.0-80.27.2.el8_0","kernel-0:4.18.0-147.24.2.el8_1","redhat-coreos-43.82.202007300301.0","kernel-0:4.18.0-193.14.3.el8_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15780.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.4"},{"CVE":"CVE-2020-14195","severity":"important","public_date":"2020-06-14T00:00:00Z","advisories":["RHBA-2020:1494","RHSA-2020:3192","RHBA-2020:3255"],"bugzilla":"1848958","bugzilla_description":"CVE-2020-14195 jackson-databind: serialization in org.jsecurity.realm.jndi.JndiRealmFactory","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-502","affected_packages":["candlepin-0:2.6.16-1.el7sat"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14195.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2020-10752","severity":"moderate","public_date":"2020-06-10T00:00:00Z","advisories":[],"bugzilla":"1839942","bugzilla_description":"CVE-2020-10752 openshift/openshift-apiserver: oauthtokens leaked to logs on panic","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-522","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10752.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2020-5411","severity":"important","public_date":"2020-06-10T00:00:00Z","advisories":[],"bugzilla":"1862601","bugzilla_description":"CVE-2020-5411 spring-batch-core: Jackson configuration allows code execution with unknown serialization gadgets","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-502","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-5411.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2020-0543","severity":"moderate","public_date":"2020-06-09T17:00:00Z","advisories":["RHSA-2020:2433","RHSA-2020:2431","RHSA-2020:2432","RHSA-2020:2771","RHSA-2020:2680","RHSA-2020:2706","RHSA-2020:2758","RHSA-2020:2679","RHSA-2020:2757","RHSA-2020:2842","RHSA-2020:2677","RHBA-2020:3180","RHSA-2020:2707"],"bugzilla":"1827165","bugzilla_description":"CVE-2020-0543 hw: Special Register Buffer Data Sampling (SRBDS)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["microcode_ctl-4:20190618-1.20200609.1.el8_1","redhat-coreos-43.82.202007300301.0","microcode_ctl-2:1.17-19.29.el6_6","microcode_ctl-4:20191115-4.20200602.2.el8_2","microcode_ctl-2:1.17-33.26.el6_10","microcode_ctl-2:2.1-12.30.el7_2","microcode_ctl-4:20180807a-2.20200609.1.el8_0","microcode_ctl-2:2.1-47.14.el7_6","microcode_ctl-2:2.1-53.9.el7_7","microcode_ctl-2:2.1-61.6.el7_8","microcode_ctl-2:1.17-17.31.el6_5","microcode_ctl-2:2.1-16.33.el7_3","microcode_ctl-2:2.1-22.32.el7_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-0543.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2020-10766","severity":"important","public_date":"2020-06-09T17:00:00Z","advisories":["RHSA-2020:3016","RHBA-2020:3180","RHSA-2020:3222","RHSA-2020:3010","RHSA-2020:3297","RHSA-2020:3041","RHSA-2020:3073"],"bugzilla":"1845840","bugzilla_description":"CVE-2020-10766 kernel: Rogue cross-process SSBD shutdown. Linux scheduler logical bug allows an attacker to turn off the SSBD protection.","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-440","affected_packages":["kernel-0:4.18.0-147.24.2.el8_1","redhat-coreos-43.82.202007300301.0","kernel-0:4.18.0-80.27.1.el8_0","kernel-rt-0:4.18.0-193.13.2.rt13.65.el8_2","kernel-0:4.18.0-193.13.2.el8_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10766.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2020-10767","severity":"important","public_date":"2020-06-09T14:00:00Z","advisories":["RHSA-2020:3016","RHBA-2020:3180","RHSA-2020:3222","RHSA-2020:3010","RHSA-2020:3297","RHSA-2020:3041","RHSA-2020:3073"],"bugzilla":"1845867","bugzilla_description":"CVE-2020-10767 kernel: Indirect Branch Prediction Barrier is force-disabled when STIBP is unavailable or enhanced IBRS is available.","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-440","affected_packages":["kernel-0:4.18.0-147.24.2.el8_1","redhat-coreos-43.82.202007300301.0","kernel-0:4.18.0-80.27.1.el8_0","kernel-rt-0:4.18.0-193.13.2.rt13.65.el8_2","kernel-0:4.18.0-193.13.2.el8_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10767.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2020-10768","severity":"important","public_date":"2020-06-09T14:00:00Z","advisories":["RHSA-2020:3016","RHBA-2020:3180","RHSA-2020:3222","RHSA-2020:3010","RHSA-2020:3297","RHSA-2020:3041","RHSA-2020:3073"],"bugzilla":"1845868","bugzilla_description":"CVE-2020-10768 kernel: Indirect branch speculation can be enabled after it was force-disabled by the PR_SPEC_FORCE_DISABLE prctl command.","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-440","affected_packages":["kernel-0:4.18.0-147.24.2.el8_1","redhat-coreos-43.82.202007300301.0","kernel-0:4.18.0-80.27.1.el8_0","kernel-rt-0:4.18.0-193.13.2.rt13.65.el8_2","kernel-0:4.18.0-193.13.2.el8_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10768.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2020-7921","severity":"moderate","public_date":"2020-06-05T00:00:00Z","advisories":[],"bugzilla":"1848563","bugzilla_description":"CVE-2020-7921 mongodb: Improper serialization permits bypass of IP based authentication restrictions","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-863","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7921.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2020-10757","severity":"important","public_date":"2020-06-04T09:00:00Z","advisories":["RHSA-2020:3016","RHSA-2020:3226","RHBA-2020:3180","RHSA-2020:3598","RHSA-2020:3221","RHSA-2020:3222","RHSA-2020:3010","RHSA-2020:3220","RHSA-2020:3041"],"bugzilla":"1842525","bugzilla_description":"CVE-2020-10757 kernel: kernel: DAX hugepages not considered during mremap","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["kernel-0:4.18.0-147.24.2.el8_1","kernel-0:3.10.0-957.58.2.el7","redhat-coreos-43.82.202007300301.0","kernel-rt-0:3.10.0-1127.18.2.rt56.1116.el7","kernel-0:3.10.0-1127.18.2.el7","kernel-0:4.18.0-80.27.1.el8_0","kernel-0:3.10.0-1062.33.1.el7","kernel-rt-0:4.18.0-193.13.2.rt13.65.el8_2","kernel-0:4.18.0-193.13.2.el8_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10757.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2020-12049","severity":"important","public_date":"2020-06-04T00:00:00Z","advisories":["RHBA-2020:3180","RHSA-2020:3014","RHSA-2020:2894","RHSA-2020:3298","RHSA-2020:3044"],"bugzilla":"1849041","bugzilla_description":"CVE-2020-12049 dbus: denial of service via file descriptor leak","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["redhat-coreos-43.82.202007300301.0","dbus-1:1.12.8-10.el8_2","dbus-1:1.12.8-10.el8_1","dbus-1:1.10.24-14.el7_8","dbus-1:1.12.8-8.el8_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12049.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2020-13777","severity":"important","public_date":"2020-06-03T00:00:00Z","advisories":["RHBA-2020:3180","RHSA-2020:2639","RHSA-2020:2637","RHSA-2020:2638"],"bugzilla":"1843723","bugzilla_description":"CVE-2020-13777 gnutls: session resumption works without master key allowing MITM","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-345","affected_packages":["gnutls-0:3.6.8-9.el8_1","redhat-coreos-43.82.202007300301.0","gnutls-0:3.6.5-3.el8_0","gnutls-0:3.6.8-11.el8_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13777.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"7.4"},{"CVE":"CVE-2020-8555","severity":"moderate","public_date":"2020-06-01T00:00:00Z","advisories":["RHSA-2020:2594","RHSA-2020:2440","RHSA-2020:2441","RHSA-2020:2448","RHSA-2020:2449","RHSA-2020:2479"],"bugzilla":"1821583","bugzilla_description":"CVE-2020-8555 kubernetes: Server side request forgery (SSRF) in kube-controller-manager allows users to leak secret information","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":["openshift4/ose-hyperkube:v4.3.25-202006081335","atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7","openshift4/ose-hyperkube:v4.4.0-202006080610","openshift-0:4.3.25-202006060952.git.1.96c30f6.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8555.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N","cvss3_score":"6.3"},{"CVE":"CVE-2020-10749","severity":"moderate","public_date":"2020-06-01T00:00:00Z","advisories":["RHSA-2020:2412","RHSA-2020:2684","RHSA-2020:2443","RHSA-2020:2592","RHSA-2020:3194","RHSA-2020:2403"],"bugzilla":"1833220","bugzilla_description":"CVE-2020-10749 containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-300","affected_packages":["openshift4/ose-multus-cni:v4.5.0-202007012112.p0","containernetworking-plugins-0:0.8.3-3.el7_8","containernetworking-plugins-0:0.8.6-1.rhaos4.3.el7","openshift4/ose-container-networking-plugins-rhel7:v4.5.0-202007012112.p0","container-native-virtualization/kubevirt-ssp-operator:v2.4.0-71","container-native-virtualization/virt-api:v2.4.0-58"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10749.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L","cvss3_score":"6.0"},{"CVE":"CVE-2020-10754","severity":"moderate","public_date":"2020-05-29T04:41:00Z","advisories":["RHBA-2020:3180","RHSA-2020:4003","RHSA-2020:3011"],"bugzilla":"1841041","bugzilla_description":"CVE-2020-10754 NetworkManager: user configuration not honoured leaving the connection unauthenticated via insecure defaults","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-287->CWE-306","affected_packages":["NetworkManager-1:1.18.8-1.el7","redhat-coreos-43.82.202007300301.0","NetworkManager-1:1.22.8-5.el8_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10754.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2020-9484","severity":"important","public_date":"2020-05-20T00:00:00Z","advisories":["RHSA-2020:3017","RHSA-2020:2530","RHSA-2020:2487","RHSA-2020:2509","RHSA-2020:2483","RHSA-2020:2529","RHSA-2020:2506"],"bugzilla":"1838332","bugzilla_description":"CVE-2020-9484 tomcat: deserialization flaw in session persistence storage leading to RCE","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-502","affected_packages":["tomcat-0:7.0.76-12.el7_8","tomcat6-0:6.0.24-115.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9484.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2020-14060","severity":"important","public_date":"2020-05-19T00:00:00Z","advisories":["RHSA-2020:3197","RHSA-2020:3196","RHBA-2020:1494","RHSA-2020:3192","RHBA-2020:3255"],"bugzilla":"1848960","bugzilla_description":"CVE-2020-14060 jackson-databind: serialization in oadd.org.apache.xalan.lib.sql.JNDIConnectionPool","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-502","affected_packages":["candlepin-0:2.6.16-1.el7sat"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14060.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2020-14062","severity":"important","public_date":"2020-05-19T00:00:00Z","advisories":["RHSA-2020:3197","RHSA-2020:3196","RHBA-2020:1494","RHSA-2020:3192","RHBA-2020:3255"],"bugzilla":"1848962","bugzilla_description":"CVE-2020-14062 jackson-databind: serialization in com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-502","affected_packages":["candlepin-0:2.6.16-1.el7sat"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14062.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2020-14061","severity":"important","public_date":"2020-05-19T00:00:00Z","advisories":["RHSA-2020:3197","RHSA-2020:3196","RHBA-2020:1494","RHSA-2020:3192","RHBA-2020:3255"],"bugzilla":"1848966","bugzilla_description":"CVE-2020-14061 jackson-databind: serialization in weblogic/oracle-aqjms","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-502","affected_packages":["candlepin-0:2.6.16-1.el7sat"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14061.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2020-7656","severity":"moderate","public_date":"2020-05-19T00:00:00Z","advisories":["RHSA-2020:4211"],"bugzilla":"1850119","bugzilla_description":"CVE-2020-7656 jQuery: allows XSS via the load method","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-79","affected_packages":["qpid-dispatch-0:1.13.0-3.el6_10","qpid-dispatch-0:1.13.0-3.el8","qpid-dispatch-0:1.13.0-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7656.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N","cvss3_score":"5.4"},{"CVE":"CVE-2020-10722","severity":"moderate","public_date":"2020-05-18T00:00:00Z","advisories":["RHSA-2020:4114","RHSA-2020:2297","RHSA-2020:2298","RHSA-2020:2683","RHSA-2020:2295","RHSA-2020:2296","RHBA-2020:2184"],"bugzilla":"1828867","bugzilla_description":"CVE-2020-10722 dpdk: librte_vhost Integer overflow in vhost_user_set_log_base()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":["dpdk-0:18.11.8-1.el7_8","openvswitch-0:2.9.0-130.el7fdp","openvswitch2.13-0:2.13.0-25.el8fdp.1","openvswitch2.11-0:2.11.0-54.20200327gita4efc59.el7fdp","openvswitch2.11-0:2.11.0-54.20200327gita4efc59.el8fdp","redhat-coreos-43.81.202005180953.0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10722.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.7"},{"CVE":"CVE-2020-10723","severity":"moderate","public_date":"2020-05-18T00:00:00Z","advisories":["RHSA-2020:4114","RHSA-2020:2297","RHSA-2020:2298","RHSA-2020:2683","RHSA-2020:2295","RHSA-2020:2296","RHBA-2020:2184"],"bugzilla":"1828874","bugzilla_description":"CVE-2020-10723 dpdk: librte_vhost Integer truncation in vhost_user_check_and_alloc_queue_pair()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":["dpdk-0:18.11.8-1.el7_8","openvswitch-0:2.9.0-130.el7fdp","openvswitch2.13-0:2.13.0-25.el8fdp.1","openvswitch2.11-0:2.11.0-54.20200327gita4efc59.el7fdp","openvswitch2.11-0:2.11.0-54.20200327gita4efc59.el8fdp","redhat-coreos-43.81.202005180953.0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10723.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.7"},{"CVE":"CVE-2020-10724","severity":"moderate","public_date":"2020-05-18T00:00:00Z","advisories":["RHSA-2020:2297","RHSA-2020:2295","RHSA-2020:2296","RHBA-2020:2184"],"bugzilla":"1828884","bugzilla_description":"CVE-2020-10724 dpdk: librte_vhost Missing inputs validation in Vhost-crypto","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["openvswitch2.13-0:2.13.0-25.el8fdp.1","openvswitch2.11-0:2.11.0-54.20200327gita4efc59.el7fdp","openvswitch2.11-0:2.11.0-54.20200327gita4efc59.el8fdp","redhat-coreos-43.81.202005180953.0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10724.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H","cvss3_score":"5.1"},{"CVE":"CVE-2020-10725","severity":"important","public_date":"2020-05-18T00:00:00Z","advisories":["RHSA-2020:2295","RHBA-2020:2409"],"bugzilla":"1828894","bugzilla_description":"CVE-2020-10725 dpdk: librte_vhost Malicious guest could cause segfault by sending invalid Virtio descriptor","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-665","affected_packages":["redhat-coreos-45.82.202007062333-0","openvswitch2.13-0:2.13.0-25.el8fdp.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10725.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H","cvss3_score":"7.7"},{"CVE":"CVE-2020-10726","severity":"moderate","public_date":"2020-05-18T00:00:00Z","advisories":["RHSA-2020:2295","RHBA-2020:2409"],"bugzilla":"1828898","bugzilla_description":"CVE-2020-10726 dpdk: librte_vhost VHOST_USER_GET_INFLIGHT_FD message flooding to result in a DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["redhat-coreos-45.82.202007062333-0","openvswitch2.13-0:2.13.0-25.el8fdp.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10726.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2020-8164","severity":"moderate","public_date":"2020-05-18T00:00:00Z","advisories":[],"bugzilla":"1842634","bugzilla_description":"CVE-2020-8164 rubygem-actionpack: possible strong parameters bypass","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8164.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"7.5"},{"CVE":"CVE-2020-8165","severity":"important","public_date":"2020-05-18T00:00:00Z","advisories":[],"bugzilla":"1843072","bugzilla_description":"CVE-2020-8165 rubygem-activesupport: potentially unintended unmarshalling of user-provided objects in MemCacheStore and RedisCacheStore","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8165.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"9.8"},{"CVE":"CVE-2020-8167","severity":"moderate","public_date":"2020-05-18T00:00:00Z","advisories":[],"bugzilla":"1843084","bugzilla_description":"CVE-2020-8167 rubygem-actionview: CSRF vulnerability in rails-ujs","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-352","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8167.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","cvss3_score":"7.5"},{"CVE":"CVE-2020-8166","severity":"low","public_date":"2020-05-18T00:00:00Z","advisories":[],"bugzilla":"1843152","bugzilla_description":"CVE-2020-8166 rubygem-actionpack: ability to forge per-form CSRF tokens given a global CSRF token","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-352","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8166.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N","cvss3_score":"3.7"},{"CVE":"CVE-2020-8163","severity":"important","public_date":"2020-05-15T00:00:00Z","advisories":[],"bugzilla":"1848724","bugzilla_description":"CVE-2020-8163 rubygem-rails: potential remote code execution of user-provided local names","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8163.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-12888","severity":"important","public_date":"2020-05-14T00:00:00Z","advisories":["RHSA-2020:2664","RHSA-2020:2851","RHSA-2020:3016","RHSA-2020:2665","RHSA-2020:3222","RHSA-2020:3230","RHSA-2020:3010","RHSA-2020:2831","RHSA-2020:2854","RHSA-2020:2832","RHSA-2020:3019","RHBA-2020:3180","RHSA-2020:3041"],"bugzilla":"1836244","bugzilla_description":"CVE-2020-12888 Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-248","affected_packages":["kernel-0:3.10.0-693.71.2.el7","redhat-coreos-43.82.202007300301.0","kernel-0:3.10.0-957.56.1.el7","kernel-0:4.18.0-80.27.1.el8_0","kernel-0:3.10.0-1062.30.1.el7","kernel-0:3.10.0-1127.13.1.el7","kernel-0:3.10.0-514.78.1.el7","kernel-0:4.18.0-147.24.2.el8_1","kernel-0:3.10.0-327.89.1.el7","kernel-alt-0:4.14.0-115.26.1.el7a","kernel-rt-0:3.10.0-1127.13.1.rt56.1110.el7","kernel-rt-0:4.18.0-193.13.2.rt13.65.el8_2","kernel-0:4.18.0-193.13.2.el8_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12888.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H","cvss3_score":"5.3"},{"CVE":"CVE-2020-10711","severity":"important","public_date":"2020-05-12T12:00:00Z","advisories":["RHSA-2020:2103","RHSA-2020:2125","RHSA-2020:2104","RHSA-2020:2214","RHSA-2020:2522","RHSA-2020:2203","RHSA-2020:2277","RHSA-2020:2289","RHSA-2020:2102","RHSA-2020:2242","RHSA-2020:2199","RHSA-2020:2285","RHSA-2020:2519","RHSA-2020:2429","RHBA-2020:3180","RHSA-2020:2085","RHSA-2020:2082","RHSA-2020:2291","RHSA-2020:2171"],"bugzilla":"1825116","bugzilla_description":"CVE-2020-10711 Kernel: NetLabel: null pointer dereference while receiving CIPSO packet with null category may cause kernel panic","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":["kernel-0:3.10.0-514.76.1.el7","kernel-0:4.18.0-193.1.2.el8_2","kernel-rt-1:3.10.0-693.67.1.rt56.665.el6rt","redhat-coreos-43.82.202007300301.0","kernel-0:4.18.0-147.13.2.el8_1","kernel-0:3.10.0-327.88.1.el7","kernel-0:2.6.32-754.29.2.el6","kernel-rt-0:3.10.0-1127.8.2.rt56.1103.el7","kernel-0:3.10.0-1062.26.1.el7","kernel-alt-0:4.14.0-115.21.2.el7a","kernel-0:3.10.0-957.54.1.el7","kernel-rt-0:4.18.0-193.1.2.rt13.53.el8_2","kernel-0:3.10.0-1127.8.2.el7","kernel-0:3.10.0-693.67.1.el7","kernel-0:4.18.0-80.23.2.el8_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10711.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2019-14900","severity":"moderate","public_date":"2020-05-12T00:00:00Z","advisories":["RHSA-2020:2112","RHSA-2020:3642","RHSA-2020:3463","RHSA-2020:3464","RHSA-2020:3585","RHSA-2020:3461","RHSA-2020:3462","RHSA-2020:4252","RHSA-2020:3638","RHSA-2020:3639","RHSA-2020:3637"],"bugzilla":"1666499","bugzilla_description":"CVE-2019-14900 hibernate: SQL injection issue in Hibernate ORM","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-89","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14900.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2020-1718","severity":"important","public_date":"2020-05-12T00:00:00Z","advisories":["RHSA-2020:2112","RHSA-2020:2905","RHSA-2020:3197","RHSA-2020:2252","RHSA-2020:3196","RHSA-2020:2107","RHSA-2020:2108","RHSA-2020:2106"],"bugzilla":"1796756","bugzilla_description":"CVE-2020-1718 keycloak: security issue on reset credential flow","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-287","affected_packages":["rh-sso7-keycloak-0:4.8.20-1.Final_redhat_00001.1.el8sso","rh-sso7-keycloak-0:4.8.20-1.Final_redhat_00001.1.el6sso","rh-sso7-keycloak-0:4.8.20-1.Final_redhat_00001.1.el7sso"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1718.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-1758","severity":"moderate","public_date":"2020-05-12T00:00:00Z","advisories":["RHSA-2020:2112","RHSA-2020:2107","RHSA-2020:2108","RHSA-2020:2106"],"bugzilla":"1812514","bugzilla_description":"CVE-2020-1758 keycloak: improper verification of certificate with host mismatch could result in information disclosure","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-297","affected_packages":["rh-sso7-keycloak-0:4.8.20-1.Final_redhat_00001.1.el8sso","rh-sso7-keycloak-0:4.8.20-1.Final_redhat_00001.1.el6sso","rh-sso7-keycloak-0:4.8.20-1.Final_redhat_00001.1.el7sso"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1758.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2020-12825","severity":"moderate","public_date":"2020-05-12T00:00:00Z","advisories":["RHSA-2020:3654","RHBA-2020:3609","RHSA-2020:4072"],"bugzilla":"1835377","bugzilla_description":"CVE-2020-12825 libcroco: Stack overflow in function cr_parser_parse_any_core in cr-parser.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-674->CWE-121","affected_packages":["redhat-coreos-43.82.202009181853.0","libcroco-0:0.6.12-4.el8_2.1","libcroco-0:0.6.12-6.el7_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12825.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2020-8161","severity":"moderate","public_date":"2020-05-12T00:00:00Z","advisories":[],"bugzilla":"1838281","bugzilla_description":"CVE-2020-8161 rubygem-rack: directory traversal in Rack::Directory","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-22","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8161.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.9"},{"CVE":"CVE-2020-1714","severity":"important","public_date":"2020-05-11T00:00:00Z","advisories":["RHSA-2020:3017","RHSA-2020:3675","RHSA-2020:2905","RHSA-2020:4252","RHSA-2020:2816","RHSA-2020:2813","RHSA-2020:2814","RHSA-2020:3678"],"bugzilla":"1705975","bugzilla_description":"CVE-2020-1714 keycloak: Lack of checks in ObjectInputStream leading to Remote Code Execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["keycloak-adapter-sso7_4-eap6-0:9.0.4-1.redhat_00001.1.ep6.el7","eap7-keycloak-adapter-sso7_4-0:9.0.4-1.redhat_00001.1.el7eap","keycloak-adapter-sso7_4-eap6-0:9.0.4-1.redhat_00001.1.ep6.el6","eap7-keycloak-adapter-sso7_4-0:9.0.4-1.redhat_00001.1.el8eap","eap7-keycloak-adapter-sso7_4-0:9.0.4-1.redhat_00001.1.el6eap"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1714.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-1724","severity":"low","public_date":"2020-05-07T00:00:00Z","advisories":["RHSA-2020:2112","RHSA-2020:2905","RHSA-2020:2252","RHSA-2020:2107","RHSA-2020:2108","RHSA-2020:2106"],"bugzilla":"1800527","bugzilla_description":"CVE-2020-1724 keycloak: problem with privacy after user logout","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-613","affected_packages":["rh-sso7-keycloak-0:4.8.20-1.Final_redhat_00001.1.el8sso","rh-sso7-keycloak-0:4.8.20-1.Final_redhat_00001.1.el6sso","rh-sso7-keycloak-0:4.8.20-1.Final_redhat_00001.1.el7sso"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1724.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2020-10693","severity":"moderate","public_date":"2020-05-05T00:00:00Z","advisories":["RHSA-2020:3501","RHSA-2020:3642","RHSA-2020:3463","RHSA-2020:3464","RHSA-2020:3461","RHSA-2020:3462","RHSA-2020:4252","RHSA-2020:3806","RHSA-2020:3638","RHSA-2020:3539","RHSA-2020:3639","RHSA-2020:3637"],"bugzilla":"1805501","bugzilla_description":"CVE-2020-10693 hibernate-validator: Improper input validation in the interpolation of constraint error messages","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10693.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2020-12657","severity":"important","public_date":"2020-05-05T00:00:00Z","advisories":["RHBA-2020:3180","RHSA-2020:2428","RHSA-2020:2429","RHSA-2020:2427","RHSA-2020:2669","RHSA-2020:2567","RHSA-2020:2667"],"bugzilla":"1832866","bugzilla_description":"CVE-2020-12657 kernel: use-after-free in block/bfq-iosched.c related to bfq_idle_slice_timer_body","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["kernel-0:4.18.0-147.20.1.el8_1","kernel-rt-0:4.18.0-193.6.3.rt13.59.el8_2","redhat-coreos-43.82.202007300301.0","kernel-0:4.18.0-193.6.3.el8_2","kernel-0:4.18.0-80.23.2.el8_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12657.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2020-10706","severity":"moderate","public_date":"2020-04-30T00:00:00Z","advisories":[],"bugzilla":"1819011","bugzilla_description":"CVE-2020-10706 openshift/openshift-apiserver: oauth tokens not encrypted when enabling encryption of data at rest","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-312","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10706.json","cvss3_scoring_vector":"CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.3"},{"CVE":"CVE-2020-11023","severity":"moderate","public_date":"2020-04-29T00:00:00Z","advisories":["RHSA-2020:3247","RHSA-2020:3369","RHSA-2020:2412","RHSA-2020:4211","RHSA-2020:3807","RHSA-2020:2813"],"bugzilla":"1850004","bugzilla_description":"CVE-2020-11023 jQuery: passing HTML containing