Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.ws.security/wss4j@1.6.15
Typemaven
Namespaceorg.apache.ws.security
Namewss4j
Version1.6.15
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.6.17
Latest_non_vulnerable_version1.6.17
Affected_by_vulnerabilities
0
url VCID-4whf-68hm-6be4
vulnerability_id VCID-4whf-68hm-6be4
summary 
Improper security semantics enforcement of SAML SubjectConfirmation methods
This package when using `TransportBinding`, does not properly enforce the SAML `SubjectConfirmation` method security semantics, which allows remote attackers to conduct spoofing attacks via unspecified vectors.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2015-0236.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0236.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2015-0675.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0675.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2015-0850.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0850.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2015-0851.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0851.html
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3623.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3623.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3623
reference_id
reference_type
scores
0
value 0.0249
scoring_system epss
scoring_elements 0.85607
published_at 2026-06-05T12:55:00Z
1
value 0.0249
scoring_system epss
scoring_elements 0.85586
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3623
6
reference_url http://seclists.org/oss-sec/2014/q4/437
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2014/q4/437
7
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/97754
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/97754
8
reference_url https://issues.apache.org/jira/browse/WSS-511
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/WSS-511
9
reference_url https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1157304
reference_id 1157304
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1157304
16
reference_url https://bugzilla.redhat.com/CVE-2014-3623
reference_id CVE-2014-3623
reference_type
scores
url https://bugzilla.redhat.com/CVE-2014-3623
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-3623
reference_id CVE-2014-3623
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-3623
18
reference_url http://cxf.apache.org/security-advisories.data/CVE-2014-3623.txt.asc
reference_id CVE-2014-3623.TXT.ASC
reference_type
scores
url http://cxf.apache.org/security-advisories.data/CVE-2014-3623.txt.asc
19
reference_url https://github.com/advisories/GHSA-99v3-9x35-c5vf
reference_id GHSA-99v3-9x35-c5vf
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-99v3-9x35-c5vf
20
reference_url https://access.redhat.com/errata/RHSA-2014:2019
reference_id RHSA-2014:2019
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:2019
21
reference_url https://access.redhat.com/errata/RHSA-2014:2020
reference_id RHSA-2014:2020
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:2020
22
reference_url https://access.redhat.com/errata/RHSA-2015:0236
reference_id RHSA-2015:0236
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0236
23
reference_url https://access.redhat.com/errata/RHSA-2015:0675
reference_id RHSA-2015:0675
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0675
24
reference_url https://access.redhat.com/errata/RHSA-2015:0850
reference_id RHSA-2015:0850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0850
25
reference_url https://access.redhat.com/errata/RHSA-2015:0851
reference_id RHSA-2015:0851
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0851
fixed_packages
0
url pkg:maven/org.apache.ws.security/wss4j@1.6.17
purl pkg:maven/org.apache.ws.security/wss4j@1.6.17
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.ws.security/wss4j@1.6.17
aliases CVE-2014-3623, GHSA-99v3-9x35-c5vf
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4whf-68hm-6be4
1
url VCID-axqp-xsr5-yqej
vulnerability_id VCID-axqp-xsr5-yqej
summary 
Improper Access Control in Apache WSS4J
Apache WSS4J before 1.6.17 and 2.x before 2.0.2 allows remote attackers to bypass the requireSignedEncryptedDataElements configuration via a vectors related to "wrapping attacks."
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2015-0773.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0773.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2015-0846.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0846.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2015-0847.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0847.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2015-0848.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0848.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2015-0849.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0849.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2015-1176.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1176.html
6
reference_url http://rhn.redhat.com/errata/RHSA-2015-1177.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1177.html
7
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0227.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0227.json
8
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-0227
reference_id
reference_type
scores
0
value 0.13872
scoring_system epss
scoring_elements 0.94442
published_at 2026-06-05T12:55:00Z
1
value 0.13872
scoring_system epss
scoring_elements 0.94434
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-0227
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0227
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0227
10
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/100837
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/100837
11
reference_url https://github.com/apache/wss4j/commit/5ec5295c9773c9ae43fdc6c3321d0e2af1041e62
reference_id
reference_type
scores
url https://github.com/apache/wss4j/commit/5ec5295c9773c9ae43fdc6c3321d0e2af1041e62
12
reference_url https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03900en_us
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03900en_us
13
reference_url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
14
reference_url http://ws.apache.org/wss4j/advisories/CVE-2015-0227.txt.asc
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://ws.apache.org/wss4j/advisories/CVE-2015-0227.txt.asc
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1191451
reference_id 1191451
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1191451
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777741
reference_id 777741
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777741
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-0227
reference_id CVE-2015-0227
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-0227
18
reference_url https://github.com/advisories/GHSA-6r5v-hp32-fjqw
reference_id GHSA-6r5v-hp32-fjqw
reference_type
scores
url https://github.com/advisories/GHSA-6r5v-hp32-fjqw
19
reference_url https://access.redhat.com/errata/RHSA-2015:0773
reference_id RHSA-2015:0773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0773
20
reference_url https://access.redhat.com/errata/RHSA-2015:0846
reference_id RHSA-2015:0846
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0846
21
reference_url https://access.redhat.com/errata/RHSA-2015:0847
reference_id RHSA-2015:0847
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0847
22
reference_url https://access.redhat.com/errata/RHSA-2015:0848
reference_id RHSA-2015:0848
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0848
23
reference_url https://access.redhat.com/errata/RHSA-2015:0849
reference_id RHSA-2015:0849
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0849
24
reference_url https://access.redhat.com/errata/RHSA-2015:1009
reference_id RHSA-2015:1009
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1009
25
reference_url https://access.redhat.com/errata/RHSA-2015:1176
reference_id RHSA-2015:1176
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1176
26
reference_url https://access.redhat.com/errata/RHSA-2015:1177
reference_id RHSA-2015:1177
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1177
fixed_packages
0
url pkg:maven/org.apache.ws.security/wss4j@1.6.17
purl pkg:maven/org.apache.ws.security/wss4j@1.6.17
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.ws.security/wss4j@1.6.17
1
url pkg:maven/org.apache.ws.security/wss4j@2.2.0
purl pkg:maven/org.apache.ws.security/wss4j@2.2.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.ws.security/wss4j@2.2.0
2
url pkg:maven/org.apache.ws.security/wss4j@2.02
purl pkg:maven/org.apache.ws.security/wss4j@2.02
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.ws.security/wss4j@2.02
aliases CVE-2015-0227, GHSA-6r5v-hp32-fjqw
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-axqp-xsr5-yqej
2
url VCID-s2q7-ybj4-ubg5
vulnerability_id VCID-s2q7-ybj4-ubg5
summary 
Use of a Broken or Risky Cryptographic Algorithm in Apache WSS4J
Apache WSS4J before 1.6.17 and 2.0.x before 2.0.2 improperly leaks information about decryption failures when decrypting an encrypted key or message data, which makes it easier for remote attackers to recover the plaintext form of a symmetric key via a series of crafted messages. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-2487.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2015-0846.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0846.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2015-0847.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0847.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2015-0848.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0848.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2015-0849.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0849.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2015-1176.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1176.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2015-1177.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1177.html
6
reference_url https://access.redhat.com/errata/RHSA-2016:1376
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:1376
7
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0226.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0226.json
8
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-0226
reference_id
reference_type
scores
0
value 0.0521
scoring_system epss
scoring_elements 0.90123
published_at 2026-06-05T12:55:00Z
1
value 0.0521
scoring_system epss
scoring_elements 0.90107
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-0226
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0226
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0226
10
reference_url https://github.com/apache/ws-wss4j
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/ws-wss4j
11
reference_url https://github.com/apache/ws-wss4j/commit/970b3e3756e2c75bf2379ce198365e1a7168c3c3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/ws-wss4j/commit/970b3e3756e2c75bf2379ce198365e1a7168c3c3
12
reference_url https://github.com/apache/ws-wss4j/commit/de5104b30ddde5fe7388ad57e1c5ace5c5509924
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/ws-wss4j/commit/de5104b30ddde5fe7388ad57e1c5ace5c5509924
13
reference_url https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03900en_us
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03900en_us
14
reference_url https://svn.apache.org/viewvc?view=revision&revision=1621329
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://svn.apache.org/viewvc?view=revision&revision=1621329
15
reference_url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1191446
reference_id 1191446
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1191446
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777741
reference_id 777741
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777741
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-0226
reference_id CVE-2015-0226
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-0226
19
reference_url https://ws.apache.org/wss4j/advisories/CVE-2015-0226.txt.asc
reference_id CVE-2015-0226.TXT.ASC
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://ws.apache.org/wss4j/advisories/CVE-2015-0226.txt.asc
20
reference_url https://github.com/advisories/GHSA-vjwc-5hfh-2vv5
reference_id GHSA-vjwc-5hfh-2vv5
reference_type
scores
url https://github.com/advisories/GHSA-vjwc-5hfh-2vv5
21
reference_url https://access.redhat.com/errata/RHSA-2015:0773
reference_id RHSA-2015:0773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0773
22
reference_url https://access.redhat.com/errata/RHSA-2015:0846
reference_id RHSA-2015:0846
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0846
23
reference_url https://access.redhat.com/errata/RHSA-2015:0847
reference_id RHSA-2015:0847
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0847
24
reference_url https://access.redhat.com/errata/RHSA-2015:0848
reference_id RHSA-2015:0848
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0848
25
reference_url https://access.redhat.com/errata/RHSA-2015:0849
reference_id RHSA-2015:0849
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0849
26
reference_url https://access.redhat.com/errata/RHSA-2015:1009
reference_id RHSA-2015:1009
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1009
27
reference_url https://access.redhat.com/errata/RHSA-2015:1176
reference_id RHSA-2015:1176
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1176
28
reference_url https://access.redhat.com/errata/RHSA-2015:1177
reference_id RHSA-2015:1177
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1177
fixed_packages
0
url pkg:maven/org.apache.ws.security/wss4j@1.6.17
purl pkg:maven/org.apache.ws.security/wss4j@1.6.17
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.ws.security/wss4j@1.6.17
aliases CVE-2015-0226, GHSA-vjwc-5hfh-2vv5
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s2q7-ybj4-ubg5
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.ws.security/wss4j@1.6.15