Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/hornetq-native@2.3.25-4.SP11_redhat_1.ep6?arch=el7

Type rpm

Namespace redhat

Name hornetq-native

Version 2.3.25-4.SP11_redhat_1.ep6

Qualifiers

arch	el7

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-k4kb-21tp-4kc8

vulnerability_id

VCID-k4kb-21tp-4kc8

summary

An HTTP request smuggling attack was possible due to a bug in parsing of chunked requests. A malicious client could force the server to misinterpret the request length, allowing cache poisoning or credential hijacking if an intermediary proxy is in use.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3183.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3183.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-3183

reference_id

reference_type

scores

value	0.28343
scoring_system	epss
scoring_elements	0.96477
published_at	2026-04-01T12:55:00Z

value	0.28343
scoring_system	epss
scoring_elements	0.96485
published_at	2026-04-02T12:55:00Z

value	0.28343
scoring_system	epss
scoring_elements	0.96489
published_at	2026-04-04T12:55:00Z

value	0.28343
scoring_system	epss
scoring_elements	0.96494
published_at	2026-04-07T12:55:00Z

value	0.28343
scoring_system	epss
scoring_elements	0.96502
published_at	2026-04-08T12:55:00Z

value	0.28343
scoring_system	epss
scoring_elements	0.96505
published_at	2026-04-09T12:55:00Z

value	0.28343
scoring_system	epss
scoring_elements	0.96508
published_at	2026-04-12T12:55:00Z

value	0.28343
scoring_system	epss
scoring_elements	0.96511
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-3183

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3185
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3185

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1243887
reference_id	1243887
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1243887

reference_url

https://httpd.apache.org/security/json/CVE-2015-3183.json

reference_id

CVE-2015-3183

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2015-3183.json

reference_url	https://security.gentoo.org/glsa/201610-02
reference_id	GLSA-201610-02
reference_type
scores
url	https://security.gentoo.org/glsa/201610-02

reference_url	https://access.redhat.com/errata/RHSA-2015:1666
reference_id	RHSA-2015:1666
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1666

reference_url	https://access.redhat.com/errata/RHSA-2015:1667
reference_id	RHSA-2015:1667
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1667

reference_url	https://access.redhat.com/errata/RHSA-2015:1668
reference_id	RHSA-2015:1668
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1668

reference_url	https://access.redhat.com/errata/RHSA-2015:2661
reference_id	RHSA-2015:2661
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2661

reference_url	https://access.redhat.com/errata/RHSA-2016:0061
reference_id	RHSA-2016:0061
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0061

reference_url	https://access.redhat.com/errata/RHSA-2016:0062
reference_id	RHSA-2016:0062
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0062

reference_url	https://access.redhat.com/errata/RHSA-2016:2054
reference_id	RHSA-2016:2054
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2054

reference_url	https://access.redhat.com/errata/RHSA-2016:2055
reference_id	RHSA-2016:2055
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2055

reference_url	https://access.redhat.com/errata/RHSA-2016:2056
reference_id	RHSA-2016:2056
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2056

reference_url	https://usn.ubuntu.com/2686-1/
reference_id	USN-2686-1
reference_type
scores
url	https://usn.ubuntu.com/2686-1/

fixed_packages

aliases

CVE-2015-3183

risk_score

1.6

exploitability

0.5

weighted_severity

3.3

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-k4kb-21tp-4kc8

url

VCID-snj8-2smt-3kdv

vulnerability_id

VCID-snj8-2smt-3kdv

summary

mod_cluster Denial of Service vulnerability
mod_cluster, as used in Red Hat JBoss Web Server 2.1, allows remote attackers to cause a denial of service (Apache http server crash) via an MCMP message containing a series of = (equals) characters after a legitimate element.

references

reference_url

http://rhn.redhat.com/errata/RHSA-2016-1648.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2016-1648.html

reference_url

http://rhn.redhat.com/errata/RHSA-2016-1649.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2016-1649.html

reference_url

http://rhn.redhat.com/errata/RHSA-2016-1650.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2016-1650.html

reference_url

http://rhn.redhat.com/errata/RHSA-2016-2054.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2016-2054.html

reference_url

http://rhn.redhat.com/errata/RHSA-2016-2055.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2016-2055.html

reference_url

http://rhn.redhat.com/errata/RHSA-2016-2056.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2016-2056.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3110.json

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3110.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-3110

reference_id

reference_type

scores

value	0.03218
scoring_system	epss
scoring_elements	0.87042
published_at	2026-04-13T12:55:00Z

value	0.03218
scoring_system	epss
scoring_elements	0.8699
published_at	2026-04-01T12:55:00Z

value	0.03218
scoring_system	epss
scoring_elements	0.87001
published_at	2026-04-02T12:55:00Z

value	0.03218
scoring_system	epss
scoring_elements	0.8702
published_at	2026-04-04T12:55:00Z

value	0.03218
scoring_system	epss
scoring_elements	0.87012
published_at	2026-04-07T12:55:00Z

value	0.03218
scoring_system	epss
scoring_elements	0.87033
published_at	2026-04-08T12:55:00Z

value	0.03218
scoring_system	epss
scoring_elements	0.8704
published_at	2026-04-09T12:55:00Z

value	0.03218
scoring_system	epss
scoring_elements	0.87053
published_at	2026-04-11T12:55:00Z

value	0.03218
scoring_system	epss
scoring_elements	0.87048
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-3110

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1326320

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1326320

reference_url

https://github.com/modcluster/mod_cluster

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/modcluster/mod_cluster

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6JMA2YLPK6SEUVF5Q3QEANHYEPRZA2RI

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6JMA2YLPK6SEUVF5Q3QEANHYEPRZA2RI

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CX5QNNIVAUB2VVDV6TR3YMFTL6VRKOBO

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CX5QNNIVAUB2VVDV6TR3YMFTL6VRKOBO

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HE5YZTBZRXCMQFT5LDLZG2HAYBKMYQLL

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HE5YZTBZRXCMQFT5LDLZG2HAYBKMYQLL

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6JMA2YLPK6SEUVF5Q3QEANHYEPRZA2RI

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6JMA2YLPK6SEUVF5Q3QEANHYEPRZA2RI

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CX5QNNIVAUB2VVDV6TR3YMFTL6VRKOBO

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CX5QNNIVAUB2VVDV6TR3YMFTL6VRKOBO

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HE5YZTBZRXCMQFT5LDLZG2HAYBKMYQLL

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HE5YZTBZRXCMQFT5LDLZG2HAYBKMYQLL

reference_url

https://web.archive.org/web/20200227231527/http://www.securityfocus.com/bid/92584

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20200227231527/http://www.securityfocus.com/bid/92584

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-3110

reference_id

CVE-2016-3110

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2016-3110

reference_url

https://github.com/advisories/GHSA-68qq-3phh-53j7

reference_id

GHSA-68qq-3phh-53j7

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-68qq-3phh-53j7

reference_url	https://access.redhat.com/errata/RHSA-2016:1648
reference_id	RHSA-2016:1648
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1648

reference_url	https://access.redhat.com/errata/RHSA-2016:1649
reference_id	RHSA-2016:1649
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1649

reference_url	https://access.redhat.com/errata/RHSA-2016:1650
reference_id	RHSA-2016:1650
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1650

reference_url	https://access.redhat.com/errata/RHSA-2016:2054
reference_id	RHSA-2016:2054
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2054

reference_url	https://access.redhat.com/errata/RHSA-2016:2055
reference_id	RHSA-2016:2055
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2055

reference_url	https://access.redhat.com/errata/RHSA-2016:2056
reference_id	RHSA-2016:2056
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2056

fixed_packages

aliases

CVE-2016-3110, GHSA-68qq-3phh-53j7

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-snj8-2smt-3kdv

url

VCID-y2dr-h2d9-xbaa

vulnerability_id

VCID-y2dr-h2d9-xbaa

summary

mod_cluster: Buffer overflow in mod_manager when sending request with long JVMRoute

references

reference_url	http://rhn.redhat.com/errata/RHSA-2016-2054.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-2054.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-2055.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-2055.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-2056.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-2056.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-2957.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-2957.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4459.json

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4459.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-4459

reference_id

reference_type

scores

value	0.01537
scoring_system	epss
scoring_elements	0.81284
published_at	2026-04-01T12:55:00Z

value	0.01537
scoring_system	epss
scoring_elements	0.81346
published_at	2026-04-13T12:55:00Z

value	0.01537
scoring_system	epss
scoring_elements	0.81369
published_at	2026-04-11T12:55:00Z

value	0.01537
scoring_system	epss
scoring_elements	0.81354
published_at	2026-04-12T12:55:00Z

value	0.01537
scoring_system	epss
scoring_elements	0.81293
published_at	2026-04-02T12:55:00Z

value	0.01537
scoring_system	epss
scoring_elements	0.81316
published_at	2026-04-04T12:55:00Z

value	0.01537
scoring_system	epss
scoring_elements	0.81314
published_at	2026-04-07T12:55:00Z

value	0.01537
scoring_system	epss
scoring_elements	0.81343
published_at	2026-04-08T12:55:00Z

value	0.01537
scoring_system	epss
scoring_elements	0.81348
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-4459

reference_url	http://www.securityfocus.com/bid/93555
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/93555

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1341583
reference_id	1341583
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1341583

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:mod_cluster:1.2.9:::::::*
reference_id	cpe:2.3:a:redhat:mod_cluster:1.2.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:mod_cluster:1.2.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-4459

reference_id

CVE-2016-4459

reference_type

scores

value	7.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:C

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-4459

reference_url	https://access.redhat.com/errata/RHSA-2016:2054
reference_id	RHSA-2016:2054
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2054

reference_url	https://access.redhat.com/errata/RHSA-2016:2055
reference_id	RHSA-2016:2055
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2055

reference_url	https://access.redhat.com/errata/RHSA-2016:2056
reference_id	RHSA-2016:2056
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2056

reference_url	https://access.redhat.com/errata/RHSA-2016:2957
reference_id	RHSA-2016:2957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2957

reference_url	https://access.redhat.com/errata/RHSA-2017:0193
reference_id	RHSA-2017:0193
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0193

reference_url	https://access.redhat.com/errata/RHSA-2017:0194
reference_id	RHSA-2017:0194
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0194

fixed_packages

aliases

CVE-2016-4459

risk_score

3.5

exploitability

0.5

weighted_severity

7.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-y2dr-h2d9-xbaa

Fixing_vulnerabilities

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/hornetq-native@2.3.25-4.SP11_redhat_1.ep6%3Farch=el7

Package Instance