Back to bug 1379207

Who When What Removed Added
Hooman Broujerdi 2016-09-26 04:55:04 UTC Summary CVE-2016-4978 Apache ActiveMQ Artemis: Deserialization of untrusted CVE-2016-4978 Apache ActiveMQ Artemis: Deserialization of untrusted input vunerability
Hooman Broujerdi 2016-09-26 04:55:29 UTC Summary CVE-2016-4978 Apache ActiveMQ Artemis: Deserialization of untrusted input vunerability CVE-2016-4978 Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability
Hooman Broujerdi 2016-09-26 05:41:37 UTC Doc Text It was found that use of a JMS ObjectMessage does not safely handle user supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage.
Hooman Broujerdi 2016-09-26 23:21:54 UTC Whiteboard impact=moderate,public=20160923,reported=20160923,source=oss-security,cvss2=6.0/AV:N/AC:M/Au:S/C:P/I:P/A:P,cvss3=6.6/CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L,eap-7.0.1/artemis=affected,amq-7/activemq=affected impact=moderate,public=20160923,reported=20160923,source=oss-security,cvss2=6.0/AV:N/AC:M/Au:S/C:P/I:P/A:P,cvss3=6.6/CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L,eap-7.0.1/artemis=affected
Hooman Broujerdi 2016-09-26 23:26:36 UTC Whiteboard impact=moderate,public=20160923,reported=20160923,source=oss-security,cvss2=6.0/AV:N/AC:M/Au:S/C:P/I:P/A:P,cvss3=6.6/CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L,eap-7.0.1/artemis=affected impact=moderate,public=20160923,reported=20160923,source=oss-security,cvss2=6.0/AV:N/AC:M/Au:S/C:P/I:P/A:P,cvss3=6.6/CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L,eap-7.0.1/artemis=affected,amq-7/artemis=affected
Chess Hazlett 2016-09-27 04:35:24 UTC Whiteboard impact=moderate,public=20160923,reported=20160923,source=oss-security,cvss2=6.0/AV:N/AC:M/Au:S/C:P/I:P/A:P,cvss3=6.6/CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L,eap-7.0.1/artemis=affected,amq-7/artemis=affected impact=moderate,public=20160923,reported=20160923,source=oss-security,cvss2=6.0/AV:N/AC:M/Au:S/C:P/I:P/A:P,cvss3=6.6/CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L,eap-7/artemis=affected,amq-7/artemis=affected
Chess Hazlett 2016-09-27 14:31:44 UTC Whiteboard impact=moderate,public=20160923,reported=20160923,source=oss-security,cvss2=6.0/AV:N/AC:M/Au:S/C:P/I:P/A:P,cvss3=6.6/CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L,eap-7/artemis=affected,amq-7/artemis=affected impact=moderate,public=20160923,reported=20160923,source=oss-security,cvss2=6.0/AV:N/AC:M/Au:S/C:P/I:P/A:P,cvss3=6.6/CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L,amq-7/artemis=affected
Chess Hazlett 2016-09-27 14:32:18 UTC Whiteboard impact=moderate,public=20160923,reported=20160923,source=oss-security,cvss2=6.0/AV:N/AC:M/Au:S/C:P/I:P/A:P,cvss3=6.6/CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L,amq-7/artemis=affected impact=moderate,public=20160923,reported=20160923,source=oss-security,cvss2=6.0/AV:N/AC:M/Au:S/C:P/I:P/A:P,cvss3=6.6/CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L,amq-6/artemis=affected
Hooman Broujerdi 2016-09-28 05:12:49 UTC Whiteboard impact=moderate,public=20160923,reported=20160923,source=oss-security,cvss2=6.0/AV:N/AC:M/Au:S/C:P/I:P/A:P,cvss3=6.6/CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L,amq-6/artemis=affected impact=moderate,public=20160923,reported=20160923,source=oss-security,cvss2=6.0/AV:N/AC:M/Au:S/C:P/I:P/A:P,cvss3=6.6/CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L,amq-7/artemis=affected,eap-7/artemis=affected
Hooman Broujerdi 2016-09-28 05:20:48 UTC Whiteboard impact=moderate,public=20160923,reported=20160923,source=oss-security,cvss2=6.0/AV:N/AC:M/Au:S/C:P/I:P/A:P,cvss3=6.6/CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L,amq-7/artemis=affected,eap-7/artemis=affected impact=moderate,public=20160923,reported=20160923,source=oss-security,cvss2=6.0/AV:N/AC:M/Au:S/C:P/I:P/A:P,cvss3=6.6/CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L,amq-7/Artemis=affected,eap-7/Artemis=affected
Hooman Broujerdi 2016-11-10 04:48:53 UTC Blocks 1393642
Bharti Kundal 2017-04-20 16:07:48 UTC Whiteboard impact=moderate,public=20160923,reported=20160923,source=oss-security,cvss2=6.0/AV:N/AC:M/Au:S/C:P/I:P/A:P,cvss3=6.6/CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L,amq-7/Artemis=affected,eap-7/Artemis=affected impact=moderate,public=20160923,reported=20160923,source=oss-security,cvss2=6.0/AV:N/AC:M/Au:S/C:P/I:P/A:P,cvss3=6.6/CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L,amq-7/Artemis=affected,eap-7/Artemis=affected,eap-6/hornetq=affected
Bharti Kundal 2017-04-20 16:08:01 UTC CC bkundal, fnasser, jason.greene, jboss-set
Pavel Polischouk 2017-04-20 19:28:46 UTC CC alazarot, bkearney, cbillett, etirelli, gvarsami, jcoleman, jmatthew, kconner, kseifried, kverlaen, ldimaggi, lpetrovi, mbaluch, mmccune, mwinkler, nwallace, ohadlevy, pavelp, rrajasek, rwagner, rzhang, spinder, tcunning, theute, tjay, tkirby, tlestach, tomckay, tsanders
Whiteboard impact=moderate,public=20160923,reported=20160923,source=oss-security,cvss2=6.0/AV:N/AC:M/Au:S/C:P/I:P/A:P,cvss3=6.6/CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L,amq-7/Artemis=affected,eap-7/Artemis=affected,eap-6/hornetq=affected impact=moderate,public=20160923,reported=20160923,source=oss-security,cvss2=6.0/AV:N/AC:M/Au:S/C:P/I:P/A:P,cvss3=6.6/CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L,amq-7/Artemis=affected,eap-7/Artemis=affected,eap-6/hornetq=affected,brms-5/hornetq=wontfix,brms-6/hornetq=affected,bpms-6/hornetq=affected,soap-5/hornetq=wontfix,fsw-6/hornetq=wontfix,fuse-6/hornetq=new,jon-3/hornetq=new,jpp-6/hornetq=new,rhn_satellite_6/hornetq=new,sam-1/hornetq=new,rhsso-7/hornetq=new,jdg-6/hornetq=new
Bharti Kundal 2017-04-20 23:46:41 UTC Depends On 1444234
Bharti Kundal 2017-04-20 23:46:51 UTC Depends On 1444235
Erik J. Smith 2017-05-08 17:38:35 UTC CC erismith
Pavel Polischouk 2017-05-10 00:43:30 UTC Whiteboard impact=moderate,public=20160923,reported=20160923,source=oss-security,cvss2=6.0/AV:N/AC:M/Au:S/C:P/I:P/A:P,cvss3=6.6/CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L,amq-7/Artemis=affected,eap-7/Artemis=affected,eap-6/hornetq=affected,brms-5/hornetq=wontfix,brms-6/hornetq=affected,bpms-6/hornetq=affected,soap-5/hornetq=wontfix,fsw-6/hornetq=wontfix,fuse-6/hornetq=new,jon-3/hornetq=new,jpp-6/hornetq=new,rhn_satellite_6/hornetq=new,sam-1/hornetq=new,rhsso-7/hornetq=new,jdg-6/hornetq=new impact=moderate,public=20160923,reported=20160923,source=oss-security,cvss2=6.0/AV:N/AC:M/Au:S/C:P/I:P/A:P,cvss3=6.6/CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L,amq-7/Artemis=affected,eap-7/Artemis=affected,eap-6/hornetq=affected,brms-5/hornetq=wontfix,brms-6/hornetq=notaffected,bpms-6/hornetq=notaffected,soap-5/hornetq=wontfix,fsw-6/hornetq=wontfix,fuse-6/hornetq=new,jon-3/hornetq=new,jpp-6/hornetq=new,rhn_satellite_6/hornetq=new,sam-1/hornetq=new,rhsso-7/hornetq=new,jdg-6/hornetq=new
Kurt Seifried 2017-07-18 01:16:52 UTC Depends On 1472036
Bharti Kundal 2017-07-24 05:32:06 UTC Blocks 1474181
Kurt Seifried 2017-07-25 01:39:53 UTC Whiteboard impact=moderate,public=20160923,reported=20160923,source=oss-security,cvss2=6.0/AV:N/AC:M/Au:S/C:P/I:P/A:P,cvss3=6.6/CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L,amq-7/Artemis=affected,eap-7/Artemis=affected,eap-6/hornetq=affected,brms-5/hornetq=wontfix,brms-6/hornetq=notaffected,bpms-6/hornetq=notaffected,soap-5/hornetq=wontfix,fsw-6/hornetq=wontfix,fuse-6/hornetq=new,jon-3/hornetq=new,jpp-6/hornetq=new,rhn_satellite_6/hornetq=new,sam-1/hornetq=new,rhsso-7/hornetq=new,jdg-6/hornetq=new impact=moderate,public=20160923,reported=20160923,source=oss-security,cvss2=6.0/AV:N/AC:M/Au:S/C:P/I:P/A:P,cvss3=6.6/CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L,amq-7/Artemis=affected,eap-7/Artemis=affected,eap-6/hornetq=affected,brms-5/hornetq=wontfix,brms-6/hornetq=notaffected,bpms-6/hornetq=notaffected,soap-5/hornetq=wontfix,fsw-6/hornetq=wontfix,fuse-6/hornetq=new,jon-3/hornetq=new,jpp-6/hornetq=new,rhn_satellite_6/hornetq=affected,sam-1/hornetq=wontfix,rhsso-7/hornetq=new,jdg-6/hornetq=new
Bryan Kearney 2017-08-08 20:44:10 UTC CC bcourt, mstead
Ravindra Patil 2017-09-12 17:03:09 UTC CC ravpatil
Wei Chen 2017-09-29 06:20:40 UTC CC wei.chen
Bharti Kundal 2017-12-04 09:07:07 UTC Blocks 1520314
PnT Account Manager 2018-05-10 18:18:18 UTC CC pavelp
errata-xmlrpc 2018-05-14 20:15:57 UTC Link ID Red Hat Product Errata RHSA-2018:1447
errata-xmlrpc 2018-05-14 20:35:57 UTC Link ID Red Hat Product Errata RHSA-2018:1448
errata-xmlrpc 2018-05-14 20:38:44 UTC Link ID Red Hat Product Errata RHSA-2018:1449
errata-xmlrpc 2018-05-14 20:42:33 UTC Link ID Red Hat Product Errata RHSA-2018:1450
errata-xmlrpc 2018-05-14 20:50:46 UTC Link ID Red Hat Product Errata RHSA-2018:1451
PnT Account Manager 2018-06-29 22:14:58 UTC CC kseifried
PnT Account Manager 2018-10-19 21:37:38 UTC CC bkundal
PnT Account Manager 2019-04-22 21:31:17 UTC CC tjay
Joshua Padman 2019-05-24 01:20:52 UTC Whiteboard impact=moderate,public=20160923,reported=20160923,source=oss-security,cvss2=6.0/AV:N/AC:M/Au:S/C:P/I:P/A:P,cvss3=6.6/CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L,amq-7/Artemis=affected,eap-7/Artemis=affected,eap-6/hornetq=affected,brms-5/hornetq=wontfix,brms-6/hornetq=notaffected,bpms-6/hornetq=notaffected,soap-5/hornetq=wontfix,fsw-6/hornetq=wontfix,fuse-6/hornetq=new,jon-3/hornetq=new,jpp-6/hornetq=new,rhn_satellite_6/hornetq=affected,sam-1/hornetq=wontfix,rhsso-7/hornetq=new,jdg-6/hornetq=new impact=moderate,public=20160923,reported=20160923,source=oss-security,cvss2=6.0/AV:N/AC:M/Au:S/C:P/I:P/A:P,cvss3=6.6/CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L,amq-7/Artemis=affected,eap-7/Artemis=affected,eap-6/hornetq=affected,brms-5/hornetq=wontfix,brms-6/hornetq=notaffected,bpms-6/hornetq=notaffected,soap-5/hornetq=wontfix,fsw-6/hornetq=wontfix,fuse-6/hornetq=notaffected,jon-3/hornetq=new,jpp-6/hornetq=new,rhn_satellite_6/hornetq=affected,sam-1/hornetq=wontfix,rhsso-7/hornetq=notaffected,jdg-6/hornetq=new
Product Security DevOps Team 2019-06-08 02:59:06 UTC Status NEW CLOSED
Resolution --- ERRATA
Last Closed 2019-06-08 02:59:06 UTC
Product Security DevOps Team 2019-09-29 13:57:05 UTC Whiteboard impact=moderate,public=20160923,reported=20160923,source=oss-security,cvss2=6.0/AV:N/AC:M/Au:S/C:P/I:P/A:P,cvss3=6.6/CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L,amq-7/Artemis=affected,eap-7/Artemis=affected,eap-6/hornetq=affected,brms-5/hornetq=wontfix,brms-6/hornetq=notaffected,bpms-6/hornetq=notaffected,soap-5/hornetq=wontfix,fsw-6/hornetq=wontfix,fuse-6/hornetq=notaffected,jon-3/hornetq=new,jpp-6/hornetq=new,rhn_satellite_6/hornetq=affected,sam-1/hornetq=wontfix,rhsso-7/hornetq=notaffected,jdg-6/hornetq=new

Back to bug 1379207