Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/jboss-as-host-controller@7.5.0-8.Final_redhat_21.1.ep6?arch=el5
Typerpm
Namespaceredhat
Namejboss-as-host-controller
Version7.5.0-8.Final_redhat_21.1.ep6
Qualifiers
arch el5
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-11ay-rahr-13az
vulnerability_id VCID-11ay-rahr-13az
summary PicketLink: Lack of validation for the Destination attribute in a Response element in a SAML assertion
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6254.json
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6254.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-6254
reference_id
reference_type
scores
0
value 0.00697
scoring_system epss
scoring_elements 0.71894
published_at 2026-04-01T12:55:00Z
1
value 0.00697
scoring_system epss
scoring_elements 0.71902
published_at 2026-04-02T12:55:00Z
2
value 0.00697
scoring_system epss
scoring_elements 0.7192
published_at 2026-04-04T12:55:00Z
3
value 0.00697
scoring_system epss
scoring_elements 0.71892
published_at 2026-04-07T12:55:00Z
4
value 0.00697
scoring_system epss
scoring_elements 0.71931
published_at 2026-04-13T12:55:00Z
5
value 0.00697
scoring_system epss
scoring_elements 0.71942
published_at 2026-04-09T12:55:00Z
6
value 0.00697
scoring_system epss
scoring_elements 0.71966
published_at 2026-04-11T12:55:00Z
7
value 0.00697
scoring_system epss
scoring_elements 0.71949
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-6254
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1974359
reference_id 1974359
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1974359
3
reference_url https://access.redhat.com/errata/RHSA-2015:0846
reference_id RHSA-2015:0846
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0846
4
reference_url https://access.redhat.com/errata/RHSA-2015:0847
reference_id RHSA-2015:0847
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0847
5
reference_url https://access.redhat.com/errata/RHSA-2015:0848
reference_id RHSA-2015:0848
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0848
6
reference_url https://access.redhat.com/errata/RHSA-2015:0849
reference_id RHSA-2015:0849
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0849
fixed_packages
aliases CVE-2015-6254
risk_score 2.9
exploitability 0.5
weighted_severity 5.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-11ay-rahr-13az
1
url VCID-2n2t-jyg7-gbev
vulnerability_id VCID-2n2t-jyg7-gbev
summary security update
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8111.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8111.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-8111
reference_id
reference_type
scores
0
value 0.03739
scoring_system epss
scoring_elements 0.88011
published_at 2026-04-13T12:55:00Z
1
value 0.03739
scoring_system epss
scoring_elements 0.87951
published_at 2026-04-01T12:55:00Z
2
value 0.03739
scoring_system epss
scoring_elements 0.87962
published_at 2026-04-02T12:55:00Z
3
value 0.03739
scoring_system epss
scoring_elements 0.87976
published_at 2026-04-04T12:55:00Z
4
value 0.03739
scoring_system epss
scoring_elements 0.87979
published_at 2026-04-07T12:55:00Z
5
value 0.03739
scoring_system epss
scoring_elements 0.88
published_at 2026-04-08T12:55:00Z
6
value 0.03739
scoring_system epss
scoring_elements 0.88007
published_at 2026-04-09T12:55:00Z
7
value 0.03739
scoring_system epss
scoring_elements 0.88017
published_at 2026-04-11T12:55:00Z
8
value 0.03739
scoring_system epss
scoring_elements 0.8801
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-8111
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8111
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8111
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1182591
reference_id 1182591
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1182591
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783233
reference_id 783233
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783233
6
reference_url https://access.redhat.com/errata/RHSA-2015:0846
reference_id RHSA-2015:0846
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0846
7
reference_url https://access.redhat.com/errata/RHSA-2015:0847
reference_id RHSA-2015:0847
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0847
8
reference_url https://access.redhat.com/errata/RHSA-2015:0848
reference_id RHSA-2015:0848
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0848
9
reference_url https://access.redhat.com/errata/RHSA-2015:0849
reference_id RHSA-2015:0849
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0849
10
reference_url https://access.redhat.com/errata/RHSA-2015:1641
reference_id RHSA-2015:1641
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1641
11
reference_url https://access.redhat.com/errata/RHSA-2015:1642
reference_id RHSA-2015:1642
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1642
fixed_packages
aliases CVE-2014-8111
risk_score 1.2
exploitability 0.5
weighted_severity 2.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2n2t-jyg7-gbev
2
url VCID-2qzz-yezu-r3gc
vulnerability_id VCID-2qzz-yezu-r3gc
summary CLI: Insecure default permissions on history file
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3586.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3586.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3586
reference_id
reference_type
scores
0
value 0.0008
scoring_system epss
scoring_elements 0.23504
published_at 2026-04-01T12:55:00Z
1
value 0.0008
scoring_system epss
scoring_elements 0.23665
published_at 2026-04-02T12:55:00Z
2
value 0.0008
scoring_system epss
scoring_elements 0.23707
published_at 2026-04-04T12:55:00Z
3
value 0.0008
scoring_system epss
scoring_elements 0.23487
published_at 2026-04-07T12:55:00Z
4
value 0.0008
scoring_system epss
scoring_elements 0.23557
published_at 2026-04-08T12:55:00Z
5
value 0.0008
scoring_system epss
scoring_elements 0.23603
published_at 2026-04-09T12:55:00Z
6
value 0.0008
scoring_system epss
scoring_elements 0.23619
published_at 2026-04-11T12:55:00Z
7
value 0.0008
scoring_system epss
scoring_elements 0.23578
published_at 2026-04-12T12:55:00Z
8
value 0.0008
scoring_system epss
scoring_elements 0.23521
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3586
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1126687
reference_id 1126687
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1126687
3
reference_url https://access.redhat.com/errata/RHSA-2015:0846
reference_id RHSA-2015:0846
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0846
4
reference_url https://access.redhat.com/errata/RHSA-2015:0847
reference_id RHSA-2015:0847
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0847
5
reference_url https://access.redhat.com/errata/RHSA-2015:0848
reference_id RHSA-2015:0848
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0848
6
reference_url https://access.redhat.com/errata/RHSA-2015:0849
reference_id RHSA-2015:0849
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0849
7
reference_url https://access.redhat.com/errata/RHSA-2015:1009
reference_id RHSA-2015:1009
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1009
fixed_packages
aliases CVE-2014-3586
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2qzz-yezu-r3gc
3
url VCID-6cjx-y4ey-e3b6
vulnerability_id VCID-6cjx-y4ey-e3b6
summary 
Use of a Broken or Risky Cryptographic Algorithm in Apache WSS4J
Apache WSS4J before 1.6.17 and 2.0.x before 2.0.2 improperly leaks information about decryption failures when decrypting an encrypted key or message data, which makes it easier for remote attackers to recover the plaintext form of a symmetric key via a series of crafted messages. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-2487.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2015-0846.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0846.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2015-0847.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0847.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2015-0848.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0848.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2015-0849.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0849.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2015-1176.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1176.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2015-1177.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1177.html
6
reference_url https://access.redhat.com/errata/RHSA-2016:1376
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:1376
7
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0226.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0226.json
8
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-0226
reference_id
reference_type
scores
0
value 0.0521
scoring_system epss
scoring_elements 0.89939
published_at 2026-04-13T12:55:00Z
1
value 0.0521
scoring_system epss
scoring_elements 0.89896
published_at 2026-04-01T12:55:00Z
2
value 0.0521
scoring_system epss
scoring_elements 0.89899
published_at 2026-04-02T12:55:00Z
3
value 0.0521
scoring_system epss
scoring_elements 0.89912
published_at 2026-04-04T12:55:00Z
4
value 0.0521
scoring_system epss
scoring_elements 0.89917
published_at 2026-04-07T12:55:00Z
5
value 0.0521
scoring_system epss
scoring_elements 0.89934
published_at 2026-04-08T12:55:00Z
6
value 0.0521
scoring_system epss
scoring_elements 0.8994
published_at 2026-04-09T12:55:00Z
7
value 0.0521
scoring_system epss
scoring_elements 0.89948
published_at 2026-04-11T12:55:00Z
8
value 0.0521
scoring_system epss
scoring_elements 0.89946
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-0226
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0226
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0226
10
reference_url https://github.com/apache/ws-wss4j
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/ws-wss4j
11
reference_url https://github.com/apache/ws-wss4j/commit/970b3e3756e2c75bf2379ce198365e1a7168c3c3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/ws-wss4j/commit/970b3e3756e2c75bf2379ce198365e1a7168c3c3
12
reference_url https://github.com/apache/ws-wss4j/commit/de5104b30ddde5fe7388ad57e1c5ace5c5509924
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/ws-wss4j/commit/de5104b30ddde5fe7388ad57e1c5ace5c5509924
13
reference_url https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03900en_us
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03900en_us
14
reference_url https://svn.apache.org/viewvc?view=revision&revision=1621329
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://svn.apache.org/viewvc?view=revision&revision=1621329
15
reference_url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
16
reference_url http://www.securityfocus.com/bid/72553
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/72553
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1191446
reference_id 1191446
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1191446
18
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777741
reference_id 777741
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777741
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:wss4j:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:wss4j:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:wss4j:*:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:wss4j:2.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:wss4j:2.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:wss4j:2.0.0:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:wss4j:2.0.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:wss4j:2.0.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:wss4j:2.0.0:rc1:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:wss4j:2.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:wss4j:2.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:wss4j:2.0.1:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:wss4j:2.0:beta:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:wss4j:2.0:beta:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:wss4j:2.0:beta:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-0226
reference_id CVE-2015-0226
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-0226
25
reference_url https://ws.apache.org/wss4j/advisories/CVE-2015-0226.txt.asc
reference_id CVE-2015-0226.TXT.ASC
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://ws.apache.org/wss4j/advisories/CVE-2015-0226.txt.asc
26
reference_url https://github.com/advisories/GHSA-vjwc-5hfh-2vv5
reference_id GHSA-vjwc-5hfh-2vv5
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vjwc-5hfh-2vv5
27
reference_url https://access.redhat.com/errata/RHSA-2015:0773
reference_id RHSA-2015:0773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0773
28
reference_url https://access.redhat.com/errata/RHSA-2015:0846
reference_id RHSA-2015:0846
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0846
29
reference_url https://access.redhat.com/errata/RHSA-2015:0847
reference_id RHSA-2015:0847
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0847
30
reference_url https://access.redhat.com/errata/RHSA-2015:0848
reference_id RHSA-2015:0848
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0848
31
reference_url https://access.redhat.com/errata/RHSA-2015:0849
reference_id RHSA-2015:0849
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0849
32
reference_url https://access.redhat.com/errata/RHSA-2015:1009
reference_id RHSA-2015:1009
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1009
33
reference_url https://access.redhat.com/errata/RHSA-2015:1176
reference_id RHSA-2015:1176
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1176
34
reference_url https://access.redhat.com/errata/RHSA-2015:1177
reference_id RHSA-2015:1177
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1177
fixed_packages
aliases CVE-2015-0226, GHSA-vjwc-5hfh-2vv5
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6cjx-y4ey-e3b6
4
url VCID-cnmd-pk6j-fuae
vulnerability_id VCID-cnmd-pk6j-fuae
summary Apache WSS4J before 1.6.17 and 2.x before 2.0.2 allows remote attackers to bypass the requireSignedEncryptedDataElements configuration via a vectors related to "wrapping attacks."
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2015-0773.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0773.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2015-0846.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0846.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2015-0847.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0847.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2015-0848.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0848.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2015-0849.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0849.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2015-1176.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1176.html
6
reference_url http://rhn.redhat.com/errata/RHSA-2015-1177.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1177.html
7
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0227.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0227.json
8
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-0227
reference_id
reference_type
scores
0
value 0.13872
scoring_system epss
scoring_elements 0.94301
published_at 2026-04-13T12:55:00Z
1
value 0.13872
scoring_system epss
scoring_elements 0.94269
published_at 2026-04-02T12:55:00Z
2
value 0.13872
scoring_system epss
scoring_elements 0.9428
published_at 2026-04-04T12:55:00Z
3
value 0.13872
scoring_system epss
scoring_elements 0.94282
published_at 2026-04-07T12:55:00Z
4
value 0.13872
scoring_system epss
scoring_elements 0.94291
published_at 2026-04-08T12:55:00Z
5
value 0.13872
scoring_system epss
scoring_elements 0.94295
published_at 2026-04-09T12:55:00Z
6
value 0.13872
scoring_system epss
scoring_elements 0.94299
published_at 2026-04-12T12:55:00Z
7
value 0.13872
scoring_system epss
scoring_elements 0.9426
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-0227
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0227
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0227
10
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/100837
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/100837
11
reference_url https://github.com/apache/wss4j/commit/5ec5295c9773c9ae43fdc6c3321d0e2af1041e62
reference_id
reference_type
scores
url https://github.com/apache/wss4j/commit/5ec5295c9773c9ae43fdc6c3321d0e2af1041e62
12
reference_url https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03900en_us
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03900en_us
13
reference_url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1191451
reference_id 1191451
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1191451
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777741
reference_id 777741
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777741
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-0227
reference_id CVE-2015-0227
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-0227
17
reference_url http://ws.apache.org/wss4j/advisories/CVE-2015-0227.txt.asc
reference_id CVE-2015-0227.TXT.ASC
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://ws.apache.org/wss4j/advisories/CVE-2015-0227.txt.asc
18
reference_url https://github.com/advisories/GHSA-6r5v-hp32-fjqw
reference_id GHSA-6r5v-hp32-fjqw
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6r5v-hp32-fjqw
19
reference_url https://access.redhat.com/errata/RHSA-2015:0773
reference_id RHSA-2015:0773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0773
20
reference_url https://access.redhat.com/errata/RHSA-2015:0846
reference_id RHSA-2015:0846
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0846
21
reference_url https://access.redhat.com/errata/RHSA-2015:0847
reference_id RHSA-2015:0847
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0847
22
reference_url https://access.redhat.com/errata/RHSA-2015:0848
reference_id RHSA-2015:0848
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0848
23
reference_url https://access.redhat.com/errata/RHSA-2015:0849
reference_id RHSA-2015:0849
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0849
24
reference_url https://access.redhat.com/errata/RHSA-2015:1009
reference_id RHSA-2015:1009
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1009
25
reference_url https://access.redhat.com/errata/RHSA-2015:1176
reference_id RHSA-2015:1176
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1176
26
reference_url https://access.redhat.com/errata/RHSA-2015:1177
reference_id RHSA-2015:1177
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1177
fixed_packages
aliases CVE-2015-0227, GHSA-6r5v-hp32-fjqw
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cnmd-pk6j-fuae
5
url VCID-khnh-k119-c7es
vulnerability_id VCID-khnh-k119-c7es
summary PicketLink: SP does not take Audience condition of a SAML assertion into account
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0277.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0277.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-0277
reference_id
reference_type
scores
0
value 0.00532
scoring_system epss
scoring_elements 0.67243
published_at 2026-04-01T12:55:00Z
1
value 0.00532
scoring_system epss
scoring_elements 0.67279
published_at 2026-04-02T12:55:00Z
2
value 0.00532
scoring_system epss
scoring_elements 0.67303
published_at 2026-04-04T12:55:00Z
3
value 0.00532
scoring_system epss
scoring_elements 0.6728
published_at 2026-04-07T12:55:00Z
4
value 0.00532
scoring_system epss
scoring_elements 0.67331
published_at 2026-04-08T12:55:00Z
5
value 0.00532
scoring_system epss
scoring_elements 0.67345
published_at 2026-04-09T12:55:00Z
6
value 0.00532
scoring_system epss
scoring_elements 0.67365
published_at 2026-04-11T12:55:00Z
7
value 0.00532
scoring_system epss
scoring_elements 0.67353
published_at 2026-04-12T12:55:00Z
8
value 0.00532
scoring_system epss
scoring_elements 0.67318
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-0277
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1194832
reference_id 1194832
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1194832
3
reference_url https://access.redhat.com/errata/RHSA-2015:0846
reference_id RHSA-2015:0846
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0846
4
reference_url https://access.redhat.com/errata/RHSA-2015:0847
reference_id RHSA-2015:0847
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0847
5
reference_url https://access.redhat.com/errata/RHSA-2015:0848
reference_id RHSA-2015:0848
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0848
6
reference_url https://access.redhat.com/errata/RHSA-2015:0849
reference_id RHSA-2015:0849
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0849
fixed_packages
aliases CVE-2015-0277
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-khnh-k119-c7es
6
url VCID-q5jj-g31c-afgz
vulnerability_id VCID-q5jj-g31c-afgz
summary mod_cluster: JavaScript code injection is possible via MCMP mod_manager messages
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0298.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0298.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-0298
reference_id
reference_type
scores
0
value 0.00322
scoring_system epss
scoring_elements 0.55126
published_at 2026-04-01T12:55:00Z
1
value 0.00322
scoring_system epss
scoring_elements 0.55227
published_at 2026-04-02T12:55:00Z
2
value 0.00322
scoring_system epss
scoring_elements 0.55251
published_at 2026-04-13T12:55:00Z
3
value 0.00322
scoring_system epss
scoring_elements 0.55229
published_at 2026-04-07T12:55:00Z
4
value 0.00322
scoring_system epss
scoring_elements 0.55278
published_at 2026-04-08T12:55:00Z
5
value 0.00322
scoring_system epss
scoring_elements 0.55279
published_at 2026-04-09T12:55:00Z
6
value 0.00322
scoring_system epss
scoring_elements 0.5529
published_at 2026-04-11T12:55:00Z
7
value 0.00322
scoring_system epss
scoring_elements 0.5527
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-0298
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1197769
reference_id 1197769
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1197769
3
reference_url https://access.redhat.com/errata/RHSA-2015:0846
reference_id RHSA-2015:0846
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0846
4
reference_url https://access.redhat.com/errata/RHSA-2015:0847
reference_id RHSA-2015:0847
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0847
5
reference_url https://access.redhat.com/errata/RHSA-2015:0848
reference_id RHSA-2015:0848
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0848
6
reference_url https://access.redhat.com/errata/RHSA-2015:1641
reference_id RHSA-2015:1641
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1641
7
reference_url https://access.redhat.com/errata/RHSA-2015:1642
reference_id RHSA-2015:1642
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1642
fixed_packages
aliases CVE-2015-0298
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q5jj-g31c-afgz
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jboss-as-host-controller@7.5.0-8.Final_redhat_21.1.ep6%3Farch=el5