Security Bulletin: Vulnerabilities in Apache and Node.js affect IBM Spectrum Protect Plus

2021-04-24T06:55:55

Description

## Summary Vulnerabilities in Apache and Node.js such as execution of arbitrary code on the system, cross -site scripting, and bypassing security restrictions, may affect IBM Spectrum Protect Plus. ## Vulnerability Details **CVEID: **[CVE-2020-28458](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28458>) **DESCRIPTION: **Node.js datatables.net module could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. CVSS Base score: 7.3 CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/193390](<https://exchange.xforce.ibmcloud.com/vulnerabilities/193390>) for the current score. CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) **CVEID: **[CVE-2021-21315](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21315>) **DESCRIPTION: **System Information Library for Node.JS could allow a remote attacker to execute arbitrary commands on the system, caused by command injection flaw when parsing service parameters. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary commands on the system. CVSS Base score: 9.8 CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196894](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196894>) for the current score. CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) **CVEID: **[CVE-2020-13959](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13959>) **DESCRIPTION: **Apache Velocity Tools is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the default error page for VelocityView. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. CVSS Base score: 6.1 CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/197994](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197994>) for the current score. CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) **CVEID: **[CVE-2020-13936](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13936>) **DESCRIPTION: **Apache Velocity could allow a remote attacker to execute arbitrary code on the system, caused by a sandbox bypass flaw. By modifying the Velocity templates, an attacker could exploit this vulnerability to execute arbitrary code with the same privileges as the account running the Servlet container. CVSS Base score: 9.8 CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/197993](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197993>) for the current score. CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) **CVEID: **[CVE-2020-13956](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13956>) **DESCRIPTION: **Apache HttpClient could allow a remote attacker to bypass security restrictions, caused by the improper handling of malformed authority component in request URIs. By passing request URIs to the library as java.net.URI object, an attacker could exploit this vulnerability to pick the wrong target host for request execution. CVSS Base score: 5.3 CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/189572](<https://exchange.xforce.ibmcloud.com/vulnerabilities/189572>) for the current score. CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) ## Affected Products and Versions **Affected Product(s)** | **Version(s)** ---|--- IBM Spectrum Protect Plus | 10.1.0-10.1.7 ## Remediation/Fixes **BM Spectrum Protect** **Plus Release** | **First Fixing** **VRM Level** | **Platform** | **Link to Fix** ---|---|---|--- 10.1 | 10.1.8 | Linux | <https://www.ibm.com/support/pages/node/6415111> ## Workarounds and Mitigations None ## Get Notified about Future Security Bulletins Subscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this. ### References [Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> "Link resides outside of ibm.com" ) [On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> "Link resides outside of ibm.com" ) Off ## Related Information [IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) [IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>) ## Acknowledgement ## Change History 23 April 2021: Initial Publication *The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin. ## Disclaimer According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES ""AS IS"" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. "Affected Products and Versions" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions. ## Document Location Worldwide [{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSNQFQ","label":"IBM Spectrum Protect Plus"},"Component":"","Platform":[{"code":"PF016","label":"Linux"}],"Version":"10.1","Edition":"","Line of Business":{"code":"LOB26","label":"Storage"}}]

Affected Software

CPE Name	Name	Version
	ibm spectrum protect plus	10.1.0
	ibm spectrum protect plus	10.1.7

{"id": "098A0B0BBDA18721083717F103FE7FB2B2BBE2394E33149D968FE7B59A7B2AD4", "vendorId": null, "type": "ibm", "bulletinFamily": "software", "title": "Security Bulletin: Vulnerabilities in Apache and Node.js affect IBM Spectrum Protect Plus", "description": "## Summary\n\nVulnerabilities in Apache and Node.js such as execution of arbitrary code on the system, cross -site scripting, and bypassing security restrictions, may affect IBM Spectrum Protect Plus.\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2020-28458](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28458>) \n**DESCRIPTION: **Node.js datatables.net module could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/193390](<https://exchange.xforce.ibmcloud.com/vulnerabilities/193390>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n**CVEID: **[CVE-2021-21315](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21315>) \n**DESCRIPTION: **System Information Library for Node.JS could allow a remote attacker to execute arbitrary commands on the system, caused by command injection flaw when parsing service parameters. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196894](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196894>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n**CVEID: **[CVE-2020-13959](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13959>) \n**DESCRIPTION: **Apache Velocity Tools is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the default error page for VelocityView. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/197994](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197994>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n**CVEID: **[CVE-2020-13936](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13936>) \n**DESCRIPTION: **Apache Velocity could allow a remote attacker to execute arbitrary code on the system, caused by a sandbox bypass flaw. By modifying the Velocity templates, an attacker could exploit this vulnerability to execute arbitrary code with the same privileges as the account running the Servlet container. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/197993](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197993>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n**CVEID: **[CVE-2020-13956](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13956>) \n**DESCRIPTION: **Apache HttpClient could allow a remote attacker to bypass security restrictions, caused by the improper handling of malformed authority component in request URIs. By passing request URIs to the library as java.net.URI object, an attacker could exploit this vulnerability to pick the wrong target host for request execution. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/189572](<https://exchange.xforce.ibmcloud.com/vulnerabilities/189572>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n## Affected Products and Versions\n\n**Affected Product(s)** | **Version(s)** \n---|--- \nIBM Spectrum Protect Plus | 10.1.0-10.1.7 \n \n## Remediation/Fixes\n\n**BM Spectrum Protect** \n**Plus Release** | **First Fixing** \n**VRM Level** | **Platform** | **Link to Fix** \n---|---|---|--- \n10.1 | 10.1.8 | Linux | <https://www.ibm.com/support/pages/node/6415111> \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Acknowledgement\n\n## Change History\n\n23 April 2021: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU058\",\"label\":\"IBM Infrastructure w\\/TPS\"},\"Product\":{\"code\":\"SSNQFQ\",\"label\":\"IBM Spectrum Protect Plus\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"10.1\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB26\",\"label\":\"Storage\"}}]", "published": "2021-04-24T06:55:55", "modified": "2021-04-24T06:55:55", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "SINGLE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 9.0}, "severity": "HIGH", "exploitabilityScore": 8.0, "impactScore": 10.0, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH"}, "exploitabilityScore": 2.8, "impactScore": 5.9}, "href": "https://www.ibm.com/support/pages/node/6445703", "reporter": "IBM", "references": [], "cvelist": ["CVE-2020-13936", "CVE-2020-13956", "CVE-2020-13959", "CVE-2020-28458", "CVE-2021-21315"], "immutableFields": [], "lastseen": "2022-06-28T22:12:03", "viewCount": 4, "enchantments": {"dependencies": {"references": [{"type": "almalinux", "idList": ["ALSA-2022:1860", "ALSA-2022:1861"]}, {"type": "amazon", "idList": ["ALAS2-2021-1690"]}, {"type": "atlassian", "idList": ["ATLASSIAN:FE-7344", "FE-7344"]}, {"type": "attackerkb", "idList": ["AKB:E72B9F04-6006-41F4-A0B3-9639896AA934"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2020-0416", "CPAI-2021-1058"]}, {"type": "cisa", "idList": ["CISA:D7385BDD2786721598A2135E182282C2"]}, {"type": "cve", "idList": ["CVE-2020-13936", "CVE-2020-13956", "CVE-2020-13959", "CVE-2020-28458", "CVE-2021-21315"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2405-1:2470B", "DEBIAN:DLA-2405-1:33C7A", "DEBIAN:DLA-2595-1:23005", "DEBIAN:DLA-2595-1:62C40", "DEBIAN:DLA-2597-1:41F7E", "DEBIAN:DLA-2597-1:E76AA", "DEBIAN:DSA-4772-1:DCCA8"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2020-13936", "DEBIANCVE:CVE-2020-13956", "DEBIANCVE:CVE-2020-13959"]}, {"type": "freebsd", "idList": ["20006B5F-A0BC-11EB-8AE6-FC4DD43E2B6A"]}, {"type": "gentoo", "idList": ["GLSA-202107-52"]}, {"type": "github", "idList": ["GHSA-2M8V-572M-FF2V", "GHSA-59J4-WJWP-MW9M", "GHSA-7R82-7XV7-XCPJ", "GHSA-FH63-4R66-JC7V", "GHSA-HWVM-VFW8-93MW", "GHSA-M7J4-FHG6-XF5V"]}, {"type": "githubexploit", "idList": ["0E5869D4-37E8-526B-AD35-C6828C824560", "6F08577F-952F-55B0-859B-596C18FE4C8E", "6F52B47B-D9D5-5505-93DA-8E52F6FD6F22", "972035A3-EFCA-59B4-BEF3-038086C30C32"]}, {"type": "huntr", "idList": ["1-NPM-SYSTEMINFORMATION"]}, {"type": "ibm", "idList": ["02AC3D75FB5E9A395164B03D2835B59279C245C81FF95300ED74B35ADE723D5F", "2B8ED03AFB64688F7C236312BC8155AB0C092B0BB10F225899EEE28BFC95B925", "53B532B87CEA78B57E2ED69FBCEA8B269DE8F2659CD1185FAB9174B1B7BD0971", "643278CE1BB636D8764FFFB99832A74E1EB43BC79E059A2AF6DA2A9DF4BB4FCB", "7673ECA7C26C82F326589C66582D68F7F87357B4FB250AD73DE7E7F5EC924344", "792B85A8DB94781D66D2F4C4B62AF0AB0D8345DE0EDC163D9DF3146450CB58F8", "807F02BF5D04D1D709B1D383A56D073A3E2ABB5E058B819FF145C9C80E083AF4", "87DCB77CF764C7235B6473B289E603F21A1588D5812BC1D3022468CF1C8EF03A", "8FB323EC50EB5CCD3380176BF2571DDA8C7739DBF4BC558C9B57458B912FEEF7", "915C40C3847839BAFC1ADC3A4E386F48D7716C2F3DA53EC6BE7228D7003DDC0D", "97D5F772EC68BDCD260FBB9DFB7A322AAAC657E9360305DF11F9C6A6A40D1B85", "AE395445C7C7240CD17B06CE58A20D98731AA33DE1AAF047F3A02C424CBD3F87", "B0FF85DCDE8644B3484BD6CF258480DD40154E7BDFEEDF7A128BF747F3AC618F", "B2EA2FBA4D280351FEA7F9EC1921C448D44F4D9EC613590A87A15467F7D34153", "BA385C300E1AB69708D8E5042F5220F275493E2AE45A5E3A1DD992DE1DAB492E", "C633E3F919C9BCD1EAFB625FB054DC01CA44ECB316E9D13E7A22A44BF1FFF391", "CC3CA2E6A057BD0C432A1C280BCDA473EAA13F9A6EA2532C58C5E8FD129BF2B1", "D11AB976F85F6CB2A151F18E4C7DCD45359DDB99578FE739D459AA7C71585CEB", "D783A7F4DFFB9905E79E357ACA80CE9623FFC55147AEC4BAF71DFFC0CC45C9F3", "F26EE38CBA6B93A0B0967DD4DF0B628E7EDCBF41134B0358C7BD18C0EBEC7F60", "F479B1D4D6CE6F94562BE83AEBC7D30E6633A6727AB24138B99039D7EB3AB70F", "FC367D3847B3B18A075985BFC8A2A8898C7B9AFE3FE16A6F84968131CD5047B4"]}, {"type": "mageia", "idList": ["MGASA-2021-0183", "MGASA-2021-0314"]}, {"type": "nessus", "idList": ["AL2_ALAS-2021-1690.NASL", "ALMA_LINUX_ALSA-2022-1860.NASL", "ALMA_LINUX_ALSA-2022-1861.NASL", "CENTOS8_RHSA-2022-1860.NASL", "CENTOS8_RHSA-2022-1861.NASL", "DEBIAN_DLA-2405.NASL", "DEBIAN_DLA-2595.NASL", "DEBIAN_DLA-2597.NASL", "DEBIAN_DSA-4772.NASL", "EULEROS_SA-2021-1858.NASL", "EULEROS_SA-2021-1990.NASL", "EULEROS_SA-2021-2233.NASL", "EULEROS_SA-2021-2437.NASL", "FREEBSD_PKG_20006B5FA0BC11EB8AE6FC4DD43E2B6A.NASL", "GENTOO_GLSA-202107-52.NASL", "OPENSUSE-2021-447.NASL", "ORACLELINUX_ELSA-2022-1860.NASL", "ORACLELINUX_ELSA-2022-1861.NASL", "ORACLE_NOSQL_CPU_APR_2021.NASL", "ORACLE_PRIMAVERA_UNIFIER_CPU_APR_2021.NASL", "ORACLE_RDBMS_CPU_JUL_2021.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_JAN_2022.NASL", "REDHAT-RHSA-2021-0246.NASL", "REDHAT-RHSA-2021-0247.NASL", "REDHAT-RHSA-2021-0248.NASL", "REDHAT-RHSA-2021-1169.NASL", "REDHAT-RHSA-2021-1184.NASL", "REDHAT-RHSA-2021-1186.NASL", "REDHAT-RHSA-2021-2046.NASL", "REDHAT-RHSA-2021-2047.NASL", "REDHAT-RHSA-2021-2048.NASL", "REDHAT-RHSA-2021-3656.NASL", "REDHAT-RHSA-2021-3658.NASL", "REDHAT-RHSA-2022-0722.NASL", "REDHAT-RHSA-2022-1860.NASL", "REDHAT-RHSA-2022-1861.NASL"]}, {"type": "nodejs", "idList": ["NODEJS:1628"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2021", "ORACLE:CPUAPR2022", "ORACLE:CPUJAN2022", "ORACLE:CPUJUL2021", "ORACLE:CPUOCT2021"]}, {"type": "oraclelinux", "idList": ["ELSA-2022-1860", "ELSA-2022-1861"]}, {"type": "osv", "idList": ["OSV:DLA-2405-1", "OSV:DLA-2595-1", "OSV:DLA-2597-1", "OSV:DSA-4772-1", "OSV:GHSA-2M8V-572M-FF2V", "OSV:GHSA-59J4-WJWP-MW9M", "OSV:GHSA-7R82-7XV7-XCPJ", "OSV:GHSA-FH63-4R66-JC7V", "OSV:GHSA-HWVM-VFW8-93MW", "OSV:GHSA-M7J4-FHG6-XF5V"]}, {"type": "redhat", "idList": ["RHSA-2021:0084", "RHSA-2021:0246", "RHSA-2021:0247", "RHSA-2021:0248", "RHSA-2021:0250", "RHSA-2021:0327", "RHSA-2021:0603", "RHSA-2021:0811", "RHSA-2021:1044", "RHSA-2021:1169", "RHSA-2021:1184", "RHSA-2021:1186", "RHSA-2021:2046", "RHSA-2021:2047", "RHSA-2021:2048", "RHSA-2021:2051", "RHSA-2021:2210", "RHSA-2021:2755", "RHSA-2021:3140", "RHSA-2021:3656", "RHSA-2021:3658", "RHSA-2021:3660", "RHSA-2021:3700", "RHSA-2021:4100", "RHSA-2021:4767", "RHSA-2021:4918", "RHSA-2022:0722", "RHSA-2022:1860", "RHSA-2022:1861"]}, {"type": "redhatcve", "idList": ["RH:CVE-2020-13936", "RH:CVE-2020-13956", "RH:CVE-2020-13959", "RH:CVE-2020-28458"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2021:0447-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2020-13936", "UB:CVE-2020-13956", "UB:CVE-2020-13959"]}, {"type": "veracode", "idList": ["VERACODE:27558", "VERACODE:28626", "VERACODE:29414", "VERACODE:29563", "VERACODE:29661"]}]}, "score": {"value": 1.1, "vector": "NONE"}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS2-2021-1690"]}, {"type": "atlassian", "idList": ["ATLASSIAN:FE-7344"]}, {"type": "attackerkb", "idList": ["AKB:E72B9F04-6006-41F4-A0B3-9639896AA934"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2020-0416"]}, {"type": "cisa", "idList": ["CISA:D7385BDD2786721598A2135E182282C2"]}, {"type": "cve", "idList": ["CVE-2020-13956", "CVE-2020-28458", "CVE-2021-21315"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2405-1:2470B"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2020-13956"]}, {"type": "freebsd", "idList": ["20006B5F-A0BC-11EB-8AE6-FC4DD43E2B6A"]}, {"type": "gentoo", "idList": ["GLSA-202107-52"]}, {"type": "github", "idList": ["GHSA-2M8V-572M-FF2V", "GHSA-M7J4-FHG6-XF5V"]}, {"type": "githubexploit", "idList": ["0E5869D4-37E8-526B-AD35-C6828C824560", "6F08577F-952F-55B0-859B-596C18FE4C8E", "972035A3-EFCA-59B4-BEF3-038086C30C32"]}, {"type": "ibm", "idList": ["643278CE1BB636D8764FFFB99832A74E1EB43BC79E059A2AF6DA2A9DF4BB4FCB", "B0FF85DCDE8644B3484BD6CF258480DD40154E7BDFEEDF7A128BF747F3AC618F", "D783A7F4DFFB9905E79E357ACA80CE9623FFC55147AEC4BAF71DFFC0CC45C9F3", "F479B1D4D6CE6F94562BE83AEBC7D30E6633A6727AB24138B99039D7EB3AB70F", "FC367D3847B3B18A075985BFC8A2A8898C7B9AFE3FE16A6F84968131CD5047B4"]}, {"type": "nessus", "idList": ["AL2_ALAS-2021-1690.NASL", "DEBIAN_DLA-2405.NASL", "EULEROS_SA-2021-1858.NASL", "EULEROS_SA-2021-2233.NASL", "FREEBSD_PKG_20006B5FA0BC11EB8AE6FC4DD43E2B6A.NASL", "ORACLE_NOSQL_CPU_APR_2021.NASL", "ORACLE_PRIMAVERA_UNIFIER_CPU_APR_2021.NASL", "ORACLE_RDBMS_CPU_JUL_2021.NASL"]}, {"type": "nodejs", "idList": ["NODEJS:1628"]}, {"type": "oracle", "idList": ["ORACLE:CPUJAN2022"]}, {"type": "redhat", "idList": ["RHSA-2021:0603"]}, {"type": "redhatcve", "idList": ["RH:CVE-2020-13936", "RH:CVE-2020-13956", "RH:CVE-2020-13959", "RH:CVE-2020-28458"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2021:0447-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2020-13936", "UB:CVE-2020-13956", "UB:CVE-2020-13959"]}]}, "exploitation": null, "vulnersScore": 1.1}, "_state": {"dependencies": 1660012827, "score": 1659923730}, "_internal": {"score_hash": "d85f9db82b44083652d8daf12565df32"}, "affectedSoftware": [{"version": "10.1.0", "operator": "ge", "name": "ibm spectrum protect plus"}, {"version": "10.1.7", "operator": "le", "name": "ibm spectrum protect plus"}]}

{"nessus": [{"lastseen": "2022-06-15T18:11:47", "description": "The remote host is affected by the vulnerability described in GLSA-202107-52 (Apache Velocity: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Apache Velocity. Please review the CVE identifiers referenced below for details.\n Impact :\n\n Please review the referenced CVE identifiers for details.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-10-29T00:00:00", "type": "nessus", "title": "GLSA-202107-52 : Apache Velocity: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13936", "CVE-2020-13959"], "modified": "2022-01-24T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:velocity", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-202107-52.NASL", "href": "https://www.tenable.com/plugins/nessus/154715", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202107-52.\n#\n# The advisory text is Copyright (C) 2001-2022 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(154715);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/24\");\n\n script_cve_id(\"CVE-2020-13936\", \"CVE-2020-13959\");\n script_xref(name:\"GLSA\", value:\"202107-52\");\n\n script_name(english:\"GLSA-202107-52 : Apache Velocity: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote host is affected by the vulnerability described in GLSA-202107-52\n(Apache Velocity: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Apache Velocity. Please\n review the CVE identifiers referenced below for details.\n \nImpact :\n\n Please review the referenced CVE identifiers for details.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/202107-52\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"All Apache Velocity users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-java/velocity-2.3'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13936\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:velocity\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-java/velocity\", unaffected:make_list(\"ge 2.3\"), vulnerable:make_list(\"lt 2.3\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Apache Velocity\");\n}\n", "cvss": {"score": 9, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-07-12T14:49:27", "description": "It was discovered that there was a cross-site scripting (XSS) vulnerability in velocity-tools, a collection of useful tools for the 'Velocity' template engine.\n\nThe default error page could be exploited to steal session cookies, perform requests in the name of the victim, used for phishing attacks and many other similar attacks.\n\nFor Debian 9 'Stretch', this problem has been fixed in version 2.0-6+deb9u1.\n\nWe recommend that you upgrade your velocity-tools packages.\n\nFor the detailed security status of velocity-tools please refer to its security tracker page at:\nhttps://security-tracker.debian.org/tracker/velocity-tools\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2021-03-19T00:00:00", "type": "nessus", "title": "Debian DLA-2597-1 : velocity-tools security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13959"], "modified": "2021-03-23T00:00:00", "cpe": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:libvelocity-tools-java:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:libvelocity-tools-java-doc:*:*:*:*:*:*:*"], "id": "DEBIAN_DLA-2597.NASL", "href": "https://www.tenable.com/plugins/nessus/147898", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-2597-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(147898);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/23\");\n\n script_cve_id(\"CVE-2020-13959\");\n\n script_name(english:\"Debian DLA-2597-1 : velocity-tools security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"It was discovered that there was a cross-site scripting (XSS)\nvulnerability in velocity-tools, a collection of useful tools for the\n'Velocity' template engine.\n\nThe default error page could be exploited to steal session cookies,\nperform requests in the name of the victim, used for phishing attacks\nand many other similar attacks.\n\nFor Debian 9 'Stretch', this problem has been fixed in version\n2.0-6+deb9u1.\n\nWe recommend that you upgrade your velocity-tools packages.\n\nFor the detailed security status of velocity-tools please refer to its\nsecurity tracker page at:\nhttps://security-tracker.debian.org/tracker/velocity-tools\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2021/03/msg00021.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/velocity-tools\"\n );\n # https://security-tracker.debian.org/tracker/source-package/velocity-tools\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e73cebd9\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libvelocity-tools-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libvelocity-tools-java-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libvelocity-tools-java\", reference:\"2.0-6+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libvelocity-tools-java-doc\", reference:\"2.0-6+deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-17T14:54:09", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:1184 advisory.\n\n - datatables.net: prototype pollution if 'constructor' were used in a data property name (CVE-2020-28458)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}, "published": "2021-04-14T00:00:00", "type": "nessus", "title": "RHEL 8 : RHV RHEL Host (ovirt-host) 4.4.z [ovirt-4.4.5] security, bug fix, enhancement (Moderate) (RHSA-2021:1184)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-28458"], "modified": "2021-10-07T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:cockpit-ovirt-dashboard"], "id": "REDHAT-RHSA-2021-1184.NASL", "href": "https://www.tenable.com/plugins/nessus/148540", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:1184. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148540);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/07\");\n\n script_cve_id(\"CVE-2020-28458\");\n script_xref(name:\"RHSA\", value:\"2021:1184\");\n\n script_name(english:\"RHEL 8 : RHV RHEL Host (ovirt-host) 4.4.z [ovirt-4.4.5] security, bug fix, enhancement (Moderate) (RHSA-2021:1184)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in\nthe RHSA-2021:1184 advisory.\n\n - datatables.net: prototype pollution if 'constructor' were used in a data property name (CVE-2020-28458)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/400.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-28458\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:1184\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1908441\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected cockpit-ovirt-dashboard package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-28458\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(400);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cockpit-ovirt-dashboard\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'enterprise_linux_8_hypervisor': [\n 'rhv-4-mgmt-agent-for-rhel-8-x86_64-debug-rpms',\n 'rhv-4-mgmt-agent-for-rhel-8-x86_64-rpms',\n 'rhv-4-mgmt-agent-for-rhel-8-x86_64-source-rpms',\n 'rhv-4-tools-for-rhel-8-x86_64-debug-rpms',\n 'rhv-4-tools-for-rhel-8-x86_64-rpms',\n 'rhv-4-tools-for-rhel-8-x86_64-source-rpms',\n 'rhvh-4-build-for-rhel-8-x86_64-rpms',\n 'rhvh-4-build-for-rhel-8-x86_64-source-rpms',\n 'rhvh-4-for-rhel-8-x86_64-debug-rpms',\n 'rhvh-4-for-rhel-8-x86_64-rpms',\n 'rhvh-4-for-rhel-8-x86_64-source-rpms'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'cockpit-ovirt-dashboard-0.14.20-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'redhat-release-virtualization-host-4', 'repo_list':['enterprise_linux_8_hypervisor']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'cockpit-ovirt-dashboard');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-11T16:43:51", "description": "The remote host contains a systeminformation npm module that is prior to 5.3.1. It is, therefore, affected by a command injection vulnerability. The System Information Library for Node.JS (npm package 'systeminformation') is an open source collection of functions to retrieve detailed hardware, system and OS information. In systeminformation before version 5.3.1 there is a command injection vulnerability. The vulnerability was fixed in version 5.3.1. As a workaround instead of upgrading, be sure to check or sanitize service parameters that are passed to si.inetLatency(), si.inetChecksite(), si.services(), or si.processLoad()... to only allow strings and reject any arrays. String sanitization works as expected.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-08-10T00:00:00", "type": "nessus", "title": "NodeJS System Information Library Command Injection (CVE-2021-21315)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-21315"], "modified": "2022-08-10T00:00:00", "cpe": ["cpe:2.3:a:systeminformation:systeminformation:*:*:*:*:*:*:*:*"], "id": "NODEJS_CVE-2021-21315.NBIN", "href": "https://www.tenable.com/plugins/nessus/164017", "sourceData": "Binary data nodejs_cve-2021-21315.nbin", "cvss": {"score": 7.5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-15T18:06:45", "description": "According to the version of the velocity package installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container. This applies to applications that allow untrusted users to upload/modify velocity templates running Apache Velocity Engine versions up to 2.2.(CVE-2020-13936)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-06-28T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : velocity (EulerOS-SA-2021-1990)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13936"], "modified": "2021-06-30T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:velocity", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2021-1990.NASL", "href": "https://www.tenable.com/plugins/nessus/151036", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151036);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/30\");\n\n script_cve_id(\n \"CVE-2020-13936\"\n );\n\n script_name(english:\"EulerOS 2.0 SP8 : velocity (EulerOS-SA-2021-1990)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the velocity package installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - An attacker that is able to modify Velocity templates\n may execute arbitrary Java code or run arbitrary system\n commands with the same privileges as the account\n running the Servlet container. This applies to\n applications that allow untrusted users to\n upload/modify velocity templates running Apache\n Velocity Engine versions up to 2.2.(CVE-2020-13936)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1990\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e54354f0\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected velocity package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:velocity\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"velocity-1.7-24.h2.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"velocity\");\n}\n", "cvss": {"score": 9, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T18:08:20", "description": "According to the version of the velocity package installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container. This applies to applications that allow untrusted users to upload/modify velocity templates running Apache Velocity Engine versions up to 2.2(CVE-2020-13936)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-07-16T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : velocity (EulerOS-SA-2021-2233)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13936"], "modified": "2021-07-21T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:velocity", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2021-2233.NASL", "href": "https://www.tenable.com/plugins/nessus/151771", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151771);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/07/21\");\n\n script_cve_id(\n \"CVE-2020-13936\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : velocity (EulerOS-SA-2021-2233)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the velocity package installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - An attacker that is able to modify Velocity templates\n may execute arbitrary Java code or run arbitrary system\n commands with the same privileges as the account\n running the Servlet container. This applies to\n applications that allow untrusted users to\n upload/modify velocity templates running Apache\n Velocity Engine versions up to 2.2(CVE-2020-13936)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2233\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f082ca00\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected velocity package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:velocity\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"velocity-1.7-10.h2.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"velocity\");\n}\n", "cvss": {"score": 9, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T20:22:21", "description": "The version of velocity installed on the remote host is prior to 1.7-10.2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2021-1690 advisory.\n\n - An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container. This applies to applications that allow untrusted users to upload/modify velocity templates running Apache Velocity Engine versions up to 2.2. (CVE-2020-13936)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-07-16T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : velocity (ALAS-2021-1690)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13936"], "modified": "2021-07-16T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:velocity", "p-cpe:/a:amazon:linux:velocity-demo", "p-cpe:/a:amazon:linux:velocity-javadoc", "p-cpe:/a:amazon:linux:velocity-manual", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2021-1690.NASL", "href": "https://www.tenable.com/plugins/nessus/151798", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2021-1690.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151798);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/07/16\");\n\n script_cve_id(\"CVE-2020-13936\");\n script_xref(name:\"ALAS\", value:\"2021-1690\");\n\n script_name(english:\"Amazon Linux 2 : velocity (ALAS-2021-1690)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of velocity installed on the remote host is prior to 1.7-10.2. It is, therefore, affected by a vulnerability\nas referenced in the ALAS2-2021-1690 advisory.\n\n - An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary\n system commands with the same privileges as the account running the Servlet container. This applies to\n applications that allow untrusted users to upload/modify velocity templates running Apache Velocity Engine\n versions up to 2.2. (CVE-2020-13936)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2/ALAS-2021-1690.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-13936\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update velocity' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13936\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:velocity\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:velocity-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:velocity-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:velocity-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\npkgs = [\n {'reference':'velocity-1.7-10.2.amzn2', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'velocity-demo-1.7-10.2.amzn2', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'velocity-javadoc-1.7-10.2.amzn2', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'velocity-manual-1.7-10.2.amzn2', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"velocity / velocity-demo / velocity-javadoc / etc\");\n}", "cvss": {"score": 9, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T18:08:57", "description": "According to the version of the velocity package installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container. This applies to applications that allow untrusted users to upload/modify velocity templates running Apache Velocity Engine versions up to 2.2.(CVE-2020-13936)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-09-14T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP2 : velocity (EulerOS-SA-2021-2437)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13936"], "modified": "2021-09-16T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:velocity", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2021-2437.NASL", "href": "https://www.tenable.com/plugins/nessus/153335", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153335);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/16\");\n\n script_cve_id(\n \"CVE-2020-13936\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : velocity (EulerOS-SA-2021-2437)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the velocity package installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - An attacker that is able to modify Velocity templates\n may execute arbitrary Java code or run arbitrary system\n commands with the same privileges as the account\n running the Servlet container. This applies to\n applications that allow untrusted users to\n upload/modify velocity templates running Apache\n Velocity Engine versions up to 2.2.(CVE-2020-13936)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2437\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b8ef2cfa\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected velocity package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/09/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:velocity\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"velocity-1.7-10.h2\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"velocity\");\n}\n", "cvss": {"score": 9, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-06-16T14:58:24", "description": "According to the version of the velocity package installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container. This applies to applications that allow untrusted users to upload/modify velocity templates running Apache Velocity Engine versions up to 2.2.(CVE-2020-13936)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-04-30T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP3 : velocity (EulerOS-SA-2021-1858)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13936"], "modified": "2021-05-04T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:velocity", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2021-1858.NASL", "href": "https://www.tenable.com/plugins/nessus/149193", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(149193);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/05/04\");\n\n script_cve_id(\n \"CVE-2020-13936\"\n );\n\n script_name(english:\"EulerOS 2.0 SP3 : velocity (EulerOS-SA-2021-1858)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the velocity package installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - An attacker that is able to modify Velocity templates\n may execute arbitrary Java code or run arbitrary system\n commands with the same privileges as the account\n running the Servlet container. This applies to\n applications that allow untrusted users to\n upload/modify velocity templates running Apache\n Velocity Engine versions up to 2.2.(CVE-2020-13936)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1858\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?09103746\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected velocity package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:velocity\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"velocity-1.7-10.h2\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"velocity\");\n}\n", "cvss": {"score": 9, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-07-12T14:48:16", "description": "It was discovered that there was a potential arbitrary code execution vulnerability in velocity, a Java-based template engine for writing web applications. It could be exploited by applications which allowed untrusted users to upload/modify templates.\n\nFor Debian 9 'Stretch', this problem has been fixed in version 1.7-5+deb9u1.\n\nWe recommend that you upgrade your velocity packages.\n\nFor the detailed security status of velocity please refer to its security tracker page at:\nhttps://security-tracker.debian.org/tracker/velocity\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-03-19T00:00:00", "type": "nessus", "title": "Debian DLA-2595-1 : velocity security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13936"], "modified": "2021-03-23T00:00:00", "cpe": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:velocity:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:velocity-doc:*:*:*:*:*:*:*"], "id": "DEBIAN_DLA-2595.NASL", "href": "https://www.tenable.com/plugins/nessus/147903", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-2595-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(147903);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/23\");\n\n script_cve_id(\"CVE-2020-13936\");\n\n script_name(english:\"Debian DLA-2595-1 : velocity security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"It was discovered that there was a potential arbitrary code execution\nvulnerability in velocity, a Java-based template engine for writing\nweb applications. It could be exploited by applications which allowed\nuntrusted users to upload/modify templates.\n\nFor Debian 9 'Stretch', this problem has been fixed in version\n1.7-5+deb9u1.\n\nWe recommend that you upgrade your velocity packages.\n\nFor the detailed security status of velocity please refer to its\nsecurity tracker page at:\nhttps://security-tracker.debian.org/tracker/velocity\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2021/03/msg00019.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/velocity\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/velocity\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Upgrade the affected velocity, and velocity-doc packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:velocity\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:velocity-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"velocity\", reference:\"1.7-5+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"velocity-doc\", reference:\"1.7-5+deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9, "vector": "CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-06-16T14:55:40", "description": "This update for velocity fixes the following issues :\n\n - CVE-2020-13936: Fixed an arbitrary code execution when attacker is able to modify templates (bsc#1183360).\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update project.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-03-22T00:00:00", "type": "nessus", "title": "openSUSE Security Update : velocity (openSUSE-2021-447)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13936"], "modified": "2021-03-24T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:velocity", "p-cpe:/a:novell:opensuse:velocity-demo", "p-cpe:/a:novell:opensuse:velocity-javadoc", "p-cpe:/a:novell:opensuse:velocity-manual", "cpe:/o:novell:opensuse:15.2"], "id": "OPENSUSE-2021-447.NASL", "href": "https://www.tenable.com/plugins/nessus/147927", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2021-447.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(147927);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/24\");\n\n script_cve_id(\"CVE-2020-13936\");\n\n script_name(english:\"openSUSE Security Update : velocity (openSUSE-2021-447)\");\n script_summary(english:\"Check for the openSUSE-2021-447 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for velocity fixes the following issues :\n\n - CVE-2020-13936: Fixed an arbitrary code execution when\n attacker is able to modify templates (bsc#1183360).\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1183360\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected velocity packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:velocity\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:velocity-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:velocity-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:velocity-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.2\", reference:\"velocity-1.7-lp152.5.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"velocity-demo-1.7-lp152.5.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"velocity-javadoc-1.7-lp152.5.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"velocity-manual-1.7-lp152.5.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"velocity / velocity-demo / velocity-javadoc / velocity-manual\");\n}\n", "cvss": {"score": 9, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-08-09T15:51:52", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:0722 advisory.\n\n - apache-httpclient: incorrect handling of malformed authority component in request URIs (CVE-2020-13956)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}, "published": "2022-03-02T00:00:00", "type": "nessus", "title": "RHEL 7 : rh-maven36-httpcomponents-client (RHSA-2022:0722)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13956"], "modified": "2022-03-02T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:rh-maven36-httpcomponents-client", "p-cpe:/a:redhat:enterprise_linux:rh-maven36-httpcomponents-client-javadoc"], "id": "REDHAT-RHSA-2022-0722.NASL", "href": "https://www.tenable.com/plugins/nessus/158556", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0722. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158556);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/03/02\");\n\n script_cve_id(\"CVE-2020-13956\");\n script_xref(name:\"RHSA\", value:\"2022:0722\");\n script_xref(name:\"IAVA\", value:\"2022-A-0029\");\n\n script_name(english:\"RHEL 7 : rh-maven36-httpcomponents-client (RHSA-2022:0722)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2022:0722 advisory.\n\n - apache-httpclient: incorrect handling of malformed authority component in request URIs (CVE-2020-13956)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-13956\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0722\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1886587\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected rh-maven36-httpcomponents-client and / or rh-maven36-httpcomponents-client-javadoc packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13956\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-maven36-httpcomponents-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-maven36-httpcomponents-client-javadoc\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'rhel_software_collections_1_el7': [\n 'rhel-server-rhscl-7-debug-rpms',\n 'rhel-server-rhscl-7-rpms',\n 'rhel-server-rhscl-7-source-rpms',\n 'rhel-workstation-rhscl-7-debug-rpms',\n 'rhel-workstation-rhscl-7-rpms',\n 'rhel-workstation-rhscl-7-source-rpms'\n ],\n 'rhel_software_collections_2_el7': [\n 'rhel-server-rhscl-7-debug-rpms',\n 'rhel-server-rhscl-7-eus-debug-rpms',\n 'rhel-server-rhscl-7-eus-rpms',\n 'rhel-server-rhscl-7-eus-source-rpms',\n 'rhel-server-rhscl-7-rpms',\n 'rhel-server-rhscl-7-source-rpms',\n 'rhel-workstation-rhscl-7-debug-rpms',\n 'rhel-workstation-rhscl-7-rpms',\n 'rhel-workstation-rhscl-7-source-rpms'\n ],\n 'rhel_software_collections_3_el7': [\n 'rhel-server-rhscl-7-debug-rpms',\n 'rhel-server-rhscl-7-eus-debug-rpms',\n 'rhel-server-rhscl-7-eus-rpms',\n 'rhel-server-rhscl-7-eus-source-rpms',\n 'rhel-server-rhscl-7-rpms',\n 'rhel-server-rhscl-7-source-rpms',\n 'rhel-workstation-rhscl-7-debug-rpms',\n 'rhel-workstation-rhscl-7-rpms',\n 'rhel-workstation-rhscl-7-source-rpms'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'rh-maven36-httpcomponents-client-4.5.9-1.3.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_software_collections_1_el7', 'rhel_software_collections_2_el7', 'rhel_software_collections_3_el7']},\n {'reference':'rh-maven36-httpcomponents-client-javadoc-4.5.9-1.3.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_software_collections_1_el7', 'rhel_software_collections_2_el7', 'rhel_software_collections_3_el7']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'rh-maven36-httpcomponents-client / etc');\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-09T15:56:44", "description": "The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:1860 advisory.\n\n - Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution. (CVE-2020-13956)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}, "published": "2022-05-12T00:00:00", "type": "nessus", "title": "AlmaLinux 8 : maven:3.6 (ALSA-2022:1860)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13956"], "modified": "2022-05-12T00:00:00", "cpe": ["p-cpe:/a:alma:linux:aopalliance", "p-cpe:/a:alma:linux:apache-commons-cli", "p-cpe:/a:alma:linux:apache-commons-codec", "p-cpe:/a:alma:linux:apache-commons-io", "p-cpe:/a:alma:linux:apache-commons-lang3", "p-cpe:/a:alma:linux:atinject", "p-cpe:/a:alma:linux:cdi-api", "p-cpe:/a:alma:linux:geronimo-annotation", "p-cpe:/a:alma:linux:google-guice", "p-cpe:/a:alma:linux:guava", "p-cpe:/a:alma:linux:httpcomponents-client", "p-cpe:/a:alma:linux:httpcomponents-core", "p-cpe:/a:alma:linux:jansi", "p-cpe:/a:alma:linux:jcl-over-slf4j", "p-cpe:/a:alma:linux:jsoup", "p-cpe:/a:alma:linux:jsr-305", "p-cpe:/a:alma:linux:maven", "p-cpe:/a:alma:linux:maven-lib", "p-cpe:/a:alma:linux:maven-openjdk11", "p-cpe:/a:alma:linux:maven-openjdk17", "p-cpe:/a:alma:linux:maven-openjdk8", "p-cpe:/a:alma:linux:maven-resolver", "p-cpe:/a:alma:linux:maven-shared-utils", "p-cpe:/a:alma:linux:maven-wagon", "p-cpe:/a:alma:linux:plexus-cipher", "p-cpe:/a:alma:linux:plexus-classworlds", "p-cpe:/a:alma:linux:plexus-containers-component-annotations", "p-cpe:/a:alma:linux:plexus-interpolation", "p-cpe:/a:alma:linux:plexus-sec-dispatcher", "p-cpe:/a:alma:linux:plexus-utils", "p-cpe:/a:alma:linux:sisu", "p-cpe:/a:alma:linux:slf4j", "cpe:/o:alma:linux:8"], "id": "ALMA_LINUX_ALSA-2022-1860.NASL", "href": "https://www.tenable.com/plugins/nessus/161090", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2022:1860.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(161090);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\"CVE-2020-13956\");\n script_xref(name:\"ALSA\", value:\"2022:1860\");\n\n script_name(english:\"AlmaLinux 8 : maven:3.6 (ALSA-2022:1860)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the\nALSA-2022:1860 advisory.\n\n - Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority\n component in request URIs passed to the library as java.net.URI object and pick the wrong target host for\n request execution. (CVE-2020-13956)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/8/ALSA-2022-1860.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13956\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:aopalliance\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:apache-commons-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:apache-commons-codec\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:apache-commons-io\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:apache-commons-lang3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:atinject\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:cdi-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:geronimo-annotation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:google-guice\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:guava\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:httpcomponents-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:httpcomponents-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:jansi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:jcl-over-slf4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:jsoup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:jsr-305\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:maven\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:maven-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:maven-openjdk11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:maven-openjdk17\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:maven-openjdk8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:maven-resolver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:maven-shared-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:maven-wagon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:plexus-cipher\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:plexus-classworlds\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:plexus-containers-component-annotations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:plexus-interpolation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:plexus-sec-dispatcher\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:plexus-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:sisu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:slf4j\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(release) || 'AlmaLinux' >!< release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 8.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nvar module_ver = get_kb_item('Host/AlmaLinux/appstream/maven');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module maven:3.6');\nif ('3.6' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module maven:' + module_ver);\n\nvar appstreams = {\n 'maven:3.6': [\n {'reference':'aopalliance-1.0-20.module_el8.6.0+2786+d7c38b21', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'apache-commons-cli-1.4-7.module_el8.6.0+2786+d7c38b21', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'apache-commons-codec-1.13-3.module_el8.6.0+2786+d7c38b21', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'apache-commons-io-2.6-6.module_el8.6.0+2786+d7c38b21', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'apache-commons-lang3-3.9-4.module_el8.6.0+2786+d7c38b21', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'atinject-1-31.20100611svn86.module_el8.6.0+2786+d7c38b21', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'cdi-api-2.0.1-3.module_el8.6.0+2786+d7c38b21', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'geronimo-annotation-1.0-26.module_el8.6.0+2786+d7c38b21', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'google-guice-4.2.2-4.module_el8.6.0+2786+d7c38b21', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'guava-28.1-3.module_el8.6.0+2786+d7c38b21', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'httpcomponents-client-4.5.10-4.module_el8.6.0+2786+d7c38b21', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'httpcomponents-core-4.4.12-3.module_el8.6.0+2786+d7c38b21', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'jansi-1.18-4.module_el8.6.0+2786+d7c38b21', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'jcl-over-slf4j-1.7.28-3.module_el8.6.0+2786+d7c38b21', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'jsoup-1.12.1-3.module_el8.6.0+2786+d7c38b21', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'jsr-305-0-0.25.20130910svn.module_el8.6.0+2786+d7c38b21', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'maven-3.6.2-7.module_el8.6.0+2786+d7c38b21', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'maven-lib-3.6.2-7.module_el8.6.0+2786+d7c38b21', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'maven-openjdk11-3.6.2-7.module_el8.6.0+2786+d7c38b21', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'maven-openjdk17-3.6.2-7.module_el8.6.0+2786+d7c38b21', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'maven-openjdk8-3.6.2-7.module_el8.6.0+2786+d7c38b21', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'maven-resolver-1.4.1-3.module_el8.6.0+2786+d7c38b21', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'maven-shared-utils-3.2.1-0.4.module_el8.6.0+2786+d7c38b21', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'maven-wagon-3.3.4-2.module_el8.6.0+2786+d7c38b21', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plexus-cipher-1.7-17.module_el8.6.0+2786+d7c38b21', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plexus-classworlds-2.6.0-4.module_el8.6.0+2786+d7c38b21', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plexus-containers-component-annotations-2.1.0-2.module_el8.6.0+2786+d7c38b21', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plexus-interpolation-1.26-3.module_el8.6.0+2786+d7c38b21', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plexus-sec-dispatcher-1.4-29.module_el8.6.0+2786+d7c38b21', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plexus-utils-3.3.0-3.module_el8.6.0+2786+d7c38b21', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sisu-0.3.4-2.module_el8.6.0+2786+d7c38b21', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'slf4j-1.7.28-3.module_el8.6.0+2786+d7c38b21', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n};\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/AlmaLinux/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module maven:3.6');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'aopalliance / apache-commons-cli / apache-commons-codec / etc');\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-09T15:56:45", "description": "The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2022:1860 advisory.\n\n - apache-httpclient: incorrect handling of malformed authority component in request URIs (CVE-2020-13956)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}, "published": "2022-05-10T00:00:00", "type": "nessus", "title": "CentOS 8 : maven:3.6 (CESA-2022:1860)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13956"], "modified": "2022-05-10T00:00:00", "cpe": ["cpe:/o:centos:centos:8-stream", "p-cpe:/a:centos:centos:guava", "p-cpe:/a:centos:centos:httpcomponents-client", "p-cpe:/a:centos:centos:maven", "p-cpe:/a:centos:centos:maven-lib", "p-cpe:/a:centos:centos:maven-openjdk11", "p-cpe:/a:centos:centos:maven-openjdk17", "p-cpe:/a:centos:centos:maven-openjdk8"], "id": "CENTOS8_RHSA-2022-1860.NASL", "href": "https://www.tenable.com/plugins/nessus/160969", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2022:1860. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160969);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/10\");\n\n script_cve_id(\"CVE-2020-13956\");\n script_xref(name:\"RHSA\", value:\"2022:1860\");\n script_xref(name:\"IAVA\", value:\"2022-A-0029\");\n\n script_name(english:\"CentOS 8 : maven:3.6 (CESA-2022:1860)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the\nCESA-2022:1860 advisory.\n\n - apache-httpclient: incorrect handling of malformed authority component in request URIs (CVE-2020-13956)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:1860\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13956\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8-stream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:guava\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:httpcomponents-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:maven\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:maven-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:maven-openjdk11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:maven-openjdk17\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:maven-openjdk8\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nvar os_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nvar os_ver = os_ver[1];\nif ('CentOS Stream' >!< release) audit(AUDIT_OS_NOT, 'CentOS 8-Stream');\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nvar pkgs = [\n {'reference':'guava-28.1-3.module_el8.6.0', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'httpcomponents-client-4.5.10-4.module_el8.6.0', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'maven-3.6.2-7.module_el8.6.0', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'maven-lib-3.6.2-7.module_el8.6.0', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'maven-openjdk11-3.6.2-7.module_el8.6.0', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'maven-openjdk17-3.6.2-7.module_el8.6.0', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'maven-openjdk8-3.6.2-7.module_el8.6.0', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'guava / httpcomponents-client / maven / maven-lib / maven-openjdk11 / etc');\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-09T15:56:45", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:1861 advisory.\n\n - apache-httpclient: incorrect handling of malformed authority component in request URIs (CVE-2020-13956)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}, "published": "2022-05-11T00:00:00", "type": "nessus", "title": "RHEL 8 : maven:3.5 (RHSA-2022:1861)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13956"], "modified": "2022-05-11T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:aopalliance", "p-cpe:/a:redhat:enterprise_linux:apache-commons-cli", "p-cpe:/a:redhat:enterprise_linux:apache-commons-codec", "p-cpe:/a:redhat:enterprise_linux:apache-commons-io", "p-cpe:/a:redhat:enterprise_linux:apache-commons-lang3", "p-cpe:/a:redhat:enterprise_linux:apache-commons-logging", "p-cpe:/a:redhat:enterprise_linux:atinject", "p-cpe:/a:redhat:enterprise_linux:cdi-api", "p-cpe:/a:redhat:enterprise_linux:geronimo-annotation", "p-cpe:/a:redhat:enterprise_linux:glassfish-el-api", "p-cpe:/a:redhat:enterprise_linux:google-guice", "p-cpe:/a:redhat:enterprise_linux:guava20", "p-cpe:/a:redhat:enterprise_linux:hawtjni-runtime", "p-cpe:/a:redhat:enterprise_linux:httpcomponents-client", "p-cpe:/a:redhat:enterprise_linux:httpcomponents-core", "p-cpe:/a:redhat:enterprise_linux:jansi", "p-cpe:/a:redhat:enterprise_linux:jansi-native", "p-cpe:/a:redhat:enterprise_linux:jboss-interceptors-1.2-api", "p-cpe:/a:redhat:enterprise_linux:jcl-over-slf4j", "p-cpe:/a:redhat:enterprise_linux:jsoup", "p-cpe:/a:redhat:enterprise_linux:maven", "p-cpe:/a:redhat:enterprise_linux:maven-lib", "p-cpe:/a:redhat:enterprise_linux:maven-resolver-api", "p-cpe:/a:redhat:enterprise_linux:maven-resolver-connector-basic", "p-cpe:/a:redhat:enterprise_linux:maven-resolver-impl", "p-cpe:/a:redhat:enterprise_linux:maven-resolver-spi", "p-cpe:/a:redhat:enterprise_linux:maven-resolver-transport-wagon", "p-cpe:/a:redhat:enterprise_linux:maven-resolver-util", "p-cpe:/a:redhat:enterprise_linux:maven-shared-utils", "p-cpe:/a:redhat:enterprise_linux:maven-wagon-file", "p-cpe:/a:redhat:enterprise_linux:maven-wagon-http", "p-cpe:/a:redhat:enterprise_linux:maven-wagon-http-shared", "p-cpe:/a:redhat:enterprise_linux:maven-wagon-provider-api", "p-cpe:/a:redhat:enterprise_linux:plexus-cipher", "p-cpe:/a:redhat:enterprise_linux:plexus-classworlds", "p-cpe:/a:redhat:enterprise_linux:plexus-containers-component-annotations", "p-cpe:/a:redhat:enterprise_linux:plexus-interpolation", "p-cpe:/a:redhat:enterprise_linux:plexus-sec-dispatcher", "p-cpe:/a:redhat:enterprise_linux:plexus-utils", "p-cpe:/a:redhat:enterprise_linux:sisu-inject", "p-cpe:/a:redhat:enterprise_linux:sisu-plexus", "p-cpe:/a:redhat:enterprise_linux:slf4j"], "id": "REDHAT-RHSA-2022-1861.NASL", "href": "https://www.tenable.com/plugins/nessus/161018", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:1861. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(161018);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/11\");\n\n script_cve_id(\"CVE-2020-13956\");\n script_xref(name:\"RHSA\", value:\"2022:1861\");\n script_xref(name:\"IAVA\", value:\"2022-A-0029\");\n\n script_name(english:\"RHEL 8 : maven:3.5 (RHSA-2022:1861)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2022:1861 advisory.\n\n - apache-httpclient: incorrect handling of malformed authority component in request URIs (CVE-2020-13956)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-13956\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:1861\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1886587\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13956\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:aopalliance\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-commons-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-commons-codec\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-commons-io\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-commons-lang3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-commons-logging\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atinject\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cdi-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:geronimo-annotation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glassfish-el-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:google-guice\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:guava20\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hawtjni-runtime\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpcomponents-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpcomponents-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jansi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jansi-native\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-interceptors-1.2-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jcl-over-slf4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jsoup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:maven\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:maven-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:maven-resolver-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:maven-resolver-connector-basic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:maven-resolver-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:maven-resolver-spi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:maven-resolver-transport-wagon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:maven-resolver-util\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:maven-shared-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:maven-wagon-file\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:maven-wagon-http\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:maven-wagon-http-shared\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:maven-wagon-provider-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:plexus-cipher\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:plexus-classworlds\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:plexus-containers-component-annotations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:plexus-interpolation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:plexus-sec-dispatcher\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:plexus-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sisu-inject\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sisu-plexus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:slf4j\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'enterprise_linux_8_appstream': [\n 'rhel-8-for-aarch64-appstream-debug-rpms',\n 'rhel-8-for-aarch64-appstream-rpms',\n 'rhel-8-for-aarch64-appstream-source-rpms',\n 'rhel-8-for-s390x-appstream-debug-rpms',\n 'rhel-8-for-s390x-appstream-rpms',\n 'rhel-8-for-s390x-appstream-source-rpms',\n 'rhel-8-for-x86_64-appstream-debug-rpms',\n 'rhel-8-for-x86_64-appstream-rpms',\n 'rhel-8-for-x86_64-appstream-source-rpms'\n ],\n 'enterprise_linux_8_baseos': [\n 'rhel-8-for-aarch64-baseos-debug-rpms',\n 'rhel-8-for-aarch64-baseos-rpms',\n 'rhel-8-for-aarch64-baseos-source-rpms',\n 'rhel-8-for-s390x-baseos-debug-rpms',\n 'rhel-8-for-s390x-baseos-rpms',\n 'rhel-8-for-s390x-baseos-source-rpms',\n 'rhel-8-for-x86_64-baseos-debug-rpms',\n 'rhel-8-for-x86_64-baseos-rpms',\n 'rhel-8-for-x86_64-baseos-source-rpms'\n ],\n 'enterprise_linux_8_crb': [\n 'codeready-builder-for-rhel-8-aarch64-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-aarch64-rpms',\n 'codeready-builder-for-rhel-8-aarch64-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-rpms',\n 'codeready-builder-for-rhel-8-s390x-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-rpms',\n 'codeready-builder-for-rhel-8-x86_64-source-rpms'\n ],\n 'enterprise_linux_8_highavailability': [\n 'rhel-8-for-aarch64-highavailability-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms',\n 'rhel-8-for-aarch64-highavailability-rpms',\n 'rhel-8-for-aarch64-highavailability-source-rpms',\n 'rhel-8-for-s390x-highavailability-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-rpms',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms',\n 'rhel-8-for-s390x-highavailability-rpms',\n 'rhel-8-for-s390x-highavailability-source-rpms',\n 'rhel-8-for-x86_64-highavailability-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-rpms',\n 'rhel-8-for-x86_64-highavailability-source-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms'\n ],\n 'enterprise_linux_8_nfv': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-nfv-tus-debug-rpms',\n 'rhel-8-for-x86_64-nfv-tus-rpms',\n 'rhel-8-for-x86_64-nfv-tus-source-rpms'\n ],\n 'enterprise_linux_8_realtime': [\n 'rhel-8-for-x86_64-rt-debug-rpms',\n 'rhel-8-for-x86_64-rt-rpms',\n 'rhel-8-for-x86_64-rt-source-rpms',\n 'rhel-8-for-x86_64-rt-tus-debug-rpms',\n 'rhel-8-for-x86_64-rt-tus-rpms',\n 'rhel-8-for-x86_64-rt-tus-source-rpms'\n ],\n 'enterprise_linux_8_resilientstorage': [\n 'rhel-8-for-s390x-resilientstorage-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms',\n 'rhel-8-for-s390x-resilientstorage-rpms',\n 'rhel-8-for-s390x-resilientstorage-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-rpms',\n 'rhel-8-for-x86_64-resilientstorage-source-rpms'\n ],\n 'enterprise_linux_8_sap': [\n 'rhel-8-for-s390x-sap-netweaver-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-s390x-sap-netweaver-rpms',\n 'rhel-8-for-s390x-sap-netweaver-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-source-rpms'\n ],\n 'enterprise_linux_8_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-rpms',\n 'rhel-8-for-x86_64-sap-solutions-source-rpms'\n ],\n 'enterprise_linux_8_supplementary': [\n 'rhel-8-for-aarch64-supplementary-eus-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms',\n 'rhel-8-for-aarch64-supplementary-rpms',\n 'rhel-8-for-aarch64-supplementary-source-rpms',\n 'rhel-8-for-s390x-supplementary-eus-rpms',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms',\n 'rhel-8-for-s390x-supplementary-rpms',\n 'rhel-8-for-s390x-supplementary-source-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms',\n 'rhel-8-for-x86_64-supplementary-rpms',\n 'rhel-8-for-x86_64-supplementary-source-rpms'\n ],\n 'rhel_aus_8_6_appstream': [\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms__8_DOT_6'\n ],\n 'rhel_aus_8_6_baseos': [\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-baseos-aus-rpms',\n 'rhel-8-for-x86_64-baseos-aus-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms__8_DOT_6'\n ],\n 'rhel_e4s_8_6_appstream': [\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms__8_DOT_6'\n ],\n 'rhel_e4s_8_6_baseos': [\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms__8_DOT_6'\n ],\n 'rhel_e4s_8_6_highavailability': [\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms__8_DOT_6'\n ],\n 'rhel_e4s_8_6_sap': [\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms__8_DOT_6'\n ],\n 'rhel_e4s_8_6_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms__8_DOT_6'\n ],\n 'rhel_eus_8_6_appstream': [\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms',\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms__8_DOT_6',\n 'rhel-8-for-aarch64-appstream-eus-rpms',\n 'rhel-8-for-aarch64-appstream-eus-rpms__8_DOT_6',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms__8_DOT_6',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms__8_DOT_6',\n 'rhel-8-for-s390x-appstream-eus-rpms',\n 'rhel-8-for-s390x-appstream-eus-rpms__8_DOT_6',\n 'rhel-8-for-s390x-appstream-eus-source-rpms',\n 'rhel-8-for-s390x-appstream-eus-source-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-appstream-eus-rpms',\n 'rhel-8-for-x86_64-appstream-eus-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms'\n ],\n 'rhel_eus_8_6_baseos': [\n 'rhel-8-for-aarch64-baseos-eus-debug-rpms',\n 'rhel-8-for-aarch64-baseos-eus-debug-rpms__8_DOT_6',\n 'rhel-8-for-aarch64-baseos-eus-rpms',\n 'rhel-8-for-aarch64-baseos-eus-rpms__8_DOT_6',\n 'rhel-8-for-aarch64-baseos-eus-source-rpms',\n 'rhel-8-for-aarch64-baseos-eus-source-rpms__8_DOT_6',\n 'rhel-8-for-s390x-baseos-eus-debug-rpms',\n 'rhel-8-for-s390x-baseos-eus-debug-rpms__8_DOT_6',\n 'rhel-8-for-s390x-baseos-eus-rpms',\n 'rhel-8-for-s390x-baseos-eus-rpms__8_DOT_6',\n 'rhel-8-for-s390x-baseos-eus-source-rpms',\n 'rhel-8-for-s390x-baseos-eus-source-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-aus-rpms',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-eus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-eus-debug-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-baseos-eus-rpms',\n 'rhel-8-for-x86_64-baseos-eus-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-baseos-eus-source-rpms',\n 'rhel-8-for-x86_64-baseos-eus-source-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-tus-rpms',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms'\n ],\n 'rhel_eus_8_6_crb': [\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms__8_DOT_6',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms__8_DOT_6',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms__8_DOT_6',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms__8_DOT_6',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms__8_DOT_6',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms__8_DOT_6',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms__8_DOT_6',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms__8_DOT_6',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms__8_DOT_6'\n ],\n 'rhel_eus_8_6_highavailability': [\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms__8_DOT_6',\n 'rhel-8-for-aarch64-highavailability-eus-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-rpms__8_DOT_6',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms__8_DOT_6',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms__8_DOT_6',\n 'rhel-8-for-s390x-highavailability-eus-rpms',\n 'rhel-8-for-s390x-highavailability-eus-rpms__8_DOT_6',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-highavailability-eus-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms'\n ],\n 'rhel_eus_8_6_resilientstorage': [\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms__8_DOT_6',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms__8_DOT_6',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms__8_DOT_6'\n ],\n 'rhel_eus_8_6_sap': [\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms__8_DOT_6',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms__8_DOT_6',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms__8_DOT_6'\n ],\n 'rhel_eus_8_6_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms__8_DOT_6'\n ],\n 'rhel_eus_8_6_supplementary': [\n 'rhel-8-for-aarch64-supplementary-eus-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-rpms__8_DOT_6',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms__8_DOT_6',\n 'rhel-8-for-s390x-supplementary-eus-rpms',\n 'rhel-8-for-s390x-supplementary-eus-rpms__8_DOT_6',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-supplementary-eus-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms__8_DOT_6'\n ],\n 'rhel_tus_8_6_appstream': [\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms__8_DOT_6'\n ],\n 'rhel_tus_8_6_baseos': [\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-baseos-tus-rpms',\n 'rhel-8-for-x86_64-baseos-tus-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms__8_DOT_6'\n ],\n 'rhel_tus_8_6_highavailability': [\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms__8_DOT_6'\n ],\n 'rhel_tus_8_6_realtime': [\n 'rhel-8-for-x86_64-rt-tus-rpms',\n 'rhel-8-for-x86_64-rt-tus-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-rt-tus-source-rpms',\n 'rhel-8-for-x86_64-rt-tus-source-rpms__8_DOT_6'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nvar enterprise_linux_flag = rhel_repo_sets_has_enterprise_linux(repo_sets:repo_sets);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar pkgs = [\n {'reference':'aopalliance-1.0-17.module+el8+2452+b359bfcd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'apache-commons-cli-1.4-4.module+el8+2452+b359bfcd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'apache-commons-codec-1.11-3.module+el8+2452+b359bfcd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'apache-commons-io-2.6-3.module+el8+2452+b359bfcd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'apache-commons-lang3-3.7-3.module+el8+2452+b359bfcd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'apache-commons-logging-1.2-13.module+el8+2452+b359bfcd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'atinject-1-28.20100611svn86.module+el8+2452+b359bfcd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'cdi-api-1.2-8.module+el8+2452+b359bfcd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'geronimo-annotation-1.0-23.module+el8+2452+b359bfcd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'glassfish-el-api-3.0.1-0.7.b08.module+el8+2452+b359bfcd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'google-guice-4.1-11.module+el8+2452+b359bfcd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'guava20-20.0-8.module+el8+2452+b359bfcd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'hawtjni-runtime-1.16-2.module+el8+2452+b359bfcd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'httpcomponents-client-4.5.5-5.module+el8.6.0+13298+7b5243c0', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'httpcomponents-core-4.4.10-3.module+el8+2452+b359bfcd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'jansi-1.17.1-1.module+el8+2452+b359bfcd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'jansi-native-1.7-7.module+el8+2452+b359bfcd', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'jansi-native-1.7-7.module+el8+2452+b359bfcd', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'jansi-native-1.7-7.module+el8+2452+b359bfcd', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'jboss-interceptors-1.2-api-1.0.0-8.module+el8+2452+b359bfcd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'jcl-over-slf4j-1.7.25-4.module+el8+2452+b359bfcd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'jsoup-1.11.3-3.module+el8+2452+b359bfcd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'maven-3.5.4-5.module+el8+2452+b359bfcd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'maven-lib-3.5.4-5.module+el8+2452+b359bfcd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'maven-resolver-api-1.1.1-2.module+el8+2452+b359bfcd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'maven-resolver-connector-basic-1.1.1-2.module+el8+2452+b359bfcd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'maven-resolver-impl-1.1.1-2.module+el8+2452+b359bfcd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'maven-resolver-spi-1.1.1-2.module+el8+2452+b359bfcd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'maven-resolver-transport-wagon-1.1.1-2.module+el8+2452+b359bfcd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'maven-resolver-util-1.1.1-2.module+el8+2452+b359bfcd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'maven-shared-utils-3.2.1-0.1.module+el8+2452+b359bfcd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'maven-wagon-file-3.1.0-1.module+el8+2452+b359bfcd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'maven-wagon-http-3.1.0-1.module+el8+2452+b359bfcd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'maven-wagon-http-shared-3.1.0-1.module+el8+2452+b359bfcd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'maven-wagon-provider-api-3.1.0-1.module+el8+2452+b359bfcd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'plexus-cipher-1.7-14.module+el8+2452+b359bfcd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'plexus-classworlds-2.5.2-9.module+el8+2452+b359bfcd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'plexus-containers-component-annotations-1.7.1-8.module+el8+2452+b359bfcd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'plexus-interpolation-1.22-9.module+el8+2452+b359bfcd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'plexus-sec-dispatcher-1.4-26.module+el8+2452+b359bfcd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'plexus-utils-3.1.0-3.module+el8+2452+b359bfcd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'sisu-inject-0.3.3-6.module+el8+2452+b359bfcd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'sisu-plexus-0.3.3-6.module+el8+2452+b359bfcd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'slf4j-1.7.25-4.module+el8+2452+b359bfcd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp']) && !enterprise_linux_flag) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'aopalliance / apache-commons-cli / apache-commons-codec / etc');\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-09T15:56:46", "description": "The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2022:1861 advisory.\n\n - apache-httpclient: incorrect handling of malformed authority component in request URIs (CVE-2020-13956)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}, "published": "2022-05-10T00:00:00", "type": "nessus", "title": "CentOS 8 : maven:3.5 (CESA-2022:1861)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13956"], "modified": "2022-05-10T00:00:00", "cpe": ["cpe:/o:centos:centos:8-stream", "p-cpe:/a:centos:centos:httpcomponents-client"], "id": "CENTOS8_RHSA-2022-1861.NASL", "href": "https://www.tenable.com/plugins/nessus/160900", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2022:1861. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160900);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/10\");\n\n script_cve_id(\"CVE-2020-13956\");\n script_xref(name:\"RHSA\", value:\"2022:1861\");\n script_xref(name:\"IAVA\", value:\"2022-A-0029\");\n\n script_name(english:\"CentOS 8 : maven:3.5 (CESA-2022:1861)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the\nCESA-2022:1861 advisory.\n\n - apache-httpclient: incorrect handling of malformed authority component in request URIs (CVE-2020-13956)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:1861\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected httpcomponents-client package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13956\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8-stream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:httpcomponents-client\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nvar os_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nvar os_ver = os_ver[1];\nif ('CentOS Stream' >!< release) audit(AUDIT_OS_NOT, 'CentOS 8-Stream');\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nvar pkgs = [\n {'reference':'httpcomponents-client-4.5.5-5.module_el8.6.0', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'httpcomponents-client');\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-09T15:56:47", "description": "The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-1860 advisory.\n\n - Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution. (CVE-2020-13956)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}, "published": "2022-05-18T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : maven:3.6 (ELSA-2022-1860)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13956"], "modified": "2022-05-18T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:aopalliance", "p-cpe:/a:oracle:linux:apache-commons-cli", "p-cpe:/a:oracle:linux:apache-commons-codec", "p-cpe:/a:oracle:linux:apache-commons-io", "p-cpe:/a:oracle:linux:apache-commons-lang3", "p-cpe:/a:oracle:linux:atinject", "p-cpe:/a:oracle:linux:cdi-api", "p-cpe:/a:oracle:linux:geronimo-annotation", "p-cpe:/a:oracle:linux:google-guice", "p-cpe:/a:oracle:linux:guava", "p-cpe:/a:oracle:linux:httpcomponents-client", "p-cpe:/a:oracle:linux:httpcomponents-core", "p-cpe:/a:oracle:linux:jansi", "p-cpe:/a:oracle:linux:jcl-over-slf4j", "p-cpe:/a:oracle:linux:jsoup", "p-cpe:/a:oracle:linux:jsr-305", "p-cpe:/a:oracle:linux:maven", "p-cpe:/a:oracle:linux:maven-lib", "p-cpe:/a:oracle:linux:maven-openjdk11", "p-cpe:/a:oracle:linux:maven-openjdk17", "p-cpe:/a:oracle:linux:maven-openjdk8", "p-cpe:/a:oracle:linux:maven-resolver", "p-cpe:/a:oracle:linux:maven-shared-utils", "p-cpe:/a:oracle:linux:maven-wagon", "p-cpe:/a:oracle:linux:plexus-cipher", "p-cpe:/a:oracle:linux:plexus-classworlds", "p-cpe:/a:oracle:linux:plexus-containers-component-annotations", "p-cpe:/a:oracle:linux:plexus-interpolation", "p-cpe:/a:oracle:linux:plexus-sec-dispatcher", "p-cpe:/a:oracle:linux:plexus-utils", "p-cpe:/a:oracle:linux:sisu", "p-cpe:/a:oracle:linux:slf4j"], "id": "ORACLELINUX_ELSA-2022-1860.NASL", "href": "https://www.tenable.com/plugins/nessus/161321", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-1860.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(161321);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2020-13956\");\n\n script_name(english:\"Oracle Linux 8 : maven:3.6 (ELSA-2022-1860)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2022-1860 advisory.\n\n - Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority\n component in request URIs passed to the library as java.net.URI object and pick the wrong target host for\n request execution. (CVE-2020-13956)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-1860.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13956\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:aopalliance\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:apache-commons-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:apache-commons-codec\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:apache-commons-io\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:apache-commons-lang3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:atinject\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:cdi-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:geronimo-annotation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:google-guice\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:guava\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:httpcomponents-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:httpcomponents-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jansi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jcl-over-slf4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jsoup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jsr-305\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:maven\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:maven-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:maven-openjdk11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:maven-openjdk17\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:maven-openjdk8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:maven-resolver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:maven-shared-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:maven-wagon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:plexus-cipher\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:plexus-classworlds\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:plexus-containers-component-annotations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:plexus-interpolation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:plexus-sec-dispatcher\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:plexus-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:sisu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:slf4j\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\nif ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);\n\nvar module_ver = get_kb_item('Host/RedHat/appstream/maven');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module maven:3.6');\nif ('3.6' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module maven:' + module_ver);\n\nvar appstreams = {\n 'maven:3.6': [\n {'reference':'aopalliance-1.0-20.module+el8.6.0+20615+edd0bff8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'apache-commons-cli-1.4-7.module+el8.6.0+20615+edd0bff8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'apache-commons-codec-1.13-3.module+el8.6.0+20615+edd0bff8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'apache-commons-io-2.6-6.module+el8.6.0+20615+edd0bff8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'apache-commons-lang3-3.9-4.module+el8.6.0+20615+edd0bff8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'atinject-1-31.20100611svn86.module+el8.6.0+20615+edd0bff8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'cdi-api-2.0.1-3.module+el8.6.0+20615+edd0bff8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'geronimo-annotation-1.0-26.module+el8.6.0+20615+edd0bff8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'google-guice-4.2.2-4.module+el8.6.0+20615+edd0bff8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'guava-28.1-3.module+el8.6.0+20615+edd0bff8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'httpcomponents-client-4.5.10-4.module+el8.6.0+20615+edd0bff8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'httpcomponents-core-4.4.12-3.module+el8.6.0+20615+edd0bff8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'jansi-1.18-4.module+el8.6.0+20615+edd0bff8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'jcl-over-slf4j-1.7.28-3.module+el8.6.0+20615+edd0bff8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'jsoup-1.12.1-3.module+el8.6.0+20615+edd0bff8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'jsr-305-0-0.25.20130910svn.module+el8.6.0+20615+edd0bff8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'maven-3.6.2-7.module+el8.6.0+20615+edd0bff8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'maven-lib-3.6.2-7.module+el8.6.0+20615+edd0bff8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'maven-openjdk11-3.6.2-7.module+el8.6.0+20615+edd0bff8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'maven-openjdk17-3.6.2-7.module+el8.6.0+20615+edd0bff8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'maven-openjdk8-3.6.2-7.module+el8.6.0+20615+edd0bff8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'maven-resolver-1.4.1-3.module+el8.6.0+20615+edd0bff8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'maven-shared-utils-3.2.1-0.4.module+el8.6.0+20615+edd0bff8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'maven-wagon-3.3.4-2.module+el8.6.0+20615+edd0bff8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plexus-cipher-1.7-17.module+el8.6.0+20615+edd0bff8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plexus-classworlds-2.6.0-4.module+el8.6.0+20615+edd0bff8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plexus-containers-component-annotations-2.1.0-2.module+el8.6.0+20615+edd0bff8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plexus-interpolation-1.26-3.module+el8.6.0+20615+edd0bff8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plexus-sec-dispatcher-1.4-29.module+el8.6.0+20615+edd0bff8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plexus-utils-3.3.0-3.module+el8.6.0+20615+edd0bff8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sisu-0.3.4-2.module+el8.6.0+20615+edd0bff8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'slf4j-1.7.28-3.module+el8.6.0+20615+edd0bff8', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n};\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach var module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach var package_array ( appstreams[module] ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module maven:3.6');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'aopalliance / apache-commons-cli / apache-commons-codec / etc');\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-09T15:57:17", "description": "The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:1861 advisory.\n\n - Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution. (CVE-2020-13956)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}, "published": "2022-05-12T00:00:00", "type": "nessus", "title": "AlmaLinux 8 : maven:3.5 (ALSA-2022:1861)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13956"], "modified": "2022-05-12T00:00:00", "cpe": ["p-cpe:/a:alma:linux:aopalliance", "p-cpe:/a:alma:linux:apache-commons-cli", "p-cpe:/a:alma:linux:apache-commons-codec", "p-cpe:/a:alma:linux:apache-commons-io", "p-cpe:/a:alma:linux:apache-commons-lang3", "p-cpe:/a:alma:linux:apache-commons-logging", "p-cpe:/a:alma:linux:atinject", "p-cpe:/a:alma:linux:cdi-api", "p-cpe:/a:alma:linux:geronimo-annotation", "p-cpe:/a:alma:linux:glassfish-el-api", "p-cpe:/a:alma:linux:google-guice", "p-cpe:/a:alma:linux:guava20", "p-cpe:/a:alma:linux:hawtjni-runtime", "p-cpe:/a:alma:linux:httpcomponents-client", "p-cpe:/a:alma:linux:httpcomponents-core", "p-cpe:/a:alma:linux:jansi", "p-cpe:/a:alma:linux:jansi-native", "p-cpe:/a:alma:linux:jboss-interceptors-1.2-api", "p-cpe:/a:alma:linux:jcl-over-slf4j", "p-cpe:/a:alma:linux:jsoup", "p-cpe:/a:alma:linux:maven", "p-cpe:/a:alma:linux:maven-lib", "p-cpe:/a:alma:linux:maven-resolver-api", "p-cpe:/a:alma:linux:maven-resolver-connector-basic", "p-cpe:/a:alma:linux:maven-resolver-impl", "p-cpe:/a:alma:linux:maven-resolver-spi", "p-cpe:/a:alma:linux:maven-resolver-transport-wagon", "p-cpe:/a:alma:linux:maven-resolver-util", "p-cpe:/a:alma:linux:maven-shared-utils", "p-cpe:/a:alma:linux:maven-wagon-file", "p-cpe:/a:alma:linux:maven-wagon-http", "p-cpe:/a:alma:linux:maven-wagon-http-shared", "p-cpe:/a:alma:linux:maven-wagon-provider-api", "p-cpe:/a:alma:linux:plexus-cipher", "p-cpe:/a:alma:linux:plexus-classworlds", "p-cpe:/a:alma:linux:plexus-containers-component-annotations", "p-cpe:/a:alma:linux:plexus-interpolation", "p-cpe:/a:alma:linux:plexus-sec-dispatcher", "p-cpe:/a:alma:linux:plexus-utils", "p-cpe:/a:alma:linux:sisu-inject", "p-cpe:/a:alma:linux:sisu-plexus", "p-cpe:/a:alma:linux:slf4j", "cpe:/o:alma:linux:8"], "id": "ALMA_LINUX_ALSA-2022-1861.NASL", "href": "https://www.tenable.com/plugins/nessus/161099", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2022:1861.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(161099);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\"CVE-2020-13956\");\n script_xref(name:\"ALSA\", value:\"2022:1861\");\n\n script_name(english:\"AlmaLinux 8 : maven:3.5 (ALSA-2022:1861)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the\nALSA-2022:1861 advisory.\n\n - Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority\n component in request URIs passed to the library as java.net.URI object and pick the wrong target host for\n request execution. (CVE-2020-13956)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/8/ALSA-2022-1861.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13956\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:aopalliance\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:apache-commons-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:apache-commons-codec\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:apache-commons-io\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:apache-commons-lang3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:apache-commons-logging\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:atinject\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:cdi-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:geronimo-annotation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:glassfish-el-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:google-guice\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:guava20\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:hawtjni-runtime\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:httpcomponents-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:httpcomponents-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:jansi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:jansi-native\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:jboss-interceptors-1.2-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:jcl-over-slf4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:jsoup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:maven\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:maven-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:maven-resolver-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:maven-resolver-connector-basic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:maven-resolver-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:maven-resolver-spi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:maven-resolver-transport-wagon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:maven-resolver-util\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:maven-shared-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:maven-wagon-file\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:maven-wagon-http\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:maven-wagon-http-shared\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:maven-wagon-provider-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:plexus-cipher\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:plexus-classworlds\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:plexus-containers-component-annotations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:plexus-interpolation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:plexus-sec-dispatcher\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:plexus-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:sisu-inject\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:sisu-plexus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:slf4j\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(release) || 'AlmaLinux' >!< release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 8.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nvar module_ver = get_kb_item('Host/AlmaLinux/appstream/maven');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module maven:3.5');\nif ('3.5' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module maven:' + module_ver);\n\nvar appstreams = {\n 'maven:3.5': [\n {'reference':'aopalliance-1.0-17.module_el8.6.0+2752+f1f3449e', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'apache-commons-cli-1.4-4.module_el8.6.0+2752+f1f3449e', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'apache-commons-codec-1.11-3.module_el8.6.0+2752+f1f3449e', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'apache-commons-io-2.6-3.module_el8.6.0+2752+f1f3449e', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'apache-commons-lang3-3.7-3.module_el8.6.0+2752+f1f3449e', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'apache-commons-logging-1.2-13.module_el8.6.0+2752+f1f3449e', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'atinject-1-28.20100611svn86.module_el8.6.0+2752+f1f3449e', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'cdi-api-1.2-8.module_el8.6.0+2752+f1f3449e', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'geronimo-annotation-1.0-23.module_el8.6.0+2752+f1f3449e', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glassfish-el-api-3.0.1-0.7.b08.module_el8.6.0+2752+f1f3449e', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'google-guice-4.1-11.module_el8.6.0+2752+f1f3449e', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'guava20-20.0-8.module_el8.6.0+2752+f1f3449e', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hawtjni-runtime-1.16-2.module_el8.6.0+2752+f1f3449e', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'httpcomponents-client-4.5.5-5.module_el8.6.0+2752+f1f3449e', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'httpcomponents-core-4.4.10-3.module_el8.6.0+2752+f1f3449e', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'jansi-1.17.1-1.module_el8.6.0+2752+f1f3449e', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'jansi-native-1.7-7.module_el8.6.0+2752+f1f3449e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'jboss-interceptors-1.2-api-1.0.0-8.module_el8.6.0+2752+f1f3449e', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'jcl-over-slf4j-1.7.25-4.module_el8.6.0+2752+f1f3449e', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'jsoup-1.11.3-3.module_el8.6.0+2752+f1f3449e', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'maven-3.5.4-5.module_el8.6.0+2752+f1f3449e', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'maven-lib-3.5.4-5.module_el8.6.0+2752+f1f3449e', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'maven-resolver-api-1.1.1-2.module_el8.6.0+2752+f1f3449e', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'maven-resolver-connector-basic-1.1.1-2.module_el8.6.0+2752+f1f3449e', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'maven-resolver-impl-1.1.1-2.module_el8.6.0+2752+f1f3449e', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'maven-resolver-spi-1.1.1-2.module_el8.6.0+2752+f1f3449e', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'maven-resolver-transport-wagon-1.1.1-2.module_el8.6.0+2752+f1f3449e', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'maven-resolver-util-1.1.1-2.module_el8.6.0+2752+f1f3449e', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'maven-shared-utils-3.2.1-0.1.module_el8.6.0+2752+f1f3449e', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'maven-wagon-file-3.1.0-1.module_el8.6.0+2752+f1f3449e', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'maven-wagon-http-3.1.0-1.module_el8.6.0+2752+f1f3449e', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'maven-wagon-http-shared-3.1.0-1.module_el8.6.0+2752+f1f3449e', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'maven-wagon-provider-api-3.1.0-1.module_el8.6.0+2752+f1f3449e', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plexus-cipher-1.7-14.module_el8.6.0+2752+f1f3449e', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plexus-classworlds-2.5.2-9.module_el8.6.0+2752+f1f3449e', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plexus-containers-component-annotations-1.7.1-8.module_el8.6.0+2752+f1f3449e', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plexus-interpolation-1.22-9.module_el8.6.0+2752+f1f3449e', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plexus-sec-dispatcher-1.4-26.module_el8.6.0+2752+f1f3449e', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plexus-utils-3.1.0-3.module_el8.6.0+2752+f1f3449e', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sisu-inject-0.3.3-6.module_el8.6.0+2752+f1f3449e', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'sisu-plexus-0.3.3-6.module_el8.6.0+2752+f1f3449e', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'slf4j-1.7.25-4.module_el8.6.0+2752+f1f3449e', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'jansi-native-1.7-7.module_el8.6.0+2752+f1f3449e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n};\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/AlmaLinux/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module maven:3.5');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'aopalliance / apache-commons-cli / apache-commons-codec / etc');\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-09T15:57:51", "description": "The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-1861 advisory.\n\n - Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution. (CVE-2020-13956)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}, "published": "2022-05-18T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : maven:3.5 (ELSA-2022-1861)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13956"], "modified": "2022-05-18T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:aopalliance", "p-cpe:/a:oracle:linux:apache-commons-cli", "p-cpe:/a:oracle:linux:apache-commons-codec", "p-cpe:/a:oracle:linux:apache-commons-io", "p-cpe:/a:oracle:linux:apache-commons-lang3", "p-cpe:/a:oracle:linux:apache-commons-logging", "p-cpe:/a:oracle:linux:atinject", "p-cpe:/a:oracle:linux:cdi-api", "p-cpe:/a:oracle:linux:geronimo-annotation", "p-cpe:/a:oracle:linux:glassfish-el-api", "p-cpe:/a:oracle:linux:google-guice", "p-cpe:/a:oracle:linux:guava20", "p-cpe:/a:oracle:linux:hawtjni-runtime", "p-cpe:/a:oracle:linux:httpcomponents-client", "p-cpe:/a:oracle:linux:httpcomponents-core", "p-cpe:/a:oracle:linux:jansi", "p-cpe:/a:oracle:linux:jansi-native", "p-cpe:/a:oracle:linux:jboss-interceptors-1.2-api", "p-cpe:/a:oracle:linux:jcl-over-slf4j", "p-cpe:/a:oracle:linux:jsoup", "p-cpe:/a:oracle:linux:maven", "p-cpe:/a:oracle:linux:maven-lib", "p-cpe:/a:oracle:linux:maven-resolver-api", "p-cpe:/a:oracle:linux:maven-resolver-connector-basic", "p-cpe:/a:oracle:linux:maven-resolver-impl", "p-cpe:/a:oracle:linux:maven-resolver-spi", "p-cpe:/a:oracle:linux:maven-resolver-transport-wagon", "p-cpe:/a:oracle:linux:maven-resolver-util", "p-cpe:/a:oracle:linux:maven-shared-utils", "p-cpe:/a:oracle:linux:maven-wagon-file", "p-cpe:/a:oracle:linux:maven-wagon-http", "p-cpe:/a:oracle:linux:maven-wagon-http-shared", "p-cpe:/a:oracle:linux:maven-wagon-provider-api", "p-cpe:/a:oracle:linux:plexus-cipher", "p-cpe:/a:oracle:linux:plexus-classworlds", "p-cpe:/a:oracle:linux:plexus-containers-component-annotations", "p-cpe:/a:oracle:linux:plexus-interpolation", "p-cpe:/a:oracle:linux:plexus-sec-dispatcher", "p-cpe:/a:oracle:linux:plexus-utils", "p-cpe:/a:oracle:linux:sisu-inject", "p-cpe:/a:oracle:linux:sisu-plexus", "p-cpe:/a:oracle:linux:slf4j"], "id": "ORACLELINUX_ELSA-2022-1861.NASL", "href": "https://www.tenable.com/plugins/nessus/161296", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-1861.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(161296);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2020-13956\");\n\n script_name(english:\"Oracle Linux 8 : maven:3.5 (ELSA-2022-1861)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2022-1861 advisory.\n\n - Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority\n component in request URIs passed to the library as java.net.URI object and pick the wrong target host for\n request execution. (CVE-2020-13956)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-1861.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13956\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:aopalliance\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:apache-commons-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:apache-commons-codec\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:apache-commons-io\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:apache-commons-lang3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:apache-commons-logging\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:atinject\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:cdi-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:geronimo-annotation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:glassfish-el-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:google-guice\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:guava20\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:hawtjni-runtime\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:httpcomponents-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:httpcomponents-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jansi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jansi-native\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jboss-interceptors-1.2-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jcl-over-slf4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jsoup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:maven\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:maven-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:maven-resolver-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:maven-resolver-connector-basic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:maven-resolver-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:maven-resolver-spi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:maven-resolver-transport-wagon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:maven-resolver-util\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:maven-shared-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:maven-wagon-file\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:maven-wagon-http\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:maven-wagon-http-shared\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:maven-wagon-provider-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:plexus-cipher\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:plexus-classworlds\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:plexus-containers-component-annotations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:plexus-interpolation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:plexus-sec-dispatcher\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:plexus-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:sisu-inject\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:sisu-plexus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:slf4j\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar module_ver = get_kb_item('Host/RedHat/appstream/maven');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module maven:3.5');\nif ('3.5' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module maven:' + module_ver);\n\nvar appstreams = {\n 'maven:3.5': [\n {'reference':'aopalliance-1.0-17.module+el8+5161+5cac467c', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'apache-commons-cli-1.4-4.module+el8+5161+5cac467c', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'apache-commons-codec-1.11-3.module+el8+5161+5cac467c', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'apache-commons-io-2.6-3.module+el8+5161+5cac467c', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'apache-commons-lang3-3.7-3.module+el8+5161+5cac467c', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'apache-commons-logging-1.2-13.module+el8+5161+5cac467c', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'atinject-1-28.20100611svn86.module+el8+5161+5cac467c', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'cdi-api-1.2-8.module+el8+5161+5cac467c', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'geronimo-annotation-1.0-23.module+el8+5161+5cac467c', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glassfish-el-api-3.0.1-0.7.b08.module+el8+5161+5cac467c', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'google-guice-4.1-11.module+el8+5161+5cac467c', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'guava20-20.0-8.module+el8+5161+5cac467c', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hawtjni-runtime-1.16-2.module+el8+5161+5cac467c', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'httpcomponents-client-4.5.5-5.module+el8.6.0+20537+63b96daa', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'httpcomponents-core-4.4.10-3.module+el8+5161+5cac467c', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'jansi-1.17.1-1.module+el8+5161+5cac467c', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'jansi-native-1.7-7.module+el8+5161+5cac467c', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'jansi-native-1.7-7.module+el8+5161+5cac467c', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'jboss-interceptors-1.2-api-1.0.0-8.module+el8+5161+5cac467c', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'jcl-over-slf4j-1.7.25-4.module+el8+5161+5cac467c', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'jsoup-1.11.3-3.module+el8+5161+5cac467c', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'maven-3.5.4-5.module+el8+5161+5cac467c', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'maven-lib-3.5.4-5.module+el8+5161+5cac467c', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'maven-resolver-api-1.1.1-2.module+el8+5161+5cac467c', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'maven-resolver-connector-basic-1.1.1-2.module+el8+5161+5cac467c', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'maven-resolver-impl-1.1.1-2.module+el8+5161+5cac467c', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'maven-resolver-spi-1.1.1-2.module+el8+5161+5cac467c', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'maven-resolver-transport-wagon-1.1.1-2.module+el8+5161+5cac467c', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'maven-resolver-util-1.1.1-2.module+el8+5161+5cac467c', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'maven-shared-utils-3.2.1-0.1.module+el8+5161+5cac467c', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'maven-wagon-file-3.1.0-1.module+el8+5161+5cac467c', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'maven-wagon-http-3.1.0-1.module+el8+5161+5cac467c', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'maven-wagon-http-shared-3.1.0-1.module+el8+5161+5cac467c', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'maven-wagon-provider-api-3.1.0-1.module+el8+5161+5cac467c', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plexus-cipher-1.7-14.module+el8+5161+5cac467c', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plexus-classworlds-2.5.2-9.module+el8+5161+5cac467c', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plexus-containers-component-annotations-1.7.1-8.module+el8+5161+5cac467c', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plexus-interpolation-1.22-9.module+el8+5161+5cac467c', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plexus-sec-dispatcher-1.4-26.module+el8+5161+5cac467c', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plexus-utils-3.1.0-3.module+el8+5161+5cac467c', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sisu-inject-0.3.3-6.module+el8+5161+5cac467c', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'sisu-plexus-0.3.3-6.module+el8+5161+5cac467c', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'slf4j-1.7.25-4.module+el8+5161+5cac467c', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n};\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach var module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach var package_array ( appstreams[module] ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module maven:3.5');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'aopalliance / apache-commons-cli / apache-commons-codec / etc');\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-09T15:55:40", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:1860 advisory.\n\n - apache-httpclient: incorrect handling of malformed authority component in request URIs (CVE-2020-13956)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}, "published": "2022-05-11T00:00:00", "type": "nessus", "title": "RHEL 8 : maven:3.6 (RHSA-2022:1860)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13956"], "modified": "2022-05-11T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:aopalliance", "p-cpe:/a:redhat:enterprise_linux:apache-commons-cli", "p-cpe:/a:redhat:enterprise_linux:apache-commons-codec", "p-cpe:/a:redhat:enterprise_linux:apache-commons-io", "p-cpe:/a:redhat:enterprise_linux:apache-commons-lang3", "p-cpe:/a:redhat:enterprise_linux:atinject", "p-cpe:/a:redhat:enterprise_linux:cdi-api", "p-cpe:/a:redhat:enterprise_linux:geronimo-annotation", "p-cpe:/a:redhat:enterprise_linux:google-guice", "p-cpe:/a:redhat:enterprise_linux:guava", "p-cpe:/a:redhat:enterprise_linux:httpcomponents-client", "p-cpe:/a:redhat:enterprise_linux:httpcomponents-core", "p-cpe:/a:redhat:enterprise_linux:jansi", "p-cpe:/a:redhat:enterprise_linux:jcl-over-slf4j", "p-cpe:/a:redhat:enterprise_linux:jsoup", "p-cpe:/a:redhat:enterprise_linux:jsr-305", "p-cpe:/a:redhat:enterprise_linux:maven", "p-cpe:/a:redhat:enterprise_linux:maven-lib", "p-cpe:/a:redhat:enterprise_linux:maven-openjdk11", "p-cpe:/a:redhat:enterprise_linux:maven-openjdk17", "p-cpe:/a:redhat:enterprise_linux:maven-openjdk8", "p-cpe:/a:redhat:enterprise_linux:maven-resolver", "p-cpe:/a:redhat:enterprise_linux:maven-shared-utils", "p-cpe:/a:redhat:enterprise_linux:maven-wagon", "p-cpe:/a:redhat:enterprise_linux:plexus-cipher", "p-cpe:/a:redhat:enterprise_linux:plexus-classworlds", "p-cpe:/a:redhat:enterprise_linux:plexus-containers-component-annotations", "p-cpe:/a:redhat:enterprise_linux:plexus-interpolation", "p-cpe:/a:redhat:enterprise_linux:plexus-sec-dispatcher", "p-cpe:/a:redhat:enterprise_linux:plexus-utils", "p-cpe:/a:redhat:enterprise_linux:sisu", "p-cpe:/a:redhat:enterprise_linux:slf4j"], "id": "REDHAT-RHSA-2022-1860.NASL", "href": "https://www.tenable.com/plugins/nessus/161010", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:1860. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(161010);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/11\");\n\n script_cve_id(\"CVE-2020-13956\");\n script_xref(name:\"RHSA\", value:\"2022:1860\");\n script_xref(name:\"IAVA\", value:\"2022-A-0029\");\n\n script_name(english:\"RHEL 8 : maven:3.6 (RHSA-2022:1860)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2022:1860 advisory.\n\n - apache-httpclient: incorrect handling of malformed authority component in request URIs (CVE-2020-13956)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-13956\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:1860\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1886587\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13956\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:aopalliance\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-commons-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-commons-codec\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-commons-io\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-commons-lang3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atinject\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cdi-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:geronimo-annotation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:google-guice\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:guava\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpcomponents-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpcomponents-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jansi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jcl-over-slf4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jsoup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jsr-305\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:maven\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:maven-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:maven-openjdk11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:maven-openjdk17\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:maven-openjdk8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:maven-resolver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:maven-shared-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:maven-wagon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:plexus-cipher\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:plexus-classworlds\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:plexus-containers-component-annotations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:plexus-interpolation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:plexus-sec-dispatcher\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:plexus-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sisu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:slf4j\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'enterprise_linux_8_appstream': [\n 'rhel-8-for-aarch64-appstream-debug-rpms',\n 'rhel-8-for-aarch64-appstream-rpms',\n 'rhel-8-for-aarch64-appstream-source-rpms',\n 'rhel-8-for-s390x-appstream-debug-rpms',\n 'rhel-8-for-s390x-appstream-rpms',\n 'rhel-8-for-s390x-appstream-source-rpms',\n 'rhel-8-for-x86_64-appstream-debug-rpms',\n 'rhel-8-for-x86_64-appstream-rpms',\n 'rhel-8-for-x86_64-appstream-source-rpms'\n ],\n 'enterprise_linux_8_baseos': [\n 'rhel-8-for-aarch64-baseos-debug-rpms',\n 'rhel-8-for-aarch64-baseos-rpms',\n 'rhel-8-for-aarch64-baseos-source-rpms',\n 'rhel-8-for-s390x-baseos-debug-rpms',\n 'rhel-8-for-s390x-baseos-rpms',\n 'rhel-8-for-s390x-baseos-source-rpms',\n 'rhel-8-for-x86_64-baseos-debug-rpms',\n 'rhel-8-for-x86_64-baseos-rpms',\n 'rhel-8-for-x86_64-baseos-source-rpms'\n ],\n 'enterprise_linux_8_crb': [\n 'codeready-builder-for-rhel-8-aarch64-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-aarch64-rpms',\n 'codeready-builder-for-rhel-8-aarch64-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-rpms',\n 'codeready-builder-for-rhel-8-s390x-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-rpms',\n 'codeready-builder-for-rhel-8-x86_64-source-rpms'\n ],\n 'enterprise_linux_8_highavailability': [\n 'rhel-8-for-aarch64-highavailability-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms',\n 'rhel-8-for-aarch64-highavailability-rpms',\n 'rhel-8-for-aarch64-highavailability-source-rpms',\n 'rhel-8-for-s390x-highavailability-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-rpms',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms',\n 'rhel-8-for-s390x-highavailability-rpms',\n 'rhel-8-for-s390x-highavailability-source-rpms',\n 'rhel-8-for-x86_64-highavailability-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-rpms',\n 'rhel-8-for-x86_64-highavailability-source-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms'\n ],\n 'enterprise_linux_8_nfv': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-nfv-tus-debug-rpms',\n 'rhel-8-for-x86_64-nfv-tus-rpms',\n 'rhel-8-for-x86_64-nfv-tus-source-rpms'\n ],\n 'enterprise_linux_8_realtime': [\n 'rhel-8-for-x86_64-rt-debug-rpms',\n 'rhel-8-for-x86_64-rt-rpms',\n 'rhel-8-for-x86_64-rt-source-rpms',\n 'rhel-8-for-x86_64-rt-tus-debug-rpms',\n 'rhel-8-for-x86_64-rt-tus-rpms',\n 'rhel-8-for-x86_64-rt-tus-source-rpms'\n ],\n 'enterprise_linux_8_resilientstorage': [\n 'rhel-8-for-s390x-resilientstorage-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms',\n 'rhel-8-for-s390x-resilientstorage-rpms',\n 'rhel-8-for-s390x-resilientstorage-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-rpms',\n 'rhel-8-for-x86_64-resilientstorage-source-rpms'\n ],\n 'enterprise_linux_8_sap': [\n 'rhel-8-for-s390x-sap-netweaver-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-s390x-sap-netweaver-rpms',\n 'rhel-8-for-s390x-sap-netweaver-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-source-rpms'\n ],\n 'enterprise_linux_8_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-rpms',\n 'rhel-8-for-x86_64-sap-solutions-source-rpms'\n ],\n 'enterprise_linux_8_supplementary': [\n 'rhel-8-for-aarch64-supplementary-eus-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms',\n 'rhel-8-for-aarch64-supplementary-rpms',\n 'rhel-8-for-aarch64-supplementary-source-rpms',\n 'rhel-8-for-s390x-supplementary-eus-rpms',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms',\n 'rhel-8-for-s390x-supplementary-rpms',\n 'rhel-8-for-s390x-supplementary-source-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms',\n 'rhel-8-for-x86_64-supplementary-rpms',\n 'rhel-8-for-x86_64-supplementary-source-rpms'\n ],\n 'rhel_aus_8_6_appstream': [\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms__8_DOT_6'\n ],\n 'rhel_aus_8_6_baseos': [\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-baseos-aus-rpms',\n 'rhel-8-for-x86_64-baseos-aus-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms__8_DOT_6'\n ],\n 'rhel_e4s_8_6_appstream': [\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms__8_DOT_6'\n ],\n 'rhel_e4s_8_6_baseos': [\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms__8_DOT_6'\n ],\n 'rhel_e4s_8_6_highavailability': [\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms__8_DOT_6'\n ],\n 'rhel_e4s_8_6_sap': [\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms__8_DOT_6'\n ],\n 'rhel_e4s_8_6_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms__8_DOT_6'\n ],\n 'rhel_eus_8_6_appstream': [\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms',\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms__8_DOT_6',\n 'rhel-8-for-aarch64-appstream-eus-rpms',\n 'rhel-8-for-aarch64-appstream-eus-rpms__8_DOT_6',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms__8_DOT_6',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms__8_DOT_6',\n 'rhel-8-for-s390x-appstream-eus-rpms',\n 'rhel-8-for-s390x-appstream-eus-rpms__8_DOT_6',\n 'rhel-8-for-s390x-appstream-eus-source-rpms',\n 'rhel-8-for-s390x-appstream-eus-source-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-appstream-eus-rpms',\n 'rhel-8-for-x86_64-appstream-eus-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms'\n ],\n 'rhel_eus_8_6_baseos': [\n 'rhel-8-for-aarch64-baseos-eus-debug-rpms',\n 'rhel-8-for-aarch64-baseos-eus-debug-rpms__8_DOT_6',\n 'rhel-8-for-aarch64-baseos-eus-rpms',\n 'rhel-8-for-aarch64-baseos-eus-rpms__8_DOT_6',\n 'rhel-8-for-aarch64-baseos-eus-source-rpms',\n 'rhel-8-for-aarch64-baseos-eus-source-rpms__8_DOT_6',\n 'rhel-8-for-s390x-baseos-eus-debug-rpms',\n 'rhel-8-for-s390x-baseos-eus-debug-rpms__8_DOT_6',\n 'rhel-8-for-s390x-baseos-eus-rpms',\n 'rhel-8-for-s390x-baseos-eus-rpms__8_DOT_6',\n 'rhel-8-for-s390x-baseos-eus-source-rpms',\n 'rhel-8-for-s390x-baseos-eus-source-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-aus-rpms',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-eus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-eus-debug-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-baseos-eus-rpms',\n 'rhel-8-for-x86_64-baseos-eus-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-baseos-eus-source-rpms',\n 'rhel-8-for-x86_64-baseos-eus-source-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-tus-rpms',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms'\n ],\n 'rhel_eus_8_6_crb': [\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms__8_DOT_6',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms__8_DOT_6',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms__8_DOT_6',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms__8_DOT_6',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms__8_DOT_6',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms__8_DOT_6',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms__8_DOT_6',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms__8_DOT_6',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms__8_DOT_6'\n ],\n 'rhel_eus_8_6_highavailability': [\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms__8_DOT_6',\n 'rhel-8-for-aarch64-highavailability-eus-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-rpms__8_DOT_6',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms__8_DOT_6',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms__8_DOT_6',\n 'rhel-8-for-s390x-highavailability-eus-rpms',\n 'rhel-8-for-s390x-highavailability-eus-rpms__8_DOT_6',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-highavailability-eus-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms'\n ],\n 'rhel_eus_8_6_resilientstorage': [\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms__8_DOT_6',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms__8_DOT_6',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms__8_DOT_6'\n ],\n 'rhel_eus_8_6_sap': [\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms__8_DOT_6',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms__8_DOT_6',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms__8_DOT_6'\n ],\n 'rhel_eus_8_6_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms__8_DOT_6'\n ],\n 'rhel_eus_8_6_supplementary': [\n 'rhel-8-for-aarch64-supplementary-eus-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-rpms__8_DOT_6',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms__8_DOT_6',\n 'rhel-8-for-s390x-supplementary-eus-rpms',\n 'rhel-8-for-s390x-supplementary-eus-rpms__8_DOT_6',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-supplementary-eus-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms__8_DOT_6'\n ],\n 'rhel_tus_8_6_appstream': [\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms__8_DOT_6'\n ],\n 'rhel_tus_8_6_baseos': [\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-baseos-tus-rpms',\n 'rhel-8-for-x86_64-baseos-tus-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms__8_DOT_6'\n ],\n 'rhel_tus_8_6_highavailability': [\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms__8_DOT_6'\n ],\n 'rhel_tus_8_6_realtime': [\n 'rhel-8-for-x86_64-rt-tus-rpms',\n 'rhel-8-for-x86_64-rt-tus-rpms__8_DOT_6',\n 'rhel-8-for-x86_64-rt-tus-source-rpms',\n 'rhel-8-for-x86_64-rt-tus-source-rpms__8_DOT_6'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nvar enterprise_linux_flag = rhel_repo_sets_has_enterprise_linux(repo_sets:repo_sets);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar pkgs = [\n {'reference':'aopalliance-1.0-20.module+el8.6.0+13337+afcb49ec', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'apache-commons-cli-1.4-7.module+el8.6.0+13337+afcb49ec', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'apache-commons-codec-1.13-3.module+el8.6.0+13337+afcb49ec', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'apache-commons-io-2.6-6.module+el8.6.0+13337+afcb49ec', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'apache-commons-lang3-3.9-4.module+el8.6.0+13337+afcb49ec', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'atinject-1-31.20100611svn86.module+el8.6.0+13337+afcb49ec', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'cdi-api-2.0.1-3.module+el8.6.0+13337+afcb49ec', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'geronimo-annotation-1.0-26.module+el8.6.0+13337+afcb49ec', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'google-guice-4.2.2-4.module+el8.6.0+13337+afcb49ec', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'guava-28.1-3.module+el8.6.0+13337+afcb49ec', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'httpcomponents-client-4.5.10-4.module+el8.6.0+13337+afcb49ec', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'httpcomponents-core-4.4.12-3.module+el8.6.0+13337+afcb49ec', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'jansi-1.18-4.module+el8.6.0+13337+afcb49ec', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'jcl-over-slf4j-1.7.28-3.module+el8.6.0+13337+afcb49ec', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'jsoup-1.12.1-3.module+el8.6.0+13337+afcb49ec', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'jsr-305-0-0.25.20130910svn.module+el8.6.0+13337+afcb49ec', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'maven-3.6.2-7.module+el8.6.0+13337+afcb49ec', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'maven-lib-3.6.2-7.module+el8.6.0+13337+afcb49ec', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'maven-openjdk11-3.6.2-7.module+el8.6.0+13337+afcb49ec', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'maven-openjdk17-3.6.2-7.module+el8.6.0+13337+afcb49ec', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'maven-openjdk8-3.6.2-7.module+el8.6.0+13337+afcb49ec', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'maven-resolver-1.4.1-3.module+el8.6.0+13337+afcb49ec', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'maven-shared-utils-3.2.1-0.4.module+el8.6.0+13337+afcb49ec', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'maven-wagon-3.3.4-2.module+el8.6.0+13337+afcb49ec', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'plexus-cipher-1.7-17.module+el8.6.0+13337+afcb49ec', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'plexus-classworlds-2.6.0-4.module+el8.6.0+13337+afcb49ec', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'plexus-containers-component-annotations-2.1.0-2.module+el8.6.0+13337+afcb49ec', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'plexus-interpolation-1.26-3.module+el8.6.0+13337+afcb49ec', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'plexus-sec-dispatcher-1.4-29.module+el8.6.0+13337+afcb49ec', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'plexus-utils-3.3.0-3.module+el8.6.0+13337+afcb49ec', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'sisu-0.3.4-2.module+el8.6.0+13337+afcb49ec', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']},\n {'reference':'slf4j-1.7.28-3.module+el8.6.0+13337+afcb49ec', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_6_appstream', 'rhel_aus_8_6_baseos', 'rhel_e4s_8_6_appstream', 'rhel_e4s_8_6_baseos', 'rhel_e4s_8_6_highavailability', 'rhel_e4s_8_6_sap', 'rhel_e4s_8_6_sap_hana', 'rhel_eus_8_6_appstream', 'rhel_eus_8_6_baseos', 'rhel_eus_8_6_crb', 'rhel_eus_8_6_highavailability', 'rhel_eus_8_6_resilientstorage', 'rhel_eus_8_6_sap', 'rhel_eus_8_6_sap_hana', 'rhel_eus_8_6_supplementary', 'rhel_tus_8_6_appstream', 'rhel_tus_8_6_baseos', 'rhel_tus_8_6_highavailability', 'rhel_tus_8_6_realtime']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp']) && !enterprise_linux_flag) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'aopalliance / apache-commons-cli / apache-commons-codec / etc');\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-16T15:33:39", "description": "Oleg Kalnichevski discovered that httpcomponents-client, a Java library for building HTTP-aware applications, can misinterpret a malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.\n\nFor Debian 9 stretch, this problem has been fixed in version 4.5.2-2+deb9u1.\n\nWe recommend that you upgrade your httpcomponents-client packages.\n\nFor the detailed security status of httpcomponents-client please refer to its security tracker page at:\nhttps://security-tracker.debian.org/tracker/httpcomponents-client\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}, "published": "2020-10-12T00:00:00", "type": "nessus", "title": "Debian DLA-2405-1 : httpcomponents-client security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13956"], "modified": "2020-12-09T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libhttpclient-java", "p-cpe:/a:debian:debian_linux:libhttpmime-java", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DLA-2405.NASL", "href": "https://www.tenable.com/plugins/nessus/141389", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-2405-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(141389);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/09\");\n\n script_cve_id(\"CVE-2020-13956\");\n\n script_name(english:\"Debian DLA-2405-1 : httpcomponents-client security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Oleg Kalnichevski discovered that httpcomponents-client, a Java\nlibrary for building HTTP-aware applications, can misinterpret a\nmalformed authority component in request URIs passed to the library as\njava.net.URI object and pick the wrong target host for request\nexecution.\n\nFor Debian 9 stretch, this problem has been fixed in version\n4.5.2-2+deb9u1.\n\nWe recommend that you upgrade your httpcomponents-client packages.\n\nFor the detailed security status of httpcomponents-client please refer\nto its security tracker page at:\nhttps://security-tracker.debian.org/tracker/httpcomponents-client\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2020/10/msg00017.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/httpcomponents-client\"\n );\n # https://security-tracker.debian.org/tracker/source-package/httpcomponents-client\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b8b769c2\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libhttpclient-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libhttpmime-java\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libhttpclient-java\", reference:\"4.5.2-2+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libhttpmime-java\", reference:\"4.5.2-2+deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-16T15:32:21", "description": "Priyank Nigam discovered that HttpComponents Client, a Java HTTP agent implementation, could misinterpret malformed authority component in a request URI and pick the wrong target host for request execution.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}, "published": "2020-10-15T00:00:00", "type": "nessus", "title": "Debian DSA-4772-1 : httpcomponents-client - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13956"], "modified": "2020-12-09T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:httpcomponents-client", "cpe:/o:debian:debian_linux:10.0"], "id": "DEBIAN_DSA-4772.NASL", "href": "https://www.tenable.com/plugins/nessus/141464", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4772. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(141464);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/09\");\n\n script_cve_id(\"CVE-2020-13956\");\n script_xref(name:\"DSA\", value:\"4772\");\n\n script_name(english:\"Debian DSA-4772-1 : httpcomponents-client - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Priyank Nigam discovered that HttpComponents Client, a Java HTTP agent\nimplementation, could misinterpret malformed authority component in a\nrequest URI and pick the wrong target host for request execution.\"\n );\n # https://security-tracker.debian.org/tracker/source-package/httpcomponents-client\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b8b769c2\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/buster/httpcomponents-client\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2020/dsa-4772\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade the httpcomponents-client packages.\n\nFor the stable distribution (buster), this problem has been fixed in\nversion 4.5.7-1+deb10u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:httpcomponents-client\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"10.0\", prefix:\"libhttpclient-java\", reference:\"4.5.7-1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libhttpmime-java\", reference:\"4.5.7-1+deb10u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-17T14:53:52", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:1186 advisory.\n\n - nodejs-bootstrap-select: not escaping title values on may lead to XSS (CVE-2019-20921)\n\n - datatables.net: prototype pollution if 'constructor' were used in a data property name (CVE-2020-28458)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}, "published": "2021-04-15T00:00:00", "type": "nessus", "title": "RHEL 8 : RHV Manager (ovirt-engine) 4.4.z [ovirt-4.4.5] 0-day security, bug fix, enhance (Moderate) (RHSA-2021:1186)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-20921", "CVE-2020-28458"], "modified": "2021-10-07T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-ui-extensions"], "id": "REDHAT-RHSA-2021-1186.NASL", "href": "https://www.tenable.com/plugins/nessus/148566", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:1186. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148566);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/07\");\n\n script_cve_id(\"CVE-2019-20921\", \"CVE-2020-28458\");\n script_xref(name:\"RHSA\", value:\"2021:1186\");\n\n script_name(english:\"RHEL 8 : RHV Manager (ovirt-engine) 4.4.z [ovirt-4.4.5] 0-day security, bug fix, enhance (Moderate) (RHSA-2021:1186)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:1186 advisory.\n\n - nodejs-bootstrap-select: not escaping title values on may lead to XSS (CVE-2019-20921)\n\n - datatables.net: prototype pollution if 'constructor' were used in a data property name (CVE-2020-28458)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/79.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/400.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-20921\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-28458\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:1186\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1882273\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1908441\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ovirt-engine-ui-extensions package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-28458\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(79, 400);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/09/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-ui-extensions\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'rhev_manager_4_4_el8': [\n 'rhv-4.4-manager-for-rhel-8-x86_64-debug-rpms',\n 'rhv-4.4-manager-for-rhel-8-x86_64-rpms',\n 'rhv-4.4-manager-for-rhel-8-x86_64-source-rpms'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'ovirt-engine-ui-extensions-1.2.5-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'ovirt-engine-ui-extensions');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-12T15:13:31", "description": "The Apache Maven project reports :\n\nWe received a report from Jonathan Leitschuh about a vulnerability of custom repositories in dependency POMs. We've split this up into three separate issues :\n\n- Possible Man-In-The-Middle-Attack due to custom repositories using HTTP.\n\nMore and more repositories use HTTPS nowadays, but this hasn't always been the case. This means that Maven Central contains POMs with custom repositories that refer to a URL over HTTP. This makes downloads via such repository a target for a MITM attack. At the same time, developers are probably not aware that for some downloads an insecure URL is being used. Because uploaded POMs to Maven Central are immutable, a change for Maven was required. To solve this, we extended the mirror configuration with blocked parameter, and we added a new external:http:* mirror selector (like existing external:*), meaning 'any external URL using HTTP'.\n\nThe decision was made to block such external HTTP repositories by default : this is done by providing a mirror in the conf/settings.xml blocking insecure HTTP external URLs.\n\n- Possible Domain Hijacking due to custom repositories using abandoned domains\n\nSonatype has analyzed which domains were abandoned and has claimed these domains.\n\n- Possible hijacking of downloads by redirecting to custom repositories\n\nThis one was the hardest to analyze and explain. The short story is :\nyou're safe, dependencies are only downloaded from repositories within their context. So there are two main questions: what is the context and what is the order? The order is described on the Repository Order page. The first group of repositories are defined in the settings.xml (both user and global). The second group of repositories are based on inheritence, with ultimately the super POM containing the URL to Maven Central. The third group is the most complex one but is important to understand the term context: repositories from the effective POMs from the dependency path to the artifact. So if a dependency was defined by another dependency or by a Maven project, it will also include their repositories. In the end this is not a bug, but a design feature.", "cvss3": {"score": 9.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}, "published": "2021-04-19T00:00:00", "type": "nessus", "title": "FreeBSD : Apache Maven -- multiple vulnerabilities (20006b5f-a0bc-11eb-8ae6-fc4dd43e2b6a)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13956", "CVE-2021-26291"], "modified": "2021-05-07T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:maven", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_20006B5FA0BC11EB8AE6FC4DD43E2B6A.NASL", "href": "https://www.tenable.com/plugins/nessus/148748", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2021 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(148748);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/05/07\");\n\n script_cve_id(\"CVE-2020-13956\", \"CVE-2021-26291\");\n\n script_name(english:\"FreeBSD : Apache Maven -- multiple vulnerabilities (20006b5f-a0bc-11eb-8ae6-fc4dd43e2b6a)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The Apache Maven project reports :\n\nWe received a report from Jonathan Leitschuh about a vulnerability of\ncustom repositories in dependency POMs. We've split this up into three\nseparate issues :\n\n- Possible Man-In-The-Middle-Attack due to custom repositories using\nHTTP.\n\nMore and more repositories use HTTPS nowadays, but this hasn't always\nbeen the case. This means that Maven Central contains POMs with custom\nrepositories that refer to a URL over HTTP. This makes downloads via\nsuch repository a target for a MITM attack. At the same time,\ndevelopers are probably not aware that for some downloads an insecure\nURL is being used. Because uploaded POMs to Maven Central are\nimmutable, a change for Maven was required. To solve this, we extended\nthe mirror configuration with blocked parameter, and we added a new\nexternal:http:* mirror selector (like existing external:*), meaning\n'any external URL using HTTP'.\n\nThe decision was made to block such external HTTP repositories by\ndefault : this is done by providing a mirror in the conf/settings.xml\nblocking insecure HTTP external URLs.\n\n- Possible Domain Hijacking due to custom repositories using abandoned\ndomains\n\nSonatype has analyzed which domains were abandoned and has claimed\nthese domains.\n\n- Possible hijacking of downloads by redirecting to custom\nrepositories\n\nThis one was the hardest to analyze and explain. The short story is :\nyou're safe, dependencies are only downloaded from repositories within\ntheir context. So there are two main questions: what is the context\nand what is the order? The order is described on the Repository Order\npage. The first group of repositories are defined in the settings.xml\n(both user and global). The second group of repositories are based on\ninheritence, with ultimately the super POM containing the URL to Maven\nCentral. The third group is the most complex one but is important to\nunderstand the term context: repositories from the effective POMs from\nthe dependency path to the artifact. So if a dependency was defined by\nanother dependency or by a Maven project, it will also include their\nrepositories. In the end this is not a bug, but a design feature.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://maven.apache.org/docs/3.8.1/release-notes.html#cve-2021-26291\"\n );\n # https://vuxml.freebsd.org/freebsd/20006b5f-a0bc-11eb-8ae6-fc4dd43e2b6a.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?db7a98a5\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-26291\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:maven\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/04/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"maven<3.8.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2022-06-16T15:00:54", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2047 advisory.\n\n - velocity: arbitrary code execution when attacker is able to modify templates (CVE-2020-13936)\n\n - netty: Information disclosure via the local system temporary directory (CVE-2021-21290)\n\n - netty: possible request smuggling in HTTP/2 due missing validation (CVE-2021-21295)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-05-21T00:00:00", "type": "nessus", "title": "RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.3.7 security update on RHEL 7 (Moderate) (RHSA-2021:2047)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13936", "CVE-2021-21290", "CVE-2021-21295"], "modified": "2021-10-07T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:eap7-artemis-wildfly-integration", "p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle", "p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle-mail", "p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle-pkix", "p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle-prov", "p-cpe:/a:redhat:enterprise_linux:eap7-hal-console", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-jdbc", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-remote", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-client-hotrod", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-commons", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-core", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-commons", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-spi", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-v53", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-api", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-spi", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-api", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-deployers-common", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-jdbc", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-validator", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4-to-eap7.3", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.2-to-eap7.3", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.3-server", "p-cpe:/a:redhat:enterprise_linux:eap7-jgroups-kubernetes", "p-cpe:/a:redhat:enterprise_linux:eap7-mod_cluster", "p-cpe:/a:redhat:enterprise_linux:eap7-netty", "p-cpe:/a:redhat:enterprise_linux:eap7-netty-all", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-atom-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-cdi", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-client", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-client-microprofile", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-crypto", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson2-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxb-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxrs", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jettison-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jose-jwt", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jsapi", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-json-binding-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-json-p-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-multipart-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-rxjava2", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-spring", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-validator-provider-11", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-yaml-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-undertow", "p-cpe:/a:redhat:enterprise_linux:eap7-velocity", "p-cpe:/a:redhat:enterprise_linux:eap7-velocity-engine-core", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-core", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-core-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-core-jsf", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-ejb", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-jta", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-probe-core", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-web", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron-tool", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-client-common", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-ejb-client", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-naming-client", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-transaction-client", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-java-jdk11", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-java-jdk8", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules", "p-cpe:/a:redhat:enterprise_linux:eap7-xalan-j2", "p-cpe:/a:redhat:enterprise_linux:eap7-yasson"], "id": "REDHAT-RHSA-2021-2047.NASL", "href": "https://www.tenable.com/plugins/nessus/149841", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:2047. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(149841);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/07\");\n\n script_cve_id(\"CVE-2020-13936\", \"CVE-2021-21290\", \"CVE-2021-21295\");\n script_xref(name:\"RHSA\", value:\"2021:2047\");\n\n script_name(english:\"RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.3.7 security update on RHEL 7 (Moderate) (RHSA-2021:2047)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:2047 advisory.\n\n - velocity: arbitrary code execution when attacker is able to modify templates (CVE-2020-13936)\n\n - netty: Information disclosure via the local system temporary directory (CVE-2021-21290)\n\n - netty: possible request smuggling in HTTP/2 due missing validation (CVE-2021-21295)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/77.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/94.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/200.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/444.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-13936\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-21290\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-21295\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:2047\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1927028\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1937364\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1937440\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13936\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(77, 94, 200, 444);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/05/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/05/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-artemis-wildfly-integration\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle-mail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle-pkix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle-prov\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hal-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-remote\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-client-hotrod\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-commons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-commons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-spi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-v53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-spi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-deployers-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-validator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4-to-eap7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.2-to-eap7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.3-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jgroups-kubernetes\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-mod_cluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-netty\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-netty-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-atom-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-cdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-client-microprofile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-crypto\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson2-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxb-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxrs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jettison-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jose-jwt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jsapi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-json-binding-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-json-p-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-multipart-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-rxjava2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-spring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-validator-provider-11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-yaml-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-undertow\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-velocity\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-velocity-engine-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-core-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-core-jsf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-ejb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-jta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-probe-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-web\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron-tool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-client-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-ejb-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-naming-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-transaction-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-java-jdk11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-java-jdk8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-xalan-j2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-yasson\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'jboss_enterprise_application_platform_7_3_el7': [\n 'jb-eap-7.3-for-rhel-7-server-debug-rpms',\n 'jb-eap-7.3-for-rhel-7-server-rpms',\n 'jb-eap-7.3-for-rhel-7-server-source-rpms'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'eap7-artemis-wildfly-integration-1.0.4-1.redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-bouncycastle-1.68.0-2.redhat_00005.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-bouncycastle-mail-1.68.0-2.redhat_00005.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-bouncycastle-pkix-1.68.0-2.redhat_00005.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-bouncycastle-prov-1.68.0-2.redhat_00005.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-hal-console-3.2.14-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-infinispan-9.4.22-3.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-infinispan-cachestore-jdbc-9.4.22-3.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-infinispan-cachestore-remote-9.4.22-3.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-infinispan-client-hotrod-9.4.22-3.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-infinispan-commons-9.4.22-3.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-infinispan-core-9.4.22-3.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-infinispan-hibernate-cache-commons-9.4.22-3.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-infinispan-hibernate-cache-spi-9.4.22-3.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-infinispan-hibernate-cache-v53-9.4.22-3.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-ironjacamar-1.4.30-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-ironjacamar-common-api-1.4.30-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-ironjacamar-common-impl-1.4.30-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-ironjacamar-common-spi-1.4.30-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-ironjacamar-core-api-1.4.30-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-ironjacamar-core-impl-1.4.30-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-ironjacamar-deployers-common-1.4.30-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-ironjacamar-jdbc-1.4.30-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-ironjacamar-validator-1.4.30-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-genericjms-2.0.9-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-marshalling-2.0.11-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-marshalling-river-2.0.11-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-1.7.2-6.Final_redhat_00007.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-cli-1.7.2-6.Final_redhat_00007.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-core-1.7.2-6.Final_redhat_00007.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-eap6.4-1.7.2-6.Final_redhat_00007.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-eap6.4-to-eap7.3-1.7.2-6.Final_redhat_00007.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-eap7.0-1.7.2-6.Final_redhat_00007.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-eap7.1-1.7.2-6.Final_redhat_00007.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-eap7.2-1.7.2-6.Final_redhat_00007.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-eap7.2-to-eap7.3-1.7.2-6.Final_redhat_00007.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-eap7.3-server-1.7.2-6.Final_redhat_00007.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-wildfly10.0-1.7.2-6.Final_redhat_00007.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-wildfly10.1-1.7.2-6.Final_redhat_00007.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-wildfly11.0-1.7.2-6.Final_redhat_00007.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-wildfly12.0-1.7.2-6.Final_redhat_00007.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-wildfly13.0-server-1.7.2-6.Final_redhat_00007.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-wildfly14.0-server-1.7.2-6.Final_redhat_00007.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-wildfly15.0-server-1.7.2-6.Final_redhat_00007.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-wildfly16.0-server-1.7.2-6.Final_redhat_00007.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-wildfly17.0-server-1.7.2-6.Final_redhat_00007.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-wildfly18.0-server-1.7.2-6.Final_redhat_00007.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-wildfly8.2-1.7.2-6.Final_redhat_00007.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-wildfly9.0-1.7.2-6.Final_redhat_00007.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-weld-3.1-api-3.1.0-6.SP3_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-weld-3.1-api-weld-api-3.1.0-6.SP3_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-weld-3.1-api-weld-spi-3.1.0-6.SP3_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jgroups-kubernetes-1.0.16-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-mod_cluster-1.4.3-2.Final_redhat_00002.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-netty-4.1.60-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-netty-all-4.1.60-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-resteasy-3.11.4-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-resteasy-atom-provider-3.11.4-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-resteasy-cdi-3.11.4-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-resteasy-client-3.11.4-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-resteasy-client-microprofile-3.11.4-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-resteasy-crypto-3.11.4-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-resteasy-jackson-provider-3.11.4-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-resteasy-jackson2-provider-3.11.4-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-resteasy-jaxb-provider-3.11.4-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-resteasy-jaxrs-3.11.4-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-resteasy-jettison-provider-3.11.4-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-resteasy-jose-jwt-3.11.4-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-resteasy-jsapi-3.11.4-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-resteasy-json-binding-provider-3.11.4-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-resteasy-json-p-provider-3.11.4-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-resteasy-multipart-provider-3.11.4-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-resteasy-rxjava2-3.11.4-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-resteasy-spring-3.11.4-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-resteasy-validator-provider-11-3.11.4-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-resteasy-yaml-provider-3.11.4-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-undertow-2.0.35-1.SP1_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-velocity-2.3.0-1.redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-velocity-engine-core-2.3.0-1.redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-weld-core-3.1.6-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-weld-core-impl-3.1.6-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-weld-core-jsf-3.1.6-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-weld-ejb-3.1.6-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-weld-jta-3.1.6-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-weld-probe-core-3.1.6-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-weld-web-3.1.6-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-wildfly-7.3.7-1.GA_redhat_00002.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-wildfly-elytron-1.10.12-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-wildfly-elytron-tool-1.10.12-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-wildfly-http-client-common-1.0.26-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-wildfly-http-ejb-client-1.0.26-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-wildfly-http-naming-client-1.0.26-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-wildfly-http-transaction-client-1.0.26-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-wildfly-java-jdk11-7.3.7-1.GA_redhat_00002.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-wildfly-java-jdk8-7.3.7-1.GA_redhat_00002.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-wildfly-javadocs-7.3.7-1.GA_redhat_00002.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-wildfly-modules-7.3.7-1.GA_redhat_00002.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-xalan-j2-2.7.1-36.redhat_00013.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-yasson-1.0.9-1.redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'eap7-artemis-wildfly-integration / eap7-bouncycastle / etc');\n}\n", "cvss": {"score": 9, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-06-16T15:01:18", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2048 advisory.\n\n - velocity: arbitrary code execution when attacker is able to modify templates (CVE-2020-13936)\n\n - netty: Information disclosure via the local system temporary directory (CVE-2021-21290)\n\n - netty: possible request smuggling in HTTP/2 due missing validation (CVE-2021-21295)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-05-20T00:00:00", "type": "nessus", "title": "RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.3.7 security update on RHEL 8 (Moderate) (RHSA-2021:2048)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13936", "CVE-2021-21290", "CVE-2021-21295"], "modified": "2021-10-07T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:eap7-artemis-wildfly-integration", "p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle", "p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle-mail", "p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle-pkix", "p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle-prov", "p-cpe:/a:redhat:enterprise_linux:eap7-hal-console", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-jdbc", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-remote", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-client-hotrod", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-commons", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-core", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-commons", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-spi", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-v53", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-api", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-spi", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-api", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-deployers-common", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-jdbc", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-validator", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4-to-eap7.3", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.2-to-eap7.3", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.3-server", "p-cpe:/a:redhat:enterprise_linux:eap7-jgroups-kubernetes", "p-cpe:/a:redhat:enterprise_linux:eap7-mod_cluster", "p-cpe:/a:redhat:enterprise_linux:eap7-netty", "p-cpe:/a:redhat:enterprise_linux:eap7-netty-all", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-atom-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-cdi", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-client", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-client-microprofile", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-crypto", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson2-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxb-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxrs", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jettison-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jose-jwt", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jsapi", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-json-binding-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-json-p-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-multipart-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-rxjava2", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-spring", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-validator-provider-11", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-yaml-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-undertow", "p-cpe:/a:redhat:enterprise_linux:eap7-velocity", "p-cpe:/a:redhat:enterprise_linux:eap7-velocity-engine-core", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-core", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-core-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-core-jsf", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-ejb", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-jta", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-probe-core", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-web", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron-tool", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-client-common", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-ejb-client", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-naming-client", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-transaction-client", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules", "p-cpe:/a:redhat:enterprise_linux:eap7-xalan-j2", "p-cpe:/a:redhat:enterprise_linux:eap7-yasson"], "id": "REDHAT-RHSA-2021-2048.NASL", "href": "https://www.tenable.com/plugins/nessus/149811", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:2048. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(149811);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/07\");\n\n script_cve_id(\"CVE-2020-13936\", \"CVE-2021-21290\", \"CVE-2021-21295\");\n script_xref(name:\"RHSA\", value:\"2021:2048\");\n\n script_name(english:\"RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.3.7 security update on RHEL 8 (Moderate) (RHSA-2021:2048)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:2048 advisory.\n\n - velocity: arbitrary code execution when attacker is able to modify templates (CVE-2020-13936)\n\n - netty: Information disclosure via the local system temporary directory (CVE-2021-21290)\n\n - netty: possible request smuggling in HTTP/2 due missing validation (CVE-2021-21295)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/77.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/94.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/200.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/444.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-13936\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-21290\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-21295\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:2048\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1927028\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1937364\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1937440\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13936\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(77, 94, 200, 444);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/05/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/05/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-artemis-wildfly-integration\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle-mail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle-pkix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle-prov\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hal-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-remote\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-client-hotrod\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-commons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-commons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-spi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-v53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-spi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-deployers-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-validator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4-to-eap7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.2-to-eap7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.3-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jgroups-kubernetes\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-mod_cluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-netty\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-netty-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-atom-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-cdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-client-microprofile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-crypto\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson2-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxb-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxrs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jettison-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jose-jwt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jsapi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-json-binding-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-json-p-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-multipart-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-rxjava2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-spring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-validator-provider-11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-yaml-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-undertow\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-velocity\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-velocity-engine-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-core-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-core-jsf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-ejb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-jta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-probe-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-web\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron-tool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-client-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-ejb-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-naming-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-transaction-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-xalan-j2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-yasson\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'jboss_enterprise_application_platform_7_3_el8': [\n 'jb-eap-7.3-for-rhel-8-x86_64-debug-rpms',\n 'jb-eap-7.3-for-rhel-8-x86_64-rpms',\n 'jb-eap-7.3-for-rhel-8-x86_64-source-rpms'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'eap7-artemis-wildfly-integration-1.0.4-1.redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-bouncycastle-1.68.0-2.redhat_00005.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-bouncycastle-mail-1.68.0-2.redhat_00005.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-bouncycastle-pkix-1.68.0-2.redhat_00005.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-bouncycastle-prov-1.68.0-2.redhat_00005.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-hal-console-3.2.14-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-infinispan-9.4.22-3.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-infinispan-cachestore-jdbc-9.4.22-3.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-infinispan-cachestore-remote-9.4.22-3.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-infinispan-client-hotrod-9.4.22-3.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-infinispan-commons-9.4.22-3.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-infinispan-core-9.4.22-3.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-infinispan-hibernate-cache-commons-9.4.22-3.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-infinispan-hibernate-cache-spi-9.4.22-3.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-infinispan-hibernate-cache-v53-9.4.22-3.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-ironjacamar-1.4.30-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-ironjacamar-common-api-1.4.30-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-ironjacamar-common-impl-1.4.30-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-ironjacamar-common-spi-1.4.30-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-ironjacamar-core-api-1.4.30-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-ironjacamar-core-impl-1.4.30-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-ironjacamar-deployers-common-1.4.30-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-ironjacamar-jdbc-1.4.30-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-ironjacamar-validator-1.4.30-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-genericjms-2.0.9-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-marshalling-2.0.11-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-marshalling-river-2.0.11-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-1.7.2-6.Final_redhat_00007.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-cli-1.7.2-6.Final_redhat_00007.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-core-1.7.2-6.Final_redhat_00007.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-eap6.4-1.7.2-6.Final_redhat_00007.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-eap6.4-to-eap7.3-1.7.2-6.Final_redhat_00007.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-eap7.0-1.7.2-6.Final_redhat_00007.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-eap7.1-1.7.2-6.Final_redhat_00007.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-eap7.2-1.7.2-6.Final_redhat_00007.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-eap7.2-to-eap7.3-1.7.2-6.Final_redhat_00007.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-eap7.3-server-1.7.2-6.Final_redhat_00007.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-wildfly10.0-1.7.2-6.Final_redhat_00007.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-wildfly10.1-1.7.2-6.Final_redhat_00007.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-wildfly11.0-1.7.2-6.Final_redhat_00007.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-wildfly12.0-1.7.2-6.Final_redhat_00007.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-wildfly13.0-server-1.7.2-6.Final_redhat_00007.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-wildfly14.0-server-1.7.2-6.Final_redhat_00007.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-wildfly15.0-server-1.7.2-6.Final_redhat_00007.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-wildfly16.0-server-1.7.2-6.Final_redhat_00007.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-wildfly17.0-server-1.7.2-6.Final_redhat_00007.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-wildfly18.0-server-1.7.2-6.Final_redhat_00007.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-wildfly8.2-1.7.2-6.Final_redhat_00007.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-wildfly9.0-1.7.2-6.Final_redhat_00007.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-weld-3.1-api-3.1.0-6.SP3_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-weld-3.1-api-weld-api-3.1.0-6.SP3_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-weld-3.1-api-weld-spi-3.1.0-6.SP3_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jgroups-kubernetes-1.0.16-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-mod_cluster-1.4.3-2.Final_redhat_00002.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-netty-4.1.60-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-netty-all-4.1.60-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-resteasy-3.11.4-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-resteasy-atom-provider-3.11.4-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-resteasy-cdi-3.11.4-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-resteasy-client-3.11.4-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-resteasy-client-microprofile-3.11.4-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-resteasy-crypto-3.11.4-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-resteasy-jackson-provider-3.11.4-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-resteasy-jackson2-provider-3.11.4-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-resteasy-jaxb-provider-3.11.4-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-resteasy-jaxrs-3.11.4-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-resteasy-jettison-provider-3.11.4-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-resteasy-jose-jwt-3.11.4-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-resteasy-jsapi-3.11.4-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-resteasy-json-binding-provider-3.11.4-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-resteasy-json-p-provider-3.11.4-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-resteasy-multipart-provider-3.11.4-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-resteasy-rxjava2-3.11.4-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-resteasy-spring-3.11.4-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-resteasy-validator-provider-11-3.11.4-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-resteasy-yaml-provider-3.11.4-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-undertow-2.0.35-1.SP1_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-velocity-2.3.0-1.redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-velocity-engine-core-2.3.0-1.redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-weld-core-3.1.6-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-weld-core-impl-3.1.6-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-weld-core-jsf-3.1.6-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-weld-ejb-3.1.6-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-weld-jta-3.1.6-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-weld-probe-core-3.1.6-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-weld-web-3.1.6-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-wildfly-7.3.7-1.GA_redhat_00002.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-wildfly-elytron-1.10.12-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-wildfly-elytron-tool-1.10.12-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-wildfly-http-client-common-1.0.26-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-wildfly-http-ejb-client-1.0.26-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-wildfly-http-naming-client-1.0.26-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-wildfly-http-transaction-client-1.0.26-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-wildfly-javadocs-7.3.7-1.GA_redhat_00002.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-wildfly-modules-7.3.7-1.GA_redhat_00002.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-xalan-j2-2.7.1-36.redhat_00013.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-yasson-1.0.9-1.redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'eap7-artemis-wildfly-integration / eap7-bouncycastle / etc');\n}\n", "cvss": {"score": 9, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-06-16T15:01:41", "description": "The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2046 advisory.\n\n - velocity: arbitrary code execution when attacker is able to modify templates (CVE-2020-13936)\n\n - netty: Information disclosure via the local system temporary directory (CVE-2021-21290)\n\n - netty: possible request smuggling in HTTP/2 due missing validation (CVE-2021-21295)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-05-20T00:00:00", "type": "nessus", "title": "RHEL 6 : Red Hat JBoss Enterprise Application Platform 7.3.7 security update on RHEL 6 (Moderate) (RHSA-2021:2046)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13936", "CVE-2021-21290", "CVE-2021-21295"], "modified": "2021-10-07T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:eap7-artemis-wildfly-integration", "p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle", "p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle-mail", "p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle-pkix", "p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle-prov", "p-cpe:/a:redhat:enterprise_linux:eap7-hal-console", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-jdbc", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-remote", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-client-hotrod", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-commons", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-core", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-commons", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-spi", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-v53", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-api", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-spi", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-api", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-deployers-common", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-jdbc", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-validator", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4-to-eap7.3", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.2-to-eap7.3", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.3-server", "p-cpe:/a:redhat:enterprise_linux:eap7-jgroups-kubernetes", "p-cpe:/a:redhat:enterprise_linux:eap7-mod_cluster", "p-cpe:/a:redhat:enterprise_linux:eap7-netty", "p-cpe:/a:redhat:enterprise_linux:eap7-netty-all", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-atom-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-cdi", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-client", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-client-microprofile", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-crypto", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson2-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxb-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxrs", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jettison-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jose-jwt", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jsapi", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-json-binding-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-json-p-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-multipart-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-rxjava2", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-spring", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-validator-provider-11", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-yaml-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-undertow", "p-cpe:/a:redhat:enterprise_linux:eap7-velocity", "p-cpe:/a:redhat:enterprise_linux:eap7-velocity-engine-core", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-core", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-core-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-core-jsf", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-ejb", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-jta", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-probe-core", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-web", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron-tool", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-client-common", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-ejb-client", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-naming-client", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-transaction-client", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules", "p-cpe:/a:redhat:enterprise_linux:eap7-xalan-j2", "p-cpe:/a:redhat:enterprise_linux:eap7-yasson"], "id": "REDHAT-RHSA-2021-2046.NASL", "href": "https://www.tenable.com/plugins/nessus/149813", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:2046. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(149813);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/07\");\n\n script_cve_id(\"CVE-2020-13936\", \"CVE-2021-21290\", \"CVE-2021-21295\");\n script_xref(name:\"RHSA\", value:\"2021:2046\");\n\n script_name(english:\"RHEL 6 : Red Hat JBoss Enterprise Application Platform 7.3.7 security update on RHEL 6 (Moderate) (RHSA-2021:2046)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:2046 advisory.\n\n - velocity: arbitrary code execution when attacker is able to modify templates (CVE-2020-13936)\n\n - netty: Information disclosure via the local system temporary directory (CVE-2021-21290)\n\n - netty: possible request smuggling in HTTP/2 due missing validation (CVE-2021-21295)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/77.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/94.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/200.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/444.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-13936\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-21290\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-21295\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:2046\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1927028\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1937364\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1937440\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13936\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(77, 94, 200, 444);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/05/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/05/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-artemis-wildfly-integration\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle-mail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle-pkix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle-prov\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hal-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-remote\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-client-hotrod\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-commons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-commons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-spi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-v53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-spi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-deployers-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-validator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4-to-eap7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.2-to-eap7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.3-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jgroups-kubernetes\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-mod_cluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-netty\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-netty-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-atom-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-cdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-client-microprofile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-crypto\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson2-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxb-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxrs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jettison-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jose-jwt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jsapi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-json-binding-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-json-p-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-multipart-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-rxjava2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-spring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-validator-provider-11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-yaml-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-undertow\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-velocity\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-velocity-engine-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-core-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-core-jsf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-ejb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-jta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-probe-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-web\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron-tool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-client-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-ejb-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-naming-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-transaction-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-xalan-j2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-yasson\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '6')) audit(AUDIT_OS_NOT, 'Red Hat 6.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'jboss_enterprise_application_platform_7_3_el6': [\n 'jb-eap-7.3-for-rhel-6-server-debug-rpms',\n 'jb-eap-7.3-for-rhel-6-server-rpms',\n 'jb-eap-7.3-for-rhel-6-server-source-rpms'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'eap7-artemis-wildfly-integration-1.0.4-1.redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-bouncycastle-1.68.0-2.redhat_00005.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-bouncycastle-mail-1.68.0-2.redhat_00005.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-bouncycastle-pkix-1.68.0-2.redhat_00005.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-bouncycastle-prov-1.68.0-2.redhat_00005.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-hal-console-3.2.14-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-infinispan-9.4.22-3.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-infinispan-cachestore-jdbc-9.4.22-3.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-infinispan-cachestore-remote-9.4.22-3.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-infinispan-client-hotrod-9.4.22-3.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-infinispan-commons-9.4.22-3.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-infinispan-core-9.4.22-3.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-infinispan-hibernate-cache-commons-9.4.22-3.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-infinispan-hibernate-cache-spi-9.4.22-3.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-infinispan-hibernate-cache-v53-9.4.22-3.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-ironjacamar-1.4.30-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-ironjacamar-common-api-1.4.30-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-ironjacamar-common-impl-1.4.30-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-ironjacamar-common-spi-1.4.30-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-ironjacamar-core-api-1.4.30-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-ironjacamar-core-impl-1.4.30-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-ironjacamar-deployers-common-1.4.30-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-ironjacamar-jdbc-1.4.30-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-ironjacamar-validator-1.4.30-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-genericjms-2.0.9-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-marshalling-2.0.11-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-marshalling-river-2.0.11-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-1.7.2-6.Final_redhat_00007.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-cli-1.7.2-6.Final_redhat_00007.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-core-1.7.2-6.Final_redhat_00007.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-eap6.4-1.7.2-6.Final_redhat_00007.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-eap6.4-to-eap7.3-1.7.2-6.Final_redhat_00007.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-eap7.0-1.7.2-6.Final_redhat_00007.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-eap7.1-1.7.2-6.Final_redhat_00007.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-eap7.2-1.7.2-6.Final_redhat_00007.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-eap7.2-to-eap7.3-1.7.2-6.Final_redhat_00007.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-eap7.3-server-1.7.2-6.Final_redhat_00007.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-wildfly10.0-1.7.2-6.Final_redhat_00007.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-wildfly10.1-1.7.2-6.Final_redhat_00007.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-wildfly11.0-1.7.2-6.Final_redhat_00007.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-wildfly12.0-1.7.2-6.Final_redhat_00007.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-wildfly13.0-server-1.7.2-6.Final_redhat_00007.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-wildfly14.0-server-1.7.2-6.Final_redhat_00007.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-wildfly15.0-server-1.7.2-6.Final_redhat_00007.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-wildfly16.0-server-1.7.2-6.Final_redhat_00007.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-wildfly17.0-server-1.7.2-6.Final_redhat_00007.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-wildfly18.0-server-1.7.2-6.Final_redhat_00007.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-wildfly8.2-1.7.2-6.Final_redhat_00007.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-wildfly9.0-1.7.2-6.Final_redhat_00007.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-weld-3.1-api-3.1.0-6.SP3_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-weld-3.1-api-weld-api-3.1.0-6.SP3_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-weld-3.1-api-weld-spi-3.1.0-6.SP3_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jgroups-kubernetes-1.0.16-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-mod_cluster-1.4.3-2.Final_redhat_00002.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-netty-4.1.60-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-netty-all-4.1.60-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-resteasy-3.11.4-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-resteasy-atom-provider-3.11.4-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-resteasy-cdi-3.11.4-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-resteasy-client-3.11.4-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-resteasy-client-microprofile-3.11.4-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-resteasy-crypto-3.11.4-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-resteasy-jackson-provider-3.11.4-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-resteasy-jackson2-provider-3.11.4-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-resteasy-jaxb-provider-3.11.4-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-resteasy-jaxrs-3.11.4-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-resteasy-jettison-provider-3.11.4-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-resteasy-jose-jwt-3.11.4-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-resteasy-jsapi-3.11.4-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-resteasy-json-binding-provider-3.11.4-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-resteasy-json-p-provider-3.11.4-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-resteasy-multipart-provider-3.11.4-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-resteasy-rxjava2-3.11.4-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-resteasy-spring-3.11.4-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-resteasy-validator-provider-11-3.11.4-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-resteasy-yaml-provider-3.11.4-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-undertow-2.0.35-1.SP1_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-velocity-2.3.0-1.redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-velocity-engine-core-2.3.0-1.redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-weld-core-3.1.6-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-weld-core-impl-3.1.6-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-weld-core-jsf-3.1.6-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-weld-ejb-3.1.6-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-weld-jta-3.1.6-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-weld-probe-core-3.1.6-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-weld-web-3.1.6-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-wildfly-7.3.7-1.GA_redhat_00002.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-wildfly-elytron-1.10.12-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-wildfly-elytron-tool-1.10.12-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-wildfly-http-client-common-1.0.26-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-wildfly-http-ejb-client-1.0.26-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-wildfly-http-naming-client-1.0.26-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-wildfly-http-transaction-client-1.0.26-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-wildfly-javadocs-7.3.7-1.GA_redhat_00002.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-wildfly-modules-7.3.7-1.GA_redhat_00002.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-xalan-j2-2.7.1-36.redhat_00013.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-yasson-1.0.9-1.redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'eap7-artemis-wildfly-integration / eap7-bouncycastle / etc');\n}\n", "cvss": {"score": 9, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-07-22T16:38:29", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1169 advisory.\n\n - nodejs-bootstrap-select: not escaping title values on may lead to XSS (CVE-2019-20921)\n\n - m2crypto: bleichenbacher timing attacks in the RSA decryption API (CVE-2020-25657)\n\n - datatables.net: prototype pollution if 'constructor' were used in a data property name (CVE-2020-28458)\n\n - nodejs-immer: prototype pollution may lead to DoS or remote code execution (CVE-2020-28477)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}, "published": "2021-04-15T00:00:00", "type": "nessus", "title": "RHEL 8 : RHV Manager (ovirt-engine) 4.4.z [ovirt-4.4.5] security, bug fix, enhancement (Moderate) (RHSA-2021:1169)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-20921", "CVE-2020-25657", "CVE-2020-28458", "CVE-2020-28477"], "modified": "2021-10-07T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-backend", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-dbscripts", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-health-check-bundler", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-restapi", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-base", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-cinderlib", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-imageio", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-ovirt-engine", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-ovirt-engine-common", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-vmconsole-proxy-helper", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-websocket-proxy", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-tools", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-tools-backup", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-vmconsole-proxy-helper", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-webadmin-portal", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-websocket-proxy", "p-cpe:/a:redhat:enterprise_linux:ovirt-web-ui", "p-cpe:/a:redhat:enterprise_linux:python3-ovirt-engine-lib", "p-cpe:/a:redhat:enterprise_linux:rhvm"], "id": "REDHAT-RHSA-2021-1169.NASL", "href": "https://www.tenable.com/plugins/nessus/148572", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:1169. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148572);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/07\");\n\n script_cve_id(\n \"CVE-2019-20921\",\n \"CVE-2020-25657\",\n \"CVE-2020-28458\",\n \"CVE-2020-28477\"\n );\n script_xref(name:\"RHSA\", value:\"2021:1169\");\n\n script_name(english:\"RHEL 8 : RHV Manager (ovirt-engine) 4.4.z [ovirt-4.4.5] security, bug fix, enhancement (Moderate) (RHSA-2021:1169)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:1169 advisory.\n\n - nodejs-bootstrap-select: not escaping title values on may lead to XSS (CVE-2019-20921)\n\n - m2crypto: bleichenbacher timing attacks in the RSA decryption API (CVE-2020-25657)\n\n - datatables.net: prototype pollution if 'constructor' were used in a data property name (CVE-2020-28458)\n\n - nodejs-immer: prototype pollution may lead to DoS or remote code execution (CVE-2020-28477)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/79.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/203.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/400.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/915.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-20921\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-25657\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-28458\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-28477\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:1169\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1882273\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1889823\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1908441\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1918162\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-28458\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(79, 203, 400, 915);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/09/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-backend\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-dbscripts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-health-check-bundler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-restapi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-cinderlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-imageio\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-ovirt-engine\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-ovirt-engine-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-vmconsole-proxy-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-websocket-proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-tools-backup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-vmconsole-proxy-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-webadmin-portal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-websocket-proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-web-ui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-ovirt-engine-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rhvm\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'rhev_manager_4_4_el8': [\n 'rhv-4.4-manager-for-rhel-8-x86_64-debug-rpms',\n 'rhv-4.4-manager-for-rhel-8-x86_64-rpms',\n 'rhv-4.4-manager-for-rhel-8-x86_64-source-rpms'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'ovirt-engine-4.4.5.9-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']},\n {'reference':'ovirt-engine-backend-4.4.5.9-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']},\n {'reference':'ovirt-engine-dbscripts-4.4.5.9-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']},\n {'reference':'ovirt-engine-health-check-bundler-4.4.5.9-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']},\n {'reference':'ovirt-engine-restapi-4.4.5.9-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']},\n {'reference':'ovirt-engine-setup-4.4.5.9-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']},\n {'reference':'ovirt-engine-setup-base-4.4.5.9-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']},\n {'reference':'ovirt-engine-setup-plugin-cinderlib-4.4.5.9-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']},\n {'reference':'ovirt-engine-setup-plugin-imageio-4.4.5.9-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']},\n {'reference':'ovirt-engine-setup-plugin-ovirt-engine-4.4.5.9-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']},\n {'reference':'ovirt-engine-setup-plugin-ovirt-engine-common-4.4.5.9-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']},\n {'reference':'ovirt-engine-setup-plugin-vmconsole-proxy-helper-4.4.5.9-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']},\n {'reference':'ovirt-engine-setup-plugin-websocket-proxy-4.4.5.9-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']},\n {'reference':'ovirt-engine-tools-4.4.5.9-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']},\n {'reference':'ovirt-engine-tools-backup-4.4.5.9-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']},\n {'reference':'ovirt-engine-vmconsole-proxy-helper-4.4.5.9-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']},\n {'reference':'ovirt-engine-webadmin-portal-4.4.5.9-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']},\n {'reference':'ovirt-engine-websocket-proxy-4.4.5.9-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']},\n {'reference':'ovirt-web-ui-1.6.7-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']},\n {'reference':'python3-ovirt-engine-lib-4.4.5.9-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']},\n {'reference':'rhvm-4.4.5.9-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'ovirt-engine / ovirt-engine-backend / ovirt-engine-dbscripts / etc');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T16:12:17", "description": "According to its self-reported version number, the Oracle Primavera Unifier installation running on the remote host is 16.x prior to 16.2.16.5 or 17.x prior to 17.12.11.7 or 18.8.x prior to 18.8.18.4 or 19.12.x prior to 19.12.14 or 20.12.x prior to 20.12.4. It is, therefore, affected by multiple vulnerabilities as referenced in the April 2021 CPU advisory.\n\n - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering (component: Core UI (jQuery)). Supported versions that are affected are 16.1, 16.2, 17.7-17.12, 18.8, 19.12 and 20.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Primavera Unifier. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Primavera Unifier, attacks may significantly impact additional products.\n Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Primavera Unifier accessible data as well as unauthorized read access to a subset of Primavera Unifier accessible data. (CVE-2020-11022)\n\n - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering (component: Core (HTTP Client)). Supported versions that are affected are 16.1, 16.2, 17.7-17.12, 18.8, 19.12 and 20.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Primavera Unifier. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Primavera Unifier accessible data. (CVE-2020-13956)\n\n - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering (component: Platform (Apache Groovy)). Supported versions that are affected are 16.1, 16.2, 17.7-17.12, 18.8, 19.12 and 20.12.\n Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Primavera Unifier executes to compromise Primavera Unifier. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Primavera Unifier accessible data.\n (CVE-2020-17521)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2021-04-22T00:00:00", "type": "nessus", "title": "Oracle Primavera Unifier (Apr 2021 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023", "CVE-2020-13956", "CVE-2020-17521"], "modified": "2022-05-10T00:00:00", "cpe": ["cpe:/a:oracle:primavera_unifier"], "id": "ORACLE_PRIMAVERA_UNIFIER_CPU_APR_2021.NASL", "href": "https://www.tenable.com/plugins/nessus/148918", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148918);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/10\");\n\n script_cve_id(\n \"CVE-2020-11022\",\n \"CVE-2020-11023\",\n \"CVE-2020-13956\",\n \"CVE-2020-17521\"\n );\n\n script_name(english:\"Oracle Primavera Unifier (Apr 2021 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the Oracle Primavera Unifier installation running on the remote host is\n16.x prior to 16.2.16.5 or 17.x prior to 17.12.11.7 or 18.8.x prior to 18.8.18.4 or 19.12.x prior to 19.12.14 or 20.12.x\nprior to 20.12.4. It is, therefore, affected by multiple vulnerabilities as referenced in the April 2021 CPU advisory.\n\n - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering (component: Core UI\n (jQuery)). Supported versions that are affected are 16.1, 16.2, 17.7-17.12, 18.8, 19.12 and 20.12. Easily\n exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise\n Primavera Unifier. Successful attacks require human interaction from a person other than the attacker\n and while the vulnerability is in Primavera Unifier, attacks may significantly impact additional products.\n Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some\n of Primavera Unifier accessible data as well as unauthorized read access to a subset of Primavera Unifier\n accessible data. (CVE-2020-11022)\n\n - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering (component: Core (HTTP\n Client)). Supported versions that are affected are 16.1, 16.2, 17.7-17.12, 18.8, 19.12 and 20.12. Easily\n exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise\n Primavera Unifier. Successful attacks of this vulnerability can result in unauthorized update, insert or\n delete access to some of Primavera Unifier accessible data. (CVE-2020-13956)\n\n - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering (component: Platform\n (Apache Groovy)). Supported versions that are affected are 16.1, 16.2, 17.7-17.12, 18.8, 19.12 and 20.12.\n Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where\n Primavera Unifier executes to compromise Primavera Unifier. Successful attacks of this vulnerability can\n result in unauthorized access to critical data or complete access to all Primavera Unifier accessible data.\n (CVE-2020-17521)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/a/tech/docs/cpuapr2021cvrf.xml\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/security-alerts/cpuapr2021.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the April 2021 Oracle Critical Patch Update advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13956\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-11023\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:primavera_unifier\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_primavera_unifier.nbin\");\n script_require_keys(\"installed_sw/Oracle Primavera Unifier\", \"www/weblogic\");\n script_require_ports(\"Services/www\", 8002);\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('http.inc');\n\nget_install_count(app_name:'Oracle Primavera Unifier', exit_if_zero:TRUE);\n\nvar port = get_http_port(default:8002);\nget_kb_item_or_exit('www/weblogic/' + port + '/installed');\n\nvar app_info = vcf::get_app_info(app:'Oracle Primavera Unifier', port:port);\n\nvcf::check_granularity(app_info:app_info, sig_segments:3);\n\nvar constraints = [\n { 'min_version' : '16.1', 'fixed_version' : '16.2.16.5' },\n { 'min_version' : '17.7', 'fixed_version' : '17.12.11.7' },\n { 'min_version' : '18.8', 'fixed_version' : '18.8.18.4' },\n { 'min_version' : '19.12', 'fixed_version' : '19.12.14' },\n { 'min_version' : '20.12', 'fixed_version' : '20.12.4' }\n];\n\nvcf::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_WARNING\n);\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-07-18T20:47:56", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0248 advisory.\n\n - apache-httpclient: incorrect handling of malformed authority component in request URIs (CVE-2020-13956)\n\n - resteasy-client: potential sensitive information leakage in JAX-RS RESTEasy Client's WebApplicationException handling (CVE-2020-25633)\n\n - wildfly: resource adapter logs plaintext JMS password at warning level on connection error (CVE-2020-25640)\n\n - wildfly-core: memory leak in WildFly host-controller in domain mode while not able to reconnect to domain- controller (CVE-2020-25689)\n\n - undertow: special character in query results in server errors (CVE-2020-27782)\n\n - wildfly: Potential Memory leak in Wildfly when using OpenTracing (CVE-2020-27822)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2021-01-25T00:00:00", "type": "nessus", "title": "RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.3.5 (RHSA-2021:0248)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13956", "CVE-2020-25633", "CVE-2020-25640", "CVE-2020-25689", "CVE-2020-27782", "CVE-2020-27822"], "modified": "2022-05-11T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-cli", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-commons", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-core-client", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-dto", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hornetq-protocol", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hqclient-protocol", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jdbc-store", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-client", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-server", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-journal", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-ra", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-selector", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-server", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-service-extensions", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-tools", "p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-jsf", "p-cpe:/a:redhat:enterprise_linux:eap7-hal-console", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-core", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-entitymanager", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-envers", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-java8", "p-cpe:/a:redhat:enterprise_linux:eap7-httpcomponents-client", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4-to-eap7.3", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.2-to-eap7.3", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.3-server", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-compensations", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jts-idlj", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jts-integration", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-api", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-bridge", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-integration", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-util", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-txframework", "p-cpe:/a:redhat:enterprise_linux:eap7-opentracing-interceptors", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-atom-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-cdi", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-client", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-client-microprofile", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-crypto", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson2-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxb-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxrs", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jettison-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jose-jwt", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jsapi", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-json-binding-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-json-p-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-multipart-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-rxjava2", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-spring", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-validator-provider-11", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-yaml-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-undertow", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-discovery-client", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron-tool", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-client-common", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-ejb-client", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-naming-client", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-transaction-client", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules"], "id": "REDHAT-RHSA-2021-0248.NASL", "href": "https://www.tenable.com/plugins/nessus/145407", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:0248. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(145407);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/11\");\n\n script_cve_id(\n \"CVE-2020-13956\",\n \"CVE-2020-25633\",\n \"CVE-2020-25640\",\n \"CVE-2020-25689\",\n \"CVE-2020-27782\",\n \"CVE-2020-27822\"\n );\n script_xref(name:\"RHSA\", value:\"2021:0248\");\n\n script_name(english:\"RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.3.5 (RHSA-2021:0248)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:0248 advisory.\n\n - apache-httpclient: incorrect handling of malformed authority component in request URIs (CVE-2020-13956)\n\n - resteasy-client: potential sensitive information leakage in JAX-RS RESTEasy Client's\n WebApplicationException handling (CVE-2020-25633)\n\n - wildfly: resource adapter logs plaintext JMS password at warning level on connection error\n (CVE-2020-25640)\n\n - wildfly-core: memory leak in WildFly host-controller in domain mode while not able to reconnect to domain-\n controller (CVE-2020-25689)\n\n - undertow: special character in query results in server errors (CVE-2020-27782)\n\n - wildfly: Potential Memory leak in Wildfly when using OpenTracing (CVE-2020-27822)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/209.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/400.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/401.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/532.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-13956\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-25633\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-25640\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-25689\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-27782\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-27822\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:0248\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1879042\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1881637\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1886587\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1893070\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1901304\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1904060\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25633\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-25640\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 209, 400, 401, 532);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/09/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/01/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/01/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-commons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-core-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-dto\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hornetq-protocol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hqclient-protocol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jdbc-store\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-journal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-ra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-selector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-service-extensions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-jsf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hal-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-entitymanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-envers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-java8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-httpcomponents-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4-to-eap7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.2-to-eap7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.3-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-compensations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jts-idlj\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jts-integration\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-bridge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-integration\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-util\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-txframework\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-opentracing-interceptors\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-atom-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-cdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-client-microprofile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-crypto\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson2-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxb-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxrs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jettison-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jose-jwt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jsapi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-json-binding-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-json-p-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-multipart-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-rxjava2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-spring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-validator-provider-11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-yaml-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-undertow\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-discovery-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron-tool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-client-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-ejb-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-naming-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-transaction-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'jboss_enterprise_application_platform_7_3_el8': [\n 'jb-eap-7.3-for-rhel-8-x86_64-debug-rpms',\n 'jb-eap-7.3-for-rhel-8-x86_64-rpms',\n 'jb-eap-7.3-for-rhel-8-x86_64-source-rpms'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'eap7-activemq-artemis-2.9.0-7.redhat_00017.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-activemq-artemis-cli-2.9.0-7.redhat_00017.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-activemq-artemis-commons-2.9.0-7.redhat_00017.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-activemq-artemis-core-client-2.9.0-7.redhat_00017.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-activemq-artemis-dto-2.9.0-7.redhat_00017.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-activemq-artemis-hornetq-protocol-2.9.0-7.redhat_00017.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-activemq-artemis-hqclient-protocol-2.9.0-7.redhat_00017.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-activemq-artemis-jdbc-store-2.9.0-7.redhat_00017.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-activemq-artemis-jms-client-2.9.0-7.redhat_00017.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-activemq-artemis-jms-server-2.9.0-7.redhat_00017.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-activemq-artemis-journal-2.9.0-7.redhat_00017.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-activemq-artemis-ra-2.9.0-7.redhat_00017.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-activemq-artemis-selector-2.9.0-7.redhat_00017.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-activemq-artemis-server-2.9.0-7.redhat_00017.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-activemq-artemis-service-extensions-2.9.0-7.redhat_00017.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-activemq-artemis-tools-2.9.0-7.redhat_00017.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-glassfish-jsf-2.3.9-12.SP13_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-hal-console-3.2.12-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-hibernate-5.3.20-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-hibernate-core-5.3.20-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-hibernate-entitymanager-5.3.20-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-hibernate-envers-5.3.20-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-hibernate-java8-5.3.20-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-httpcomponents-client-4.5.13-1.redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-ejb-client-4.0.37-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-genericjms-2.0.8-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-modules-1.11.0-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-remoting-5.0.20-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-1.7.2-4.Final_redhat_00005.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-cli-1.7.2-4.Final_redhat_00005.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-core-1.7.2-4.Final_redhat_00005.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-eap6.4-1.7.2-4.Final_redhat_00005.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-eap6.4-to-eap7.3-1.7.2-4.Final_redhat_00005.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-eap7.0-1.7.2-4.Final_redhat_00005.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-eap7.1-1.7.2-4.Final_redhat_00005.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-eap7.2-1.7.2-4.Final_redhat_00005.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-eap7.2-to-eap7.3-1.7.2-4.Final_redhat_00005.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-eap7.3-server-1.7.2-4.Final_redhat_00005.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-wildfly10.0-1.7.2-4.Final_redhat_00005.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-wildfly10.1-1.7.2-4.Final_redhat_00005.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-wildfly11.0-1.7.2-4.Final_redhat_00005.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-wildfly12.0-1.7.2-4.Final_redhat_00005.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-wildfly13.0-server-1.7.2-4.Final_redhat_00005.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-wildfly14.0-server-1.7.2-4.Final_redhat_00005.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-wildfly15.0-server-1.7.2-4.Final_redhat_00005.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-wildfly16.0-server-1.7.2-4.Final_redhat_00005.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-wildfly17.0-server-1.7.2-4.Final_redhat_00005.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-wildfly18.0-server-1.7.2-4.Final_redhat_00005.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-wildfly8.2-1.7.2-4.Final_redhat_00005.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-server-migration-wildfly9.0-1.7.2-4.Final_redhat_00005.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-jboss-xnio-base-3.7.12-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-narayana-5.9.10-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-narayana-compensations-5.9.10-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-narayana-jbosstxbridge-5.9.10-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-narayana-jbossxts-5.9.10-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-narayana-jts-idlj-5.9.10-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-narayana-jts-integration-5.9.10-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-narayana-restat-api-5.9.10-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-narayana-restat-bridge-5.9.10-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-narayana-restat-integration-5.9.10-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-narayana-restat-util-5.9.10-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-narayana-txframework-5.9.10-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-opentracing-interceptors-0.0.4.1-2.redhat_00002.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-resteasy-3.11.3-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-resteasy-atom-provider-3.11.3-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-resteasy-cdi-3.11.3-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-resteasy-client-3.11.3-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-resteasy-client-microprofile-3.11.3-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-resteasy-crypto-3.11.3-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-resteasy-jackson-provider-3.11.3-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-resteasy-jackson2-provider-3.11.3-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-resteasy-jaxb-provider-3.11.3-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-resteasy-jaxrs-3.11.3-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-resteasy-jettison-provider-3.11.3-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-resteasy-jose-jwt-3.11.3-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-resteasy-jsapi-3.11.3-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-resteasy-json-binding-provider-3.11.3-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-resteasy-json-p-provider-3.11.3-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-resteasy-multipart-provider-3.11.3-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-resteasy-rxjava2-3.11.3-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-resteasy-spring-3.11.3-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-resteasy-validator-provider-11-3.11.3-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-resteasy-yaml-provider-3.11.3-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-undertow-2.0.33-1.SP2_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-wildfly-7.3.5-2.GA_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-wildfly-discovery-client-1.2.1-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-wildfly-elytron-1.10.10-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-wildfly-elytron-tool-1.10.10-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-wildfly-http-client-common-1.0.24-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-wildfly-http-ejb-client-1.0.24-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-wildfly-http-naming-client-1.0.24-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-wildfly-http-transaction-client-1.0.24-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-wildfly-javadocs-7.3.5-2.GA_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']},\n {'reference':'eap7-wildfly-modules-7.3.5-2.GA_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el8']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'eap7-activemq-artemis / eap7-activemq-artemis-cli / etc');\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-07-18T20:47:54", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0247 advisory.\n\n - apache-httpclient: incorrect handling of malformed authority component in request URIs (CVE-2020-13956)\n\n - resteasy-client: potential sensitive information leakage in JAX-RS RESTEasy Client's WebApplicationException handling (CVE-2020-25633)\n\n - wildfly: resource adapter logs plaintext JMS password at warning level on connection error (CVE-2020-25640)\n\n - wildfly-core: memory leak in WildFly host-controller in domain mode while not able to reconnect to domain- controller (CVE-2020-25689)\n\n - undertow: special character in query results in server errors (CVE-2020-27782)\n\n - wildfly: Potential Memory leak in Wildfly when using OpenTracing (CVE-2020-27822)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2021-01-25T00:00:00", "type": "nessus", "title": "RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.3.5 (RHSA-2021:0247)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13956", "CVE-2020-25633", "CVE-2020-25640", "CVE-2020-25689", "CVE-2020-27782", "CVE-2020-27822"], "modified": "2022-05-11T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-cli", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-commons", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-core-client", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-dto", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hornetq-protocol", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hqclient-protocol", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jdbc-store", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-client", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-server", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-journal", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-ra", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-selector", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-server", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-service-extensions", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-tools", "p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-jsf", "p-cpe:/a:redhat:enterprise_linux:eap7-hal-console", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-core", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-entitymanager", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-envers", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-java8", "p-cpe:/a:redhat:enterprise_linux:eap7-httpcomponents-client", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4-to-eap7.3", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.2-to-eap7.3", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.3-server", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-compensations", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jts-idlj", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jts-integration", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-api", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-bridge", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-integration", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-util", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-txframework", "p-cpe:/a:redhat:enterprise_linux:eap7-opentracing-interceptors", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-atom-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-cdi", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-client", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-client-microprofile", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-crypto", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson2-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxb-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxrs", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jettison-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jose-jwt", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jsapi", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-json-binding-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-json-p-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-multipart-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-rxjava2", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-spring", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-validator-provider-11", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-yaml-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-undertow", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-discovery-client", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron-tool", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-client-common", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-ejb-client", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-naming-client", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-transaction-client", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-java-jdk11", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-java-jdk8", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules"], "id": "REDHAT-RHSA-2021-0247.NASL", "href": "https://www.tenable.com/plugins/nessus/145405", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:0247. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(145405);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/11\");\n\n script_cve_id(\n \"CVE-2020-13956\",\n \"CVE-2020-25633\",\n \"CVE-2020-25640\",\n \"CVE-2020-25689\",\n \"CVE-2020-27782\",\n \"CVE-2020-27822\"\n );\n script_xref(name:\"RHSA\", value:\"2021:0247\");\n\n script_name(english:\"RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.3.5 (RHSA-2021:0247)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:0247 advisory.\n\n - apache-httpclient: incorrect handling of malformed authority component in request URIs (CVE-2020-13956)\n\n - resteasy-client: potential sensitive information leakage in JAX-RS RESTEasy Client's\n WebApplicationException handling (CVE-2020-25633)\n\n - wildfly: resource adapter logs plaintext JMS password at warning level on connection error\n (CVE-2020-25640)\n\n - wildfly-core: memory leak in WildFly host-controller in domain mode while not able to reconnect to domain-\n controller (CVE-2020-25689)\n\n - undertow: special character in query results in server errors (CVE-2020-27782)\n\n - wildfly: Potential Memory leak in Wildfly when using OpenTracing (CVE-2020-27822)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/209.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/400.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/401.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/532.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-13956\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-25633\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-25640\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-25689\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-27782\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-27822\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:0247\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1879042\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1881637\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1886587\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1893070\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1901304\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1904060\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25633\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-25640\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 209, 400, 401, 532);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/09/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/01/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/01/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-commons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-core-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-dto\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hornetq-protocol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hqclient-protocol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jdbc-store\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-journal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-ra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-selector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-service-extensions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-jsf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hal-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-entitymanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-envers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-java8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-httpcomponents-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4-to-eap7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.2-to-eap7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.3-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-compensations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jts-idlj\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jts-integration\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-bridge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-integration\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-util\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-txframework\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-opentracing-interceptors\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-atom-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-cdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-client-microprofile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-crypto\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson2-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxb-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxrs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jettison-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jose-jwt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jsapi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-json-binding-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-json-p-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-multipart-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-rxjava2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-spring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-validator-provider-11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-yaml-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-undertow\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-discovery-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron-tool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-client-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-ejb-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-naming-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-transaction-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-java-jdk11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-java-jdk8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'jboss_enterprise_application_platform_7_3_el7': [\n 'jb-eap-7.3-for-rhel-7-server-debug-rpms',\n 'jb-eap-7.3-for-rhel-7-server-rpms',\n 'jb-eap-7.3-for-rhel-7-server-source-rpms'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'eap7-activemq-artemis-2.9.0-7.redhat_00017.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-activemq-artemis-cli-2.9.0-7.redhat_00017.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-activemq-artemis-commons-2.9.0-7.redhat_00017.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-activemq-artemis-core-client-2.9.0-7.redhat_00017.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-activemq-artemis-dto-2.9.0-7.redhat_00017.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-activemq-artemis-hornetq-protocol-2.9.0-7.redhat_00017.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-activemq-artemis-hqclient-protocol-2.9.0-7.redhat_00017.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-activemq-artemis-jdbc-store-2.9.0-7.redhat_00017.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-activemq-artemis-jms-client-2.9.0-7.redhat_00017.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-activemq-artemis-jms-server-2.9.0-7.redhat_00017.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-activemq-artemis-journal-2.9.0-7.redhat_00017.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-activemq-artemis-ra-2.9.0-7.redhat_00017.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-activemq-artemis-selector-2.9.0-7.redhat_00017.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-activemq-artemis-server-2.9.0-7.redhat_00017.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-activemq-artemis-service-extensions-2.9.0-7.redhat_00017.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-activemq-artemis-tools-2.9.0-7.redhat_00017.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-glassfish-jsf-2.3.9-12.SP13_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-hal-console-3.2.12-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-hibernate-5.3.20-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-hibernate-core-5.3.20-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-hibernate-entitymanager-5.3.20-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-hibernate-envers-5.3.20-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-hibernate-java8-5.3.20-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-httpcomponents-client-4.5.13-1.redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-ejb-client-4.0.37-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-genericjms-2.0.8-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-modules-1.11.0-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-remoting-5.0.20-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-1.7.2-4.Final_redhat_00005.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-cli-1.7.2-4.Final_redhat_00005.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-core-1.7.2-4.Final_redhat_00005.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-eap6.4-1.7.2-4.Final_redhat_00005.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-eap6.4-to-eap7.3-1.7.2-4.Final_redhat_00005.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-eap7.0-1.7.2-4.Final_redhat_00005.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-eap7.1-1.7.2-4.Final_redhat_00005.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-eap7.2-1.7.2-4.Final_redhat_00005.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-eap7.2-to-eap7.3-1.7.2-4.Final_redhat_00005.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-eap7.3-server-1.7.2-4.Final_redhat_00005.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-wildfly10.0-1.7.2-4.Final_redhat_00005.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-wildfly10.1-1.7.2-4.Final_redhat_00005.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-wildfly11.0-1.7.2-4.Final_redhat_00005.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-wildfly12.0-1.7.2-4.Final_redhat_00005.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-wildfly13.0-server-1.7.2-4.Final_redhat_00005.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-wildfly14.0-server-1.7.2-4.Final_redhat_00005.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-wildfly15.0-server-1.7.2-4.Final_redhat_00005.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-wildfly16.0-server-1.7.2-4.Final_redhat_00005.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-wildfly17.0-server-1.7.2-4.Final_redhat_00005.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-wildfly18.0-server-1.7.2-4.Final_redhat_00005.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-wildfly8.2-1.7.2-4.Final_redhat_00005.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-server-migration-wildfly9.0-1.7.2-4.Final_redhat_00005.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-jboss-xnio-base-3.7.12-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-narayana-5.9.10-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-narayana-compensations-5.9.10-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-narayana-jbosstxbridge-5.9.10-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-narayana-jbossxts-5.9.10-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-narayana-jts-idlj-5.9.10-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-narayana-jts-integration-5.9.10-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-narayana-restat-api-5.9.10-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-narayana-restat-bridge-5.9.10-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-narayana-restat-integration-5.9.10-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-narayana-restat-util-5.9.10-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-narayana-txframework-5.9.10-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-opentracing-interceptors-0.0.4.1-2.redhat_00002.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-resteasy-3.11.3-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-resteasy-atom-provider-3.11.3-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-resteasy-cdi-3.11.3-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-resteasy-client-3.11.3-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-resteasy-client-microprofile-3.11.3-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-resteasy-crypto-3.11.3-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-resteasy-jackson-provider-3.11.3-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-resteasy-jackson2-provider-3.11.3-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-resteasy-jaxb-provider-3.11.3-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-resteasy-jaxrs-3.11.3-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-resteasy-jettison-provider-3.11.3-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-resteasy-jose-jwt-3.11.3-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-resteasy-jsapi-3.11.3-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-resteasy-json-binding-provider-3.11.3-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-resteasy-json-p-provider-3.11.3-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-resteasy-multipart-provider-3.11.3-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-resteasy-rxjava2-3.11.3-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-resteasy-spring-3.11.3-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-resteasy-validator-provider-11-3.11.3-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-resteasy-yaml-provider-3.11.3-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-undertow-2.0.33-1.SP2_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-wildfly-7.3.5-2.GA_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-wildfly-discovery-client-1.2.1-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-wildfly-elytron-1.10.10-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-wildfly-elytron-tool-1.10.10-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-wildfly-http-client-common-1.0.24-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-wildfly-http-ejb-client-1.0.24-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-wildfly-http-naming-client-1.0.24-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-wildfly-http-transaction-client-1.0.24-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-wildfly-java-jdk11-7.3.5-2.GA_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-wildfly-java-jdk8-7.3.5-2.GA_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-wildfly-javadocs-7.3.5-2.GA_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']},\n {'reference':'eap7-wildfly-modules-7.3.5-2.GA_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el7']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'eap7-activemq-artemis / eap7-activemq-artemis-cli / etc');\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-07-18T20:49:05", "description": "The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0246 advisory.\n\n - apache-httpclient: incorrect handling of malformed authority component in request URIs (CVE-2020-13956)\n\n - resteasy-client: potential sensitive information leakage in JAX-RS RESTEasy Client's WebApplicationException handling (CVE-2020-25633)\n\n - wildfly: resource adapter logs plaintext JMS password at warning level on connection error (CVE-2020-25640)\n\n - wildfly-core: memory leak in WildFly host-controller in domain mode while not able to reconnect to domain- controller (CVE-2020-25689)\n\n - undertow: special character in query results in server errors (CVE-2020-27782)\n\n - wildfly: Potential Memory leak in Wildfly when using OpenTracing (CVE-2020-27822)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2021-01-25T00:00:00", "type": "nessus", "title": "RHEL 6 : Red Hat JBoss Enterprise Application Platform 7.3.5 (RHSA-2021:0246)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13956", "CVE-2020-25633", "CVE-2020-25640", "CVE-2020-25689", "CVE-2020-27782", "CVE-2020-27822"], "modified": "2022-05-11T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-cli", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-commons", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-core-client", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-dto", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hornetq-protocol", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hqclient-protocol", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jdbc-store", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-client", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-server", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-journal", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-ra", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-selector", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-server", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-service-extensions", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-tools", "p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-jsf", "p-cpe:/a:redhat:enterprise_linux:eap7-hal-console", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-core", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-entitymanager", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-envers", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-java8", "p-cpe:/a:redhat:enterprise_linux:eap7-httpcomponents-client", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4-to-eap7.3", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.2-to-eap7.3", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.3-server", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-compensations", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jts-idlj", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jts-integration", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-api", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-bridge", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-integration", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-util", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-txframework", "p-cpe:/a:redhat:enterprise_linux:eap7-opentracing-interceptors", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-atom-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-cdi", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-client", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-client-microprofile", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-crypto", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson2-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxb-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxrs", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jettison-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jose-jwt", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jsapi", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-json-binding-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-json-p-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-multipart-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-rxjava2", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-spring", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-validator-provider-11", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-yaml-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-undertow", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-discovery-client", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron-tool", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-client-common", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-ejb-client", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-naming-client", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-transaction-client", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules"], "id": "REDHAT-RHSA-2021-0246.NASL", "href": "https://www.tenable.com/plugins/nessus/145408", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:0246. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(145408);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/11\");\n\n script_cve_id(\n \"CVE-2020-13956\",\n \"CVE-2020-25633\",\n \"CVE-2020-25640\",\n \"CVE-2020-25689\",\n \"CVE-2020-27782\",\n \"CVE-2020-27822\"\n );\n script_xref(name:\"RHSA\", value:\"2021:0246\");\n\n script_name(english:\"RHEL 6 : Red Hat JBoss Enterprise Application Platform 7.3.5 (RHSA-2021:0246)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:0246 advisory.\n\n - apache-httpclient: incorrect handling of malformed authority component in request URIs (CVE-2020-13956)\n\n - resteasy-client: potential sensitive information leakage in JAX-RS RESTEasy Client's\n WebApplicationException handling (CVE-2020-25633)\n\n - wildfly: resource adapter logs plaintext JMS password at warning level on connection error\n (CVE-2020-25640)\n\n - wildfly-core: memory leak in WildFly host-controller in domain mode while not able to reconnect to domain-\n controller (CVE-2020-25689)\n\n - undertow: special character in query results in server errors (CVE-2020-27782)\n\n - wildfly: Potential Memory leak in Wildfly when using OpenTracing (CVE-2020-27822)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/209.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/400.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/401.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/532.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-13956\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-25633\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-25640\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-25689\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-27782\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-27822\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:0246\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1879042\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1881637\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1886587\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1893070\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1901304\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1904060\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25633\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-25640\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 209, 400, 401, 532);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/09/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/01/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/01/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-commons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-core-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-dto\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hornetq-protocol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hqclient-protocol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jdbc-store\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-journal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-ra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-selector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-service-extensions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-jsf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hal-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-entitymanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-envers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-java8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-httpcomponents-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4-to-eap7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.2-to-eap7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.3-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-compensations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jts-idlj\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jts-integration\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-bridge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-integration\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-util\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-txframework\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-opentracing-interceptors\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-atom-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-cdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-client-microprofile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-crypto\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson2-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxb-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxrs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jettison-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jose-jwt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jsapi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-json-binding-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-json-p-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-multipart-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-rxjava2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-spring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-validator-provider-11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-yaml-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-undertow\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-discovery-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron-tool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-client-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-ejb-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-naming-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-transaction-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '6')) audit(AUDIT_OS_NOT, 'Red Hat 6.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'jboss_enterprise_application_platform_7_3_el6': [\n 'jb-eap-7.3-for-rhel-6-server-debug-rpms',\n 'jb-eap-7.3-for-rhel-6-server-rpms',\n 'jb-eap-7.3-for-rhel-6-server-source-rpms'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'eap7-activemq-artemis-2.9.0-7.redhat_00017.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-activemq-artemis-cli-2.9.0-7.redhat_00017.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-activemq-artemis-commons-2.9.0-7.redhat_00017.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-activemq-artemis-core-client-2.9.0-7.redhat_00017.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-activemq-artemis-dto-2.9.0-7.redhat_00017.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-activemq-artemis-hornetq-protocol-2.9.0-7.redhat_00017.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-activemq-artemis-hqclient-protocol-2.9.0-7.redhat_00017.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-activemq-artemis-jdbc-store-2.9.0-7.redhat_00017.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-activemq-artemis-jms-client-2.9.0-7.redhat_00017.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-activemq-artemis-jms-server-2.9.0-7.redhat_00017.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-activemq-artemis-journal-2.9.0-7.redhat_00017.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-activemq-artemis-ra-2.9.0-7.redhat_00017.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-activemq-artemis-selector-2.9.0-7.redhat_00017.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-activemq-artemis-server-2.9.0-7.redhat_00017.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-activemq-artemis-service-extensions-2.9.0-7.redhat_00017.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-activemq-artemis-tools-2.9.0-7.redhat_00017.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-glassfish-jsf-2.3.9-12.SP13_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-hal-console-3.2.12-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-hibernate-5.3.20-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-hibernate-core-5.3.20-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-hibernate-entitymanager-5.3.20-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-hibernate-envers-5.3.20-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-hibernate-java8-5.3.20-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-httpcomponents-client-4.5.13-1.redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-ejb-client-4.0.37-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-genericjms-2.0.8-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-modules-1.11.0-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-remoting-5.0.20-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-1.7.2-4.Final_redhat_00005.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-cli-1.7.2-4.Final_redhat_00005.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-core-1.7.2-4.Final_redhat_00005.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-eap6.4-1.7.2-4.Final_redhat_00005.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-eap6.4-to-eap7.3-1.7.2-4.Final_redhat_00005.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-eap7.0-1.7.2-4.Final_redhat_00005.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-eap7.1-1.7.2-4.Final_redhat_00005.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-eap7.2-1.7.2-4.Final_redhat_00005.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-eap7.2-to-eap7.3-1.7.2-4.Final_redhat_00005.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-eap7.3-server-1.7.2-4.Final_redhat_00005.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-wildfly10.0-1.7.2-4.Final_redhat_00005.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-wildfly10.1-1.7.2-4.Final_redhat_00005.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-wildfly11.0-1.7.2-4.Final_redhat_00005.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-wildfly12.0-1.7.2-4.Final_redhat_00005.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-wildfly13.0-server-1.7.2-4.Final_redhat_00005.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-wildfly14.0-server-1.7.2-4.Final_redhat_00005.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-wildfly15.0-server-1.7.2-4.Final_redhat_00005.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-wildfly16.0-server-1.7.2-4.Final_redhat_00005.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-wildfly17.0-server-1.7.2-4.Final_redhat_00005.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-wildfly18.0-server-1.7.2-4.Final_redhat_00005.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-wildfly8.2-1.7.2-4.Final_redhat_00005.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-server-migration-wildfly9.0-1.7.2-4.Final_redhat_00005.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-jboss-xnio-base-3.7.12-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-narayana-5.9.10-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-narayana-compensations-5.9.10-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-narayana-jbosstxbridge-5.9.10-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-narayana-jbossxts-5.9.10-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-narayana-jts-idlj-5.9.10-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-narayana-jts-integration-5.9.10-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-narayana-restat-api-5.9.10-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-narayana-restat-bridge-5.9.10-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-narayana-restat-integration-5.9.10-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-narayana-restat-util-5.9.10-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-narayana-txframework-5.9.10-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-opentracing-interceptors-0.0.4.1-2.redhat_00002.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-resteasy-3.11.3-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-resteasy-atom-provider-3.11.3-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-resteasy-cdi-3.11.3-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-resteasy-client-3.11.3-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-resteasy-client-microprofile-3.11.3-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-resteasy-crypto-3.11.3-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-resteasy-jackson-provider-3.11.3-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-resteasy-jackson2-provider-3.11.3-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-resteasy-jaxb-provider-3.11.3-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-resteasy-jaxrs-3.11.3-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-resteasy-jettison-provider-3.11.3-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-resteasy-jose-jwt-3.11.3-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-resteasy-jsapi-3.11.3-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-resteasy-json-binding-provider-3.11.3-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-resteasy-json-p-provider-3.11.3-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-resteasy-multipart-provider-3.11.3-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-resteasy-rxjava2-3.11.3-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-resteasy-spring-3.11.3-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-resteasy-validator-provider-11-3.11.3-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-resteasy-yaml-provider-3.11.3-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-undertow-2.0.33-1.SP2_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-wildfly-7.3.5-2.GA_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-wildfly-discovery-client-1.2.1-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-wildfly-elytron-1.10.10-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-wildfly-elytron-tool-1.10.10-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-wildfly-http-client-common-1.0.24-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-wildfly-http-ejb-client-1.0.24-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-wildfly-http-naming-client-1.0.24-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-wildfly-http-transaction-client-1.0.24-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-wildfly-javadocs-7.3.5-2.GA_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']},\n {'reference':'eap7-wildfly-modules-7.3.5-2.GA_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_3_el6']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'eap7-activemq-artemis / eap7-activemq-artemis-cli / etc');\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-15T18:09:33", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3656 advisory.\n\n - velocity: arbitrary code execution when attacker is able to modify templates (CVE-2020-13936)\n\n - netty: possible request smuggling in HTTP/2 due missing validation (CVE-2021-21295)\n\n - netty: Request smuggling via content-length header (CVE-2021-21409)\n\n - jakarta-el: ELParserTokenManager enables invalid EL expressions to be evaluate (CVE-2021-28170)\n\n - apache-commons-io: Limited path traversal in Apache Commons IO 2.2 to 2.6 (CVE-2021-29425)\n\n - wildfly: XSS via admin console when creating roles in domain mode (CVE-2021-3536)\n\n - undertow: HTTP2SourceChannel fails to write final frame under some circumstances may lead to DoS (CVE-2021-3597)\n\n - wildfly-elytron: possible timing attack in ScramServer (CVE-2021-3642)\n\n - wildfly-core: Invalid Sensitivity Classification of Vault Expression (CVE-2021-3644)\n\n - undertow: buffer leak on incoming websocket PONG message may lead to DoS (CVE-2021-3690)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-10-01T00:00:00", "type": "nessus", "title": "RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.4.1 security update on RHEL 7 (Important) (RHSA-2021:3656)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13936", "CVE-2021-21295", "CVE-2021-21409", "CVE-2021-28170", "CVE-2021-29425", "CVE-2021-3536", "CVE-2021-3597", "CVE-2021-3642", "CVE-2021-3644", "CVE-2021-3690"], "modified": "2021-10-04T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:eap7-apache-commons-io", "p-cpe:/a:redhat:enterprise_linux:eap7-artemis-wildfly-integration", "p-cpe:/a:redhat:enterprise_linux:eap7-hal-console", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-core", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-entitymanager", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-envers", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-java8", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-jdbc", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-remote", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-client-hotrod", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-commons", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-component-annotations", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-core", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-commons", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-spi", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-v53", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-api", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-spi", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-api", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-deployers-common", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-jdbc", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-validator", "p-cpe:/a:redhat:enterprise_linux:eap7-jakarta-el", "p-cpe:/a:redhat:enterprise_linux:eap7-jberet", "p-cpe:/a:redhat:enterprise_linux:eap7-jberet-core", "p-cpe:/a:redhat:enterprise_linux:eap7-jgroups-kubernetes", "p-cpe:/a:redhat:enterprise_linux:eap7-netty", "p-cpe:/a:redhat:enterprise_linux:eap7-netty-all", "p-cpe:/a:redhat:enterprise_linux:eap7-picketbox", "p-cpe:/a:redhat:enterprise_linux:eap7-picketbox-infinispan", "p-cpe:/a:redhat:enterprise_linux:eap7-undertow", "p-cpe:/a:redhat:enterprise_linux:eap7-undertow-server", "p-cpe:/a:redhat:enterprise_linux:eap7-velocity", "p-cpe:/a:redhat:enterprise_linux:eap7-velocity-engine-core", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron-tool", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-client-common", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-ejb-client", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-naming-client", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-transaction-client", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-java-jdk11", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-java-jdk8", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-transaction-client", "p-cpe:/a:redhat:enterprise_linux:eap7-xalan-j2", "p-cpe:/a:redhat:enterprise_linux:eap7-yasson"], "id": "REDHAT-RHSA-2021-3656.NASL", "href": "https://www.tenable.com/plugins/nessus/153835", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:3656. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153835);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/04\");\n\n script_cve_id(\n \"CVE-2020-13936\",\n \"CVE-2021-3536\",\n \"CVE-2021-3597\",\n \"CVE-2021-3642\",\n \"CVE-2021-3644\",\n \"CVE-2021-3690\",\n \"CVE-2021-21295\",\n \"CVE-2021-21409\",\n \"CVE-2021-28170\",\n \"CVE-2021-29425\"\n );\n script_xref(name:\"RHSA\", value:\"2021:3656\");\n script_xref(name:\"IAVA\", value:\"2021-A-0392\");\n script_xref(name:\"IAVA\", value:\"2021-A-0347\");\n\n script_name(english:\"RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.4.1 security update on RHEL 7 (Important) (RHSA-2021:3656)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:3656 advisory.\n\n - velocity: arbitrary code execution when attacker is able to modify templates (CVE-2020-13936)\n\n - netty: possible request smuggling in HTTP/2 due missing validation (CVE-2021-21295)\n\n - netty: Request smuggling via content-length header (CVE-2021-21409)\n\n - jakarta-el: ELParserTokenManager enables invalid EL expressions to be evaluate (CVE-2021-28170)\n\n - apache-commons-io: Limited path traversal in Apache Commons IO 2.2 to 2.6 (CVE-2021-29425)\n\n - wildfly: XSS via admin console when creating roles in domain mode (CVE-2021-3536)\n\n - undertow: HTTP2SourceChannel fails to write final frame under some circumstances may lead to DoS\n (CVE-2021-3597)\n\n - wildfly-elytron: possible timing attack in ScramServer (CVE-2021-3642)\n\n - wildfly-core: Invalid Sensitivity Classification of Vault Expression (CVE-2021-3644)\n\n - undertow: buffer leak on incoming websocket PONG message may lead to DoS (CVE-2021-3690)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/22.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/77.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/79.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/94.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/200.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/203.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/362.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/400.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/444.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-13936\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3536\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3597\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3642\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3644\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3690\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-21295\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-21409\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-28170\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-29425\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:3656\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1937364\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1937440\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1944888\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1948001\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1948752\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1965497\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1970930\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1976052\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1981407\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1991299\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13936\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(20, 22, 77, 79, 94, 200, 203, 362, 400, 444);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-apache-commons-io\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-artemis-wildfly-integration\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hal-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-entitymanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-envers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-java8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-remote\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-client-hotrod\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-commons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-component-annotations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-commons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-spi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-v53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-spi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-deployers-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-validator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jakarta-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jberet\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jberet-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jgroups-kubernetes\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-netty\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-netty-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketbox-infinispan\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-undertow\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-undertow-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-velocity\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-velocity-engine-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron-tool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-client-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-ejb-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-naming-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-transaction-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-java-jdk11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-java-jdk8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-transaction-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-xalan-j2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-yasson\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'jboss_enterprise_application_platform_7_4_el7': [\n 'jb-eap-7.4-for-rhel-7-server-debug-rpms',\n 'jb-eap-7.4-for-rhel-7-server-rpms',\n 'jb-eap-7.4-for-rhel-7-server-source-rpms'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'eap7-apache-commons-io-2.10.0-1.redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-artemis-wildfly-integration-1.0.4-1.redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-hal-console-3.3.7-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-hibernate-5.3.21-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-hibernate-core-5.3.21-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-hibernate-entitymanager-5.3.21-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-hibernate-envers-5.3.21-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-hibernate-java8-5.3.21-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-infinispan-11.0.12-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-infinispan-cachestore-jdbc-11.0.12-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-infinispan-cachestore-remote-11.0.12-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-infinispan-client-hotrod-11.0.12-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-infinispan-commons-11.0.12-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-infinispan-component-annotations-11.0.12-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-infinispan-core-11.0.12-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-infinispan-hibernate-cache-commons-11.0.12-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-infinispan-hibernate-cache-spi-11.0.12-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-infinispan-hibernate-cache-v53-11.0.12-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-ironjacamar-1.4.35-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-ironjacamar-common-api-1.4.35-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-ironjacamar-common-impl-1.4.35-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-ironjacamar-common-spi-1.4.35-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-ironjacamar-core-api-1.4.35-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-ironjacamar-core-impl-1.4.35-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-ironjacamar-deployers-common-1.4.35-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-ironjacamar-jdbc-1.4.35-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-ironjacamar-validator-1.4.35-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-jakarta-el-3.0.3-2.redhat_00006.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-jberet-1.3.9-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-jberet-core-1.3.9-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-jboss-remoting-5.0.23-2.SP1_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-jboss-server-migration-1.10.0-8.Final_redhat_00009.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-jboss-server-migration-cli-1.10.0-8.Final_redhat_00009.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-jboss-server-migration-core-1.10.0-8.Final_redhat_00009.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-jgroups-kubernetes-1.0.16-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-netty-4.1.63-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-netty-all-4.1.63-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-picketbox-5.0.3-9.Final_redhat_00008.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-picketbox-infinispan-5.0.3-9.Final_redhat_00008.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-undertow-2.2.9-2.SP1_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-undertow-server-1.9.1-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-velocity-2.3.0-1.redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-velocity-engine-core-2.3.0-1.redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-wildfly-7.4.1-2.GA_redhat_00003.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-wildfly-elytron-1.15.5-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-wildfly-elytron-tool-1.15.5-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-wildfly-http-client-common-1.1.8-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-wildfly-http-ejb-client-1.1.8-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-wildfly-http-naming-client-1.1.8-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-wildfly-http-transaction-client-1.1.8-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-wildfly-java-jdk11-7.4.1-2.GA_redhat_00003.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-wildfly-java-jdk8-7.4.1-2.GA_redhat_00003.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-wildfly-javadocs-7.4.1-2.GA_redhat_00003.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-wildfly-modules-7.4.1-2.GA_redhat_00003.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-wildfly-transaction-client-1.1.14-2.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-xalan-j2-2.7.1-36.redhat_00013.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']},\n {'reference':'eap7-yasson-1.0.9-1.redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss', 'repo_list':['jboss_enterprise_application_platform_7_4_el7']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'eap7-apache-commons-io / eap7-artemis-wildfly-integration / etc');\n}\n", "cvss": {"score": 9, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T18:10:08", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3658 advisory.\n\n - velocity: arbitrary code execution when attacker is able to modify templates (CVE-2020-13936)\n\n - netty: possible request smuggling in HTTP/2 due missing validation (CVE-2021-21295)\n\n - netty: Request smuggling via content-length header (CVE-2021-21409)\n\n - jakarta-el: ELParserTokenManager enables invalid EL expressions to be evaluate (CVE-2021-28170)\n\n - apache-commons-io: Limited path traversal in Apache Commons IO 2.2 to 2.6 (CVE-2021-29425)\n\n - wildfly: XSS via admin console when creating roles in domain mode (CVE-2021-3536)\n\n - undertow: HTTP2SourceChannel fails to write final frame under some circumstances may lead to DoS (CVE-2021-3597)\n\n - wildfly-elytron: possible timing attack in ScramServer (CVE-2021-3642)\n\n - wildfly-core: Invalid Sensitivity Classification of Vault Expression (CVE-2021-3644)\n\n - undertow: buffer leak on incoming websocket PONG message may lead to DoS (CVE-2021-3690)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-10-01T00:00:00", "type": "nessus", "title": "RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.4.1 security update on RHEL 8 (Important) (RHSA-2021:3658)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13936", "CVE-2021-21295", "CVE-2021-21409", "CVE-2021-28170", "CVE-2021-29425", "CVE-2021-3536", "CVE-2021-3597", "CVE-2021-3642", "CVE-2021-3644", "CVE-2021-3690"], "modified": "2021-10-04T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:eap7-apache-commons-io", "p-cpe:/a:redhat:enterprise_linux:eap7-artemis-wildfly-integration", "p-cpe:/a:redhat:enterprise_linux:eap7-hal-console", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-core", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-entitymanager", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-envers", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-java8", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-jdbc", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-remote", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-client-hotrod", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-commons", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-component-annotations", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-core", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-commons", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-spi", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-v53", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-api", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-spi", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-api", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-deployers-common", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-jdbc", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-validator", "p-cpe:/a:redhat:enterprise_linux:eap7-jakarta-el", "p-cpe:/a:redhat:enterprise_linux:eap7-jberet", "p-cpe:/a:redhat:enterprise_linux:eap7-jberet-core", "p-cpe:/a:redhat:enterprise_linux:eap7-jgroups-kubernetes", "p-cpe:/a:redhat:enterprise_linux:eap7-netty", "p-cpe:/a:redhat:enterprise_linux:eap7-netty-all", "p-cpe:/a:redhat:enterprise_linux:eap7-picketbox", "p-cpe:/a:redhat:enterprise_linux:eap7-picketbox-infinispan", "p-cpe:/a:redhat:enterprise_linux:eap7-undertow", "p-cpe:/a:redhat:enterprise_linux:eap7-undertow-server", "p-cpe:/a:redhat:enterprise_linux:eap7-velocity", "p-cpe:/a:redhat:enterprise_linux:eap7-velocity-engine-core", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron-tool", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-client-common", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-ejb-client", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-naming-client", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-transaction-client", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-transaction-client", "p-cpe:/a:redhat:enterprise_linux:eap7-xalan-j2", "p-cpe:/a:redhat:enterprise_linux:eap7-yasson"], "id": "REDHAT-RHSA-2021-3658.NASL", "href": "https://www.tenable.com/plugins/nessus/153832", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:3658. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153832);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/04\");\n\n script_cve_id(\n \"CVE-2020-13936\",\n \"CVE-2021-3536\",\n \"CVE-2021-3597\",\n \"CVE-2021-3642\",\n \"CVE-2021-3644\",\n \"CVE-2021-3690\",\n \"CVE-2021-21295\",\n \"CVE-2021-21409\",\n \"CVE-2021-28170\",\n \"CVE-2021-29425\"\n );\n script_xref(name:\"RHSA\", value:\"2021:3658\");\n script_xref(name:\"IAVA\", value:\"2021-A-0392\");\n script_xref(name:\"IAVA\", value:\"2021-A-0347\");\n\n script_name(english:\"RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.4.1 security update on RHEL 8 (Important) (RHSA-2021:3658)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:3658 advisory.\n\n - velocity: arbitrary code execution when attacker is able to modify templates (CVE-2020-13936)\n\n - netty: possible request smuggling in HTTP/2 due missing validation (CVE-2021-21295)\n\n - netty: Request smuggling via content-length header (CVE-2021-21409)\n\n - jakarta-el: ELParserTokenManager enables invalid EL expressions to be evaluate (CVE-2021-28170)\n\n - apache-commons-io: Limited path traversal in Apache Commons IO 2.2 to 2.6 (CVE-2021-29425)\n\n - wildfly: XSS via admin console when creating roles in domain mode (CVE-2021-3536)\n\n - undertow: HTTP2SourceChannel fails to write final frame under some circumstances may lead to DoS\n (CVE-2021-3597)\n\n - wildfly-elytron: possible timing attack in ScramServer (CVE-2021-3642)\n\n - wildfly-core: Invalid Sensitivity Classification of Vault Expression (CVE-2021-3644)\n\n - undertow: buffer leak on incoming websocket PONG message may lead to DoS (CVE-2021-3690)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/22.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/77.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/79.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/94.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/200.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/203.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/362.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/400.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/444.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-13936\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3536\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3597\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3642\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3644\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3690\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-21295\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-21409\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-28170\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-29425\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:3658\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1937364\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1937440\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1944888\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1948001\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1948752\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1965497\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1970930\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1976052\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1981407\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1991299\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C