Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.ws.security/wss4j@1.6.17
Typemaven
Namespaceorg.apache.ws.security
Namewss4j
Version1.6.17
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-6cjx-y4ey-e3b6
vulnerability_id VCID-6cjx-y4ey-e3b6
summary 
Use of a Broken or Risky Cryptographic Algorithm in Apache WSS4J
Apache WSS4J before 1.6.17 and 2.0.x before 2.0.2 improperly leaks information about decryption failures when decrypting an encrypted key or message data, which makes it easier for remote attackers to recover the plaintext form of a symmetric key via a series of crafted messages. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-2487.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2015-0846.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0846.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2015-0847.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0847.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2015-0848.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0848.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2015-0849.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0849.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2015-1176.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1176.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2015-1177.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1177.html
6
reference_url https://access.redhat.com/errata/RHSA-2016:1376
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:1376
7
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0226.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0226.json
8
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-0226
reference_id
reference_type
scores
0
value 0.0521
scoring_system epss
scoring_elements 0.89939
published_at 2026-04-13T12:55:00Z
1
value 0.0521
scoring_system epss
scoring_elements 0.89896
published_at 2026-04-01T12:55:00Z
2
value 0.0521
scoring_system epss
scoring_elements 0.89899
published_at 2026-04-02T12:55:00Z
3
value 0.0521
scoring_system epss
scoring_elements 0.89912
published_at 2026-04-04T12:55:00Z
4
value 0.0521
scoring_system epss
scoring_elements 0.89917
published_at 2026-04-07T12:55:00Z
5
value 0.0521
scoring_system epss
scoring_elements 0.89934
published_at 2026-04-08T12:55:00Z
6
value 0.0521
scoring_system epss
scoring_elements 0.8994
published_at 2026-04-09T12:55:00Z
7
value 0.0521
scoring_system epss
scoring_elements 0.89948
published_at 2026-04-11T12:55:00Z
8
value 0.0521
scoring_system epss
scoring_elements 0.89946
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-0226
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0226
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0226
10
reference_url https://github.com/apache/ws-wss4j
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/ws-wss4j
11
reference_url https://github.com/apache/ws-wss4j/commit/970b3e3756e2c75bf2379ce198365e1a7168c3c3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/ws-wss4j/commit/970b3e3756e2c75bf2379ce198365e1a7168c3c3
12
reference_url https://github.com/apache/ws-wss4j/commit/de5104b30ddde5fe7388ad57e1c5ace5c5509924
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/ws-wss4j/commit/de5104b30ddde5fe7388ad57e1c5ace5c5509924
13
reference_url https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03900en_us
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03900en_us
14
reference_url https://svn.apache.org/viewvc?view=revision&revision=1621329
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://svn.apache.org/viewvc?view=revision&revision=1621329
15
reference_url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
16
reference_url http://www.securityfocus.com/bid/72553
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/72553
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1191446
reference_id 1191446
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1191446
18
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777741
reference_id 777741
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777741
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:wss4j:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:wss4j:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:wss4j:*:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:wss4j:2.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:wss4j:2.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:wss4j:2.0.0:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:wss4j:2.0.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:wss4j:2.0.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:wss4j:2.0.0:rc1:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:wss4j:2.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:wss4j:2.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:wss4j:2.0.1:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:wss4j:2.0:beta:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:wss4j:2.0:beta:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:wss4j:2.0:beta:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-0226
reference_id CVE-2015-0226
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-0226
25
reference_url https://ws.apache.org/wss4j/advisories/CVE-2015-0226.txt.asc
reference_id CVE-2015-0226.TXT.ASC
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://ws.apache.org/wss4j/advisories/CVE-2015-0226.txt.asc
26
reference_url https://github.com/advisories/GHSA-vjwc-5hfh-2vv5
reference_id GHSA-vjwc-5hfh-2vv5
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vjwc-5hfh-2vv5
27
reference_url https://access.redhat.com/errata/RHSA-2015:0773
reference_id RHSA-2015:0773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0773
28
reference_url https://access.redhat.com/errata/RHSA-2015:0846
reference_id RHSA-2015:0846
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0846
29
reference_url https://access.redhat.com/errata/RHSA-2015:0847
reference_id RHSA-2015:0847
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0847
30
reference_url https://access.redhat.com/errata/RHSA-2015:0848
reference_id RHSA-2015:0848
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0848
31
reference_url https://access.redhat.com/errata/RHSA-2015:0849
reference_id RHSA-2015:0849
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0849
32
reference_url https://access.redhat.com/errata/RHSA-2015:1009
reference_id RHSA-2015:1009
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1009
33
reference_url https://access.redhat.com/errata/RHSA-2015:1176
reference_id RHSA-2015:1176
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1176
34
reference_url https://access.redhat.com/errata/RHSA-2015:1177
reference_id RHSA-2015:1177
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1177
fixed_packages
0
url pkg:maven/org.apache.ws.security/wss4j@1.6.17
purl pkg:maven/org.apache.ws.security/wss4j@1.6.17
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.ws.security/wss4j@1.6.17
aliases CVE-2015-0226, GHSA-vjwc-5hfh-2vv5
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6cjx-y4ey-e3b6
1
url VCID-cnmd-pk6j-fuae
vulnerability_id VCID-cnmd-pk6j-fuae
summary Apache WSS4J before 1.6.17 and 2.x before 2.0.2 allows remote attackers to bypass the requireSignedEncryptedDataElements configuration via a vectors related to "wrapping attacks."
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2015-0773.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0773.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2015-0846.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0846.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2015-0847.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0847.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2015-0848.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0848.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2015-0849.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0849.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2015-1176.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1176.html
6
reference_url http://rhn.redhat.com/errata/RHSA-2015-1177.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1177.html
7
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0227.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0227.json
8
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-0227
reference_id
reference_type
scores
0
value 0.13872
scoring_system epss
scoring_elements 0.94301
published_at 2026-04-13T12:55:00Z
1
value 0.13872
scoring_system epss
scoring_elements 0.94269
published_at 2026-04-02T12:55:00Z
2
value 0.13872
scoring_system epss
scoring_elements 0.9428
published_at 2026-04-04T12:55:00Z
3
value 0.13872
scoring_system epss
scoring_elements 0.94282
published_at 2026-04-07T12:55:00Z
4
value 0.13872
scoring_system epss
scoring_elements 0.94291
published_at 2026-04-08T12:55:00Z
5
value 0.13872
scoring_system epss
scoring_elements 0.94295
published_at 2026-04-09T12:55:00Z
6
value 0.13872
scoring_system epss
scoring_elements 0.94299
published_at 2026-04-12T12:55:00Z
7
value 0.13872
scoring_system epss
scoring_elements 0.9426
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-0227
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0227
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0227
10
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/100837
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/100837
11
reference_url https://github.com/apache/wss4j/commit/5ec5295c9773c9ae43fdc6c3321d0e2af1041e62
reference_id
reference_type
scores
url https://github.com/apache/wss4j/commit/5ec5295c9773c9ae43fdc6c3321d0e2af1041e62
12
reference_url https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03900en_us
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03900en_us
13
reference_url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1191451
reference_id 1191451
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1191451
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777741
reference_id 777741
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777741
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-0227
reference_id CVE-2015-0227
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-0227
17
reference_url http://ws.apache.org/wss4j/advisories/CVE-2015-0227.txt.asc
reference_id CVE-2015-0227.TXT.ASC
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://ws.apache.org/wss4j/advisories/CVE-2015-0227.txt.asc
18
reference_url https://github.com/advisories/GHSA-6r5v-hp32-fjqw
reference_id GHSA-6r5v-hp32-fjqw
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6r5v-hp32-fjqw
19
reference_url https://access.redhat.com/errata/RHSA-2015:0773
reference_id RHSA-2015:0773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0773
20
reference_url https://access.redhat.com/errata/RHSA-2015:0846
reference_id RHSA-2015:0846
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0846
21
reference_url https://access.redhat.com/errata/RHSA-2015:0847
reference_id RHSA-2015:0847
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0847
22
reference_url https://access.redhat.com/errata/RHSA-2015:0848
reference_id RHSA-2015:0848
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0848
23
reference_url https://access.redhat.com/errata/RHSA-2015:0849
reference_id RHSA-2015:0849
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0849
24
reference_url https://access.redhat.com/errata/RHSA-2015:1009
reference_id RHSA-2015:1009
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1009
25
reference_url https://access.redhat.com/errata/RHSA-2015:1176
reference_id RHSA-2015:1176
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1176
26
reference_url https://access.redhat.com/errata/RHSA-2015:1177
reference_id RHSA-2015:1177
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1177
fixed_packages
0
url pkg:maven/org.apache.ws.security/wss4j@1.6.17
purl pkg:maven/org.apache.ws.security/wss4j@1.6.17
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.ws.security/wss4j@1.6.17
1
url pkg:maven/org.apache.ws.security/wss4j@2.02
purl pkg:maven/org.apache.ws.security/wss4j@2.02
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.ws.security/wss4j@2.02
aliases CVE-2015-0227, GHSA-6r5v-hp32-fjqw
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cnmd-pk6j-fuae
2
url VCID-wmr9-j6fm-pbap
vulnerability_id VCID-wmr9-j6fm-pbap
summary 
Improper security semantics enforcement of SAML SubjectConfirmation methods
This package when using `TransportBinding`, does not properly enforce the SAML `SubjectConfirmation` method security semantics, which allows remote attackers to conduct spoofing attacks via unspecified vectors.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2015-0236.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0236.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2015-0675.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0675.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2015-0850.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0850.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2015-0851.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0851.html
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3623.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3623.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3623
reference_id
reference_type
scores
0
value 0.0249
scoring_system epss
scoring_elements 0.85314
published_at 2026-04-13T12:55:00Z
1
value 0.0249
scoring_system epss
scoring_elements 0.85242
published_at 2026-04-01T12:55:00Z
2
value 0.0249
scoring_system epss
scoring_elements 0.85254
published_at 2026-04-02T12:55:00Z
3
value 0.0249
scoring_system epss
scoring_elements 0.85273
published_at 2026-04-04T12:55:00Z
4
value 0.0249
scoring_system epss
scoring_elements 0.85274
published_at 2026-04-07T12:55:00Z
5
value 0.0249
scoring_system epss
scoring_elements 0.85296
published_at 2026-04-08T12:55:00Z
6
value 0.0249
scoring_system epss
scoring_elements 0.85304
published_at 2026-04-09T12:55:00Z
7
value 0.0249
scoring_system epss
scoring_elements 0.85319
published_at 2026-04-11T12:55:00Z
8
value 0.0249
scoring_system epss
scoring_elements 0.85317
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3623
6
reference_url http://seclists.org/oss-sec/2014/q4/437
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2014/q4/437
7
reference_url http://secunia.com/advisories/61909
reference_id
reference_type
scores
url http://secunia.com/advisories/61909
8
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/97754
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/97754
9
reference_url https://issues.apache.org/jira/browse/WSS-511
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/WSS-511
10
reference_url https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E
22
reference_url http://www.securityfocus.com/bid/70736
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/70736
23
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1157304
reference_id 1157304
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1157304
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:wss4j:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:wss4j:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:wss4j:*:*:*:*:*:*:*:*
26
reference_url https://bugzilla.redhat.com/CVE-2014-3623
reference_id CVE-2014-3623
reference_type
scores
url https://bugzilla.redhat.com/CVE-2014-3623
27
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-3623
reference_id CVE-2014-3623
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-3623
28
reference_url http://cxf.apache.org/security-advisories.data/CVE-2014-3623.txt.asc
reference_id CVE-2014-3623.TXT.ASC
reference_type
scores
url http://cxf.apache.org/security-advisories.data/CVE-2014-3623.txt.asc
29
reference_url https://github.com/advisories/GHSA-99v3-9x35-c5vf
reference_id GHSA-99v3-9x35-c5vf
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-99v3-9x35-c5vf
30
reference_url https://access.redhat.com/errata/RHSA-2014:2019
reference_id RHSA-2014:2019
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:2019
31
reference_url https://access.redhat.com/errata/RHSA-2014:2020
reference_id RHSA-2014:2020
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:2020
32
reference_url https://access.redhat.com/errata/RHSA-2015:0236
reference_id RHSA-2015:0236
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0236
33
reference_url https://access.redhat.com/errata/RHSA-2015:0675
reference_id RHSA-2015:0675
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0675
34
reference_url https://access.redhat.com/errata/RHSA-2015:0850
reference_id RHSA-2015:0850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0850
35
reference_url https://access.redhat.com/errata/RHSA-2015:0851
reference_id RHSA-2015:0851
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0851
fixed_packages
0
url pkg:maven/org.apache.ws.security/wss4j@1.6.17
purl pkg:maven/org.apache.ws.security/wss4j@1.6.17
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.ws.security/wss4j@1.6.17
aliases CVE-2014-3623, GHSA-99v3-9x35-c5vf
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wmr9-j6fm-pbap
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.ws.security/wss4j@1.6.17