Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/129456?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/129456?format=api", "purl": "pkg:rpm/redhat/jboss-common@1.2.1-0jpp.ep1?arch=2", "type": "rpm", "namespace": "redhat", "name": "jboss-common", "version": "1.2.1-0jpp.ep1", "qualifiers": { "arch": "2" }, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4763?format=api", "vulnerability_id": "VCID-88v7-kc2y-bfd7", "summary": "Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.", "references": [ { "reference_url": "http://geronimo.apache.org/2007/10/18/potential-vulnerability-in-apache-tomcat-webdav-servlet.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://geronimo.apache.org/2007/10/18/potential-vulnerability-in-apache-tomcat-webdav-servlet.html" }, { "reference_url": "http://issues.apache.org/jira/browse/GERONIMO-3549", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://issues.apache.org/jira/browse/GERONIMO-3549" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html" }, { "reference_url": "http://mail-archives.apache.org/mod_mbox/tomcat-users/200710.mbox/%3C47135C2D.1000705@apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://mail-archives.apache.org/mod_mbox/tomcat-users/200710.mbox/%3C47135C2D.1000705@apache.org%3E" }, { "reference_url": "http://marc.info/?l=bugtraq&m=139344343412337&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=bugtraq&m=139344343412337&w=2" }, { "reference_url": "http://marc.info/?l=full-disclosure&m=119239530508382", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=full-disclosure&m=119239530508382" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2008-0630.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2008-0630.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5461.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5461.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-5461", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06267", "scoring_system": "epss", "scoring_elements": "0.90924", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06267", "scoring_system": "epss", "scoring_elements": "0.90873", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.06267", "scoring_system": "epss", "scoring_elements": "0.90878", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06267", "scoring_system": "epss", "scoring_elements": "0.90888", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06267", "scoring_system": "epss", "scoring_elements": "0.90898", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06267", "scoring_system": "epss", "scoring_elements": "0.9091", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06267", "scoring_system": "epss", "scoring_elements": "0.90916", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06267", "scoring_system": "epss", "scoring_elements": "0.90925", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-5461" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200804-10.xml", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://security.gentoo.org/glsa/glsa-200804-10.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37243", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37243" }, { "reference_url": "https://github.com/apache/tomcat", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat" }, { "reference_url": "https://github.com/apache/tomcat/commit/1e7b31e24801777f4de45d565f6a20a5377dd22c", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/1e7b31e24801777f4de45d565f6a20a5377dd22c" }, { "reference_url": "https://github.com/apache/tomcat/commit/901292cf9d7d8225f8a3b96c7583e2bd8b41772d", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/901292cf9d7d8225f8a3b96c7583e2bd8b41772d" }, { "reference_url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "http://support.apple.com/kb/HT2163", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://support.apple.com/kb/HT2163" }, { "reference_url": "http://support.apple.com/kb/HT3216", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://support.apple.com/kb/HT3216" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html" }, { "reference_url": "http://tomcat.apache.org/security-4.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://tomcat.apache.org/security-4.html" }, { "reference_url": "http://tomcat.apache.org/security-5.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://tomcat.apache.org/security-5.html" }, { "reference_url": "http://tomcat.apache.org/security-6.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://tomcat.apache.org/security-6.html" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1447", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2008/dsa-1447" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1453", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2008/dsa-1453" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0042.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0042.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0195.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0195.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0862.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0862.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=333791", "reference_id": "333791", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=333791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461", "reference_id": "CVE-2007-5461", "reference_type": "", "scores": [ { "value": "Important", "scoring_system": "apache_tomcat", "scoring_elements": "" } ], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/4552.pl", "reference_id": "CVE-2007-5461", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/4552.pl" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2007-5461", "reference_id": "CVE-2007-5461", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-5461" }, { "reference_url": "https://github.com/advisories/GHSA-v5p2-vg3c-pmrr", "reference_id": "GHSA-v5p2-vg3c-pmrr", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-v5p2-vg3c-pmrr" }, { "reference_url": "https://security.gentoo.org/glsa/200804-10", "reference_id": "GLSA-200804-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200804-10" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/4530.pl", "reference_id": "OSVDB-38187;CVE-2007-5461", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/4530.pl" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0042", "reference_id": "RHSA-2008:0042", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0042" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0151", "reference_id": "RHSA-2008:0151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0158", "reference_id": "RHSA-2008:0158", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0158" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0195", "reference_id": "RHSA-2008:0195", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0195" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0213", "reference_id": "RHSA-2008:0213", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0213" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0630", "reference_id": "RHSA-2008:0630", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0630" } ], "fixed_packages": [], "aliases": [ "CVE-2007-5461", "GHSA-v5p2-vg3c-pmrr" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-88v7-kc2y-bfd7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/88552?format=api", "vulnerability_id": "VCID-phgm-ct5c-a3fu", "summary": "EJBQL injection via 'order' parameter", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6433.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6433.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-6433", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02431", "scoring_system": "epss", "scoring_elements": "0.85081", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02431", "scoring_system": "epss", "scoring_elements": "0.85094", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02431", "scoring_system": "epss", "scoring_elements": "0.85111", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02431", "scoring_system": "epss", "scoring_elements": "0.85115", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02431", "scoring_system": "epss", "scoring_elements": "0.85137", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02431", "scoring_system": "epss", "scoring_elements": "0.85144", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02431", "scoring_system": "epss", "scoring_elements": "0.85159", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02431", "scoring_system": "epss", "scoring_elements": "0.85156", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02431", "scoring_system": "epss", "scoring_elements": "0.85153", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-6433" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=426206", "reference_id": "426206", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=426206" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0151", "reference_id": "RHSA-2008:0151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0158", "reference_id": "RHSA-2008:0158", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0158" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0213", "reference_id": "RHSA-2008:0213", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0213" } ], "fixed_packages": [], "aliases": [ "CVE-2007-6433" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-phgm-ct5c-a3fu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4768?format=api", "vulnerability_id": "VCID-t9y6-suc2-2kcg", "summary": "Apache Tomcat 6.0.0 through 6.0.15 processes parameters in the context of the wrong request when an exception occurs during parameter processing, which might allow remote attackers to obtain sensitive information, as demonstrated by disconnecting during this processing in order to trigger the exception.", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=139344343412337&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=bugtraq&m=139344343412337&w=2" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0002.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0002.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-0002", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04097", "scoring_system": "epss", "scoring_elements": "0.88588", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04097", "scoring_system": "epss", "scoring_elements": "0.88583", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04097", "scoring_system": "epss", "scoring_elements": "0.88565", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04097", "scoring_system": "epss", "scoring_elements": "0.88562", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04097", "scoring_system": "epss", "scoring_elements": "0.88536", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04097", "scoring_system": "epss", "scoring_elements": "0.88544", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04097", "scoring_system": "epss", "scoring_elements": "0.88592", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04097", "scoring_system": "epss", "scoring_elements": "0.886", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-0002" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200804-10.xml", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://security.gentoo.org/glsa/glsa-200804-10.xml" }, { "reference_url": "https://github.com/apache/tomcat", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat" }, { "reference_url": "http://support.apple.com/kb/HT3216", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://support.apple.com/kb/HT3216" }, { "reference_url": "https://web.archive.org/web/20080214133036/http://secunia.com/advisories/28915", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20080214133036/http://secunia.com/advisories/28915" }, { "reference_url": "https://web.archive.org/web/20080715062302/http://secunia.com/advisories/29711", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20080715062302/http://secunia.com/advisories/29711" }, { "reference_url": "https://web.archive.org/web/20080724052339/http://secunia.com/advisories/28834", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20080724052339/http://secunia.com/advisories/28834" }, { "reference_url": "https://web.archive.org/web/20081012021650/http://www.securityfocus.com/bid/27703", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20081012021650/http://www.securityfocus.com/bid/27703" }, { "reference_url": "https://web.archive.org/web/20081013050642/http://secunia.com/advisories/32222", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20081013050642/http://secunia.com/advisories/32222" }, { "reference_url": "https://web.archive.org/web/20081120062646/http://securityreason.com/securityalert/3638", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20081120062646/http://securityreason.com/securityalert/3638" }, { "reference_url": "https://web.archive.org/web/20081121133027/http://www.securityfocus.com/archive/1/487812/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20081121133027/http://www.securityfocus.com/archive/1/487812/100/0/threaded" }, { "reference_url": "https://web.archive.org/web/20091125140215/http://secunia.com/advisories/37460", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20091125140215/http://secunia.com/advisories/37460" }, { "reference_url": "https://web.archive.org/web/20120825080137/http://www.securityfocus.com/bid/31681", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20120825080137/http://www.securityfocus.com/bid/31681" }, { "reference_url": "https://web.archive.org/web/20140723000733/http://secunia.com/advisories/57126", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20140723000733/http://secunia.com/advisories/57126" }, { "reference_url": "https://web.archive.org/web/20150621204350/http://www.securityfocus.com/archive/1/507985/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20150621204350/http://www.securityfocus.com/archive/1/507985/100/0/threaded" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00315.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00315.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00460.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00460.html" }, { "reference_url": "http://tomcat.apache.org/security-6.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://tomcat.apache.org/security-6.html" }, { "reference_url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=432327", "reference_id": "432327", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=432327" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0002", "reference_id": "CVE-2008-0002", "reference_type": "", "scores": [ { "value": "Important", "scoring_system": "apache_tomcat", "scoring_elements": "" } ], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0002" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-0002", "reference_id": "CVE-2008-0002", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-0002" }, { "reference_url": "https://github.com/advisories/GHSA-5x5f-9r6q-q7mh", "reference_id": "GHSA-5x5f-9r6q-q7mh", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5x5f-9r6q-q7mh" }, { "reference_url": "https://security.gentoo.org/glsa/200804-10", "reference_id": "GLSA-200804-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200804-10" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0151", "reference_id": "RHSA-2008:0151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0158", "reference_id": "RHSA-2008:0158", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0158" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0213", "reference_id": "RHSA-2008:0213", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0213" } ], "fixed_packages": [], "aliases": [ "CVE-2008-0002", "GHSA-5x5f-9r6q-q7mh" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t9y6-suc2-2kcg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/88566?format=api", "vulnerability_id": "VCID-w7g5-angw-yfcp", "summary": "JFreeChart: XSS vulnerabilities in the image map feature", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6306.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6306.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-6306", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0222", "scoring_system": "epss", "scoring_elements": "0.84424", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0222", "scoring_system": "epss", "scoring_elements": "0.84439", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0222", "scoring_system": "epss", "scoring_elements": "0.84458", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0222", "scoring_system": "epss", "scoring_elements": "0.84459", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02289", "scoring_system": "epss", "scoring_elements": "0.84688", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02289", "scoring_system": "epss", "scoring_elements": "0.84695", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02289", "scoring_system": "epss", "scoring_elements": "0.84714", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02289", "scoring_system": "epss", "scoring_elements": "0.84709", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02289", "scoring_system": "epss", "scoring_elements": "0.84703", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-6306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6306" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=421081", "reference_id": "421081", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=421081" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=456148", "reference_id": "456148", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=456148" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0151", "reference_id": "RHSA-2008:0151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0158", "reference_id": "RHSA-2008:0158", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0158" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0213", "reference_id": "RHSA-2008:0213", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0213" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0630", "reference_id": "RHSA-2008:0630", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0630" } ], "fixed_packages": [], "aliases": [ "CVE-2007-6306" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w7g5-angw-yfcp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57202?format=api", "vulnerability_id": "VCID-ymqq-9gmh-6kfn", "summary": "An unspecified vulnerability has been reported in OpenOffice.org, possibly\n allowing for the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4575.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4575.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-4575", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06316", "scoring_system": "epss", "scoring_elements": "0.9092", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.06316", "scoring_system": "epss", "scoring_elements": "0.90926", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06316", "scoring_system": "epss", "scoring_elements": "0.90935", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06316", "scoring_system": "epss", "scoring_elements": "0.90945", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06316", "scoring_system": "epss", "scoring_elements": "0.90957", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06316", "scoring_system": "epss", "scoring_elements": "0.90963", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06316", "scoring_system": "epss", "scoring_elements": "0.90971", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.06316", "scoring_system": "epss", "scoring_elements": "0.90973", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.06316", "scoring_system": "epss", "scoring_elements": "0.90972", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-4575" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4575", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4575" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=299801", "reference_id": "299801", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=299801" }, { "reference_url": "https://security.gentoo.org/glsa/200712-25", "reference_id": "GLSA-200712-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200712-25" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1048", "reference_id": "RHSA-2007:1048", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1048" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1090", "reference_id": "RHSA-2007:1090", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1090" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0151", "reference_id": "RHSA-2008:0151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0158", "reference_id": "RHSA-2008:0158", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0158" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0213", "reference_id": "RHSA-2008:0213", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0213" }, { "reference_url": "https://usn.ubuntu.com/609-1/", "reference_id": "USN-609-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/609-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2007-4575" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ymqq-9gmh-6kfn" } ], "fixing_vulnerabilities": [], "risk_score": "10.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jboss-common@1.2.1-0jpp.ep1%3Farch=2" }