{"id":"RHSA-2020:4847","summary":"Red Hat Security Advisory: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update","modified":"2026-04-02T10:01:29Z","published":"2024-10-21T23:23:45Z","upstream":["CVE-2015-9251","CVE-2016-10735","CVE-2018-14040","CVE-2018-14042","CVE-2019-10146","CVE-2019-10179","CVE-2019-10221","CVE-2019-11358","CVE-2019-8331","CVE-2020-11022","CVE-2020-11023","CVE-2020-15720","CVE-2020-1721","CVE-2020-1935","CVE-2020-1938","CVE-2020-25715","CVE-2022-25762"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2020:4847"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#moderate"},{"type":"ARTICLE","url":"https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1376706"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1399546"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1406505"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1601614"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1601617"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1666907"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1668097"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1686454"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1695901"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1701972"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1706521"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1710171"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1721684"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1724433"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1732565"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1732981"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1777579"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1805541"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1817247"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1821851"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1822246"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1824939"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1824948"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1825998"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1828406"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1842734"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1842736"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1843537"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1845447"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1850004"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1854043"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1854959"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1855273"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1855319"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1856368"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1857933"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1861911"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1869893"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1871064"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1873235"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_4847.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2015-9251"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2015-9251"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2015-9251"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2016-10735"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2016-10735"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2016-10735"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-14040"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-14040"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14040"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-14042"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-14042"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14042"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-8331"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-8331"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-8331"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-10146"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-10146"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10146"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-10179"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-10179"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10179"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-10221"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-10221"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10221"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-11358"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-11358"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11358"},{"type":"ARTICLE","url":"https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"},{"type":"ARTICLE","url":"https://www.drupal.org/sa-core-2019-006"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2020-1721"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2020-1721"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1721"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2020-1935"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1806835"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2020-1935"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1935"},{"type":"ARTICLE","url":"https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100"},{"type":"ARTICLE","url":"https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51"},{"type":"ARTICLE","url":"https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2020-1938"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1806398"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2020-1938"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1938"},{"type":"ARTICLE","url":"https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/"},{"type":"ARTICLE","url":"https://www.cnvd.org.cn/webinfo/show/5415"},{"type":"ARTICLE","url":"https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487"},{"type":"ARTICLE","url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2020-11022"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2020-11022"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-11022"},{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-gxr4-xjj5-5px2"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2020-11023"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2020-11023"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-11023"},{"type":"ARTICLE","url":"https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2020-15720"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2020-15720"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-15720"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2020-25715"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1891016"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2020-25715"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-25715"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-25762"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2085304"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-25762"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-25762"},{"type":"ARTICLE","url":"https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.76"}],"affected":[{"package":{"name":"apache-commons-collections","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/apache-commons-collections"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.2.2-10.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"apache-commons-lang","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/apache-commons-lang"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.6-21.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"apache-commons-net","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/apache-commons-net"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.6-3.module+el8.3.0+6805+72837426"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"bea-stax","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/bea-stax"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.0-16.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"bea-stax-api","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/bea-stax-api"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.0-16.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"glassfish-fastinfoset","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/glassfish-fastinfoset"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.13-9.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"glassfish-jaxb","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/glassfish-jaxb"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.2.11-11.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"glassfish-jaxb-api","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/glassfish-jaxb-api"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.2.12-8.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"glassfish-jaxb-core","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/glassfish-jaxb-core"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.2.11-11.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"glassfish-jaxb-runtime","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/glassfish-jaxb-runtime"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.2.11-11.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"glassfish-jaxb-txw2","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/glassfish-jaxb-txw2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.2.11-11.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"jackson-annotations","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/jackson-annotations"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.10.0-1.module+el8.2.0+5059+3eb3af25"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"jackson-core","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/jackson-core"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.10.0-1.module+el8.2.0+5059+3eb3af25"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"jackson-databind","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/jackson-databind"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.10.0-1.module+el8.2.0+5059+3eb3af25"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"jackson-jaxrs-json-provider","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/jackson-jaxrs-json-provider"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.9.9-1.module+el8.1.0+3832+9784644d"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"jackson-jaxrs-providers","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/jackson-jaxrs-providers"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.9.9-1.module+el8.1.0+3832+9784644d"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"jackson-module-jaxb-annotations","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/jackson-module-jaxb-annotations"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.7.6-4.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"jakarta-commons-httpclient","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/jakarta-commons-httpclient"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:3.1-28.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"javassist","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/javassist"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.18.1-8.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"javassist-javadoc","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/javassist-javadoc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.18.1-8.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"jss","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/jss"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.7.3-1.module+el8.3.0+8058+d5cd4219"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"jss-debuginfo","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/jss-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.7.3-1.module+el8.3.0+8058+d5cd4219"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"jss-debugsource","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/jss-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.7.3-1.module+el8.3.0+8058+d5cd4219"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"jss-javadoc","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/jss-javadoc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.7.3-1.module+el8.3.0+8058+d5cd4219"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"ldapjdk","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/ldapjdk"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.22.0-1.module+el8.3.0+6784+6e1e4c62"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"ldapjdk-javadoc","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/ldapjdk-javadoc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.22.0-1.module+el8.3.0+6784+6e1e4c62"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"pki-base","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/pki-base"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:10.9.4-1.module+el8.3.0+8058+d5cd4219"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"pki-base-java","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/pki-base-java"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:10.9.4-1.module+el8.3.0+8058+d5cd4219"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"pki-ca","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/pki-ca"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:10.9.4-1.module+el8.3.0+8058+d5cd4219"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"pki-core","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/pki-core"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:10.9.4-1.module+el8.3.0+8058+d5cd4219"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"pki-core-debuginfo","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/pki-core-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:10.9.4-1.module+el8.3.0+8058+d5cd4219"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"pki-core-debugsource","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/pki-core-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:10.9.4-1.module+el8.3.0+8058+d5cd4219"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"pki-kra","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/pki-kra"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:10.9.4-1.module+el8.3.0+8058+d5cd4219"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"pki-server","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/pki-server"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:10.9.4-1.module+el8.3.0+8058+d5cd4219"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"pki-servlet-4.0-api","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/pki-servlet-4.0-api"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:9.0.30-1.module+el8.3.0+6730+8f9c6254"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"pki-servlet-engine","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/pki-servlet-engine"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:9.0.30-1.module+el8.3.0+6730+8f9c6254"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"pki-symkey","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/pki-symkey"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:10.9.4-1.module+el8.3.0+8058+d5cd4219"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"pki-symkey-debuginfo","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/pki-symkey-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:10.9.4-1.module+el8.3.0+8058+d5cd4219"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"pki-tools","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/pki-tools"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:10.9.4-1.module+el8.3.0+8058+d5cd4219"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"pki-tools-debuginfo","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/pki-tools-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:10.9.4-1.module+el8.3.0+8058+d5cd4219"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"python-nss","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/python-nss"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0.1-10.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"python-nss-debugsource","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/python-nss-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0.1-10.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"python-nss-doc","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/python-nss-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0.1-10.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"python3-nss","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/python3-nss"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0.1-10.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"python3-nss-debuginfo","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/python3-nss-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0.1-10.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"python3-pki","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/python3-pki"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:10.9.4-1.module+el8.3.0+8058+d5cd4219"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"relaxngDatatype","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/relaxngDatatype"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2011.1-7.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"resteasy","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/resteasy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.0.26-3.module+el8.2.0+5723+4574fbff"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"slf4j","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/slf4j"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.7.25-4.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"slf4j-jdk14","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/slf4j-jdk14"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.7.25-4.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"stax-ex","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/stax-ex"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.7.7-8.module+el8.2.0+5723+4574fbff"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"tomcatjss","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/tomcatjss"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.5.0-1.module+el8.3.0+7355+c59bcbd9"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"velocity","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/velocity"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.7-24.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"xalan-j2","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/xalan-j2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.7.1-38.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"xerces-j2","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/xerces-j2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.11.0-34.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"xml-commons-apis","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/xml-commons-apis"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.4.01-25.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"xml-commons-resolver","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/xml-commons-resolver"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2-26.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"xmlstreambuffer","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/xmlstreambuffer"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.5.4-8.module+el8.2.0+5723+4574fbff"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}},{"package":{"name":"xsom","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/xsom"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4847.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L"}]}