Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-vatr-ygcg-f3au

Summary The SAML Web SSO module in Apache CXF before 2.7.18, 3.0.x before 3.0.7, and 3.1.x before 3.1.3 allows remote authenticated users to bypass authentication via a crafted SAML response with a valid signed assertion, related to a "wrapping attack."

Aliases

alias	CVE-2015-5253

alias	GHSA-3336-h95j-hvvf

Fixed_packages

url pkg:maven/org.apache.cxf/cxf-core@3.0.7

purl pkg:maven/org.apache.cxf/cxf-core@3.0.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-669s-jgrm-efgg

vulnerability	VCID-6nvj-sh6e-q3h3

vulnerability	VCID-b3sp-rdja-cuf5

vulnerability	VCID-d68d-u8dc-r3be

vulnerability	VCID-darq-bg13-x3fd

vulnerability	VCID-edja-kj1j-7kh5

vulnerability	VCID-efw6-swgm-4fbc

vulnerability	VCID-fekg-fn5e-augk

vulnerability	VCID-j1db-vh8s-6yaz

vulnerability	VCID-sb6r-52yp-x7g5

vulnerability	VCID-tw87-3mzf-8uem

vulnerability	VCID-x3q1-vymh-jkew

vulnerability	VCID-xzs8-rbhd-mkbp

vulnerability	VCID-y8up-mkx2-abcn

vulnerability	VCID-yqr6-8zk9-4fgv

vulnerability	VCID-ytk3-rjrf-wfh9

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-core@3.0.7

url pkg:maven/org.apache.cxf/cxf-core@3.1.3

purl pkg:maven/org.apache.cxf/cxf-core@3.1.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-669s-jgrm-efgg

vulnerability	VCID-6nvj-sh6e-q3h3

vulnerability	VCID-b3sp-rdja-cuf5

vulnerability	VCID-d68d-u8dc-r3be

vulnerability	VCID-darq-bg13-x3fd

vulnerability	VCID-edja-kj1j-7kh5

vulnerability	VCID-efw6-swgm-4fbc

vulnerability	VCID-fekg-fn5e-augk

vulnerability	VCID-j1db-vh8s-6yaz

vulnerability	VCID-sb6r-52yp-x7g5

vulnerability	VCID-tw87-3mzf-8uem

vulnerability	VCID-x3q1-vymh-jkew

vulnerability	VCID-xzs8-rbhd-mkbp

vulnerability	VCID-y8up-mkx2-abcn

vulnerability	VCID-yqr6-8zk9-4fgv

vulnerability	VCID-ytk3-rjrf-wfh9

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-core@3.1.3

url	pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.18
purl	pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.18
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.18

url	pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.0.7
purl	pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.0.7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.0.7

url	pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.1.3
purl	pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.1.3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.1.3

Affected_packages

url pkg:maven/org.apache.cxf/cxf-core@2.7.17

purl pkg:maven/org.apache.cxf/cxf-core@2.7.17

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-core@2.7.17

url pkg:maven/org.apache.cxf/cxf-core@3.0.0

purl pkg:maven/org.apache.cxf/cxf-core@3.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-669s-jgrm-efgg

vulnerability	VCID-6nvj-sh6e-q3h3

vulnerability	VCID-b3sp-rdja-cuf5

vulnerability	VCID-d68d-u8dc-r3be

vulnerability	VCID-darq-bg13-x3fd

vulnerability	VCID-edja-kj1j-7kh5

vulnerability	VCID-efw6-swgm-4fbc

vulnerability	VCID-fekg-fn5e-augk

vulnerability	VCID-j1db-vh8s-6yaz

vulnerability	VCID-sb6r-52yp-x7g5

vulnerability	VCID-tw87-3mzf-8uem

vulnerability	VCID-vatr-ygcg-f3au

vulnerability	VCID-x3q1-vymh-jkew

vulnerability	VCID-xzs8-rbhd-mkbp

vulnerability	VCID-y8up-mkx2-abcn

vulnerability	VCID-yqr6-8zk9-4fgv

vulnerability	VCID-ytk3-rjrf-wfh9

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-core@3.0.0

url pkg:maven/org.apache.cxf/cxf-core@3.0.1

purl pkg:maven/org.apache.cxf/cxf-core@3.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-669s-jgrm-efgg

vulnerability	VCID-6nvj-sh6e-q3h3

vulnerability	VCID-b3sp-rdja-cuf5

vulnerability	VCID-d68d-u8dc-r3be

vulnerability	VCID-darq-bg13-x3fd

vulnerability	VCID-edja-kj1j-7kh5

vulnerability	VCID-efw6-swgm-4fbc

vulnerability	VCID-fekg-fn5e-augk

vulnerability	VCID-j1db-vh8s-6yaz

vulnerability	VCID-sb6r-52yp-x7g5

vulnerability	VCID-tw87-3mzf-8uem

vulnerability	VCID-vatr-ygcg-f3au

vulnerability	VCID-x3q1-vymh-jkew

vulnerability	VCID-xzs8-rbhd-mkbp

vulnerability	VCID-y8up-mkx2-abcn

vulnerability	VCID-yqr6-8zk9-4fgv

vulnerability	VCID-ytk3-rjrf-wfh9

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-core@3.0.1

url pkg:maven/org.apache.cxf/cxf-core@3.0.2

purl pkg:maven/org.apache.cxf/cxf-core@3.0.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-669s-jgrm-efgg

vulnerability	VCID-6nvj-sh6e-q3h3

vulnerability	VCID-b3sp-rdja-cuf5

vulnerability	VCID-d68d-u8dc-r3be

vulnerability	VCID-darq-bg13-x3fd

vulnerability	VCID-edja-kj1j-7kh5

vulnerability	VCID-efw6-swgm-4fbc

vulnerability	VCID-fekg-fn5e-augk

vulnerability	VCID-j1db-vh8s-6yaz

vulnerability	VCID-sb6r-52yp-x7g5

vulnerability	VCID-tw87-3mzf-8uem

vulnerability	VCID-vatr-ygcg-f3au

vulnerability	VCID-x3q1-vymh-jkew

vulnerability	VCID-xzs8-rbhd-mkbp

vulnerability	VCID-y8up-mkx2-abcn

vulnerability	VCID-yqr6-8zk9-4fgv

vulnerability	VCID-ytk3-rjrf-wfh9

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-core@3.0.2

url pkg:maven/org.apache.cxf/cxf-core@3.0.3

purl pkg:maven/org.apache.cxf/cxf-core@3.0.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-669s-jgrm-efgg

vulnerability	VCID-6nvj-sh6e-q3h3

vulnerability	VCID-b3sp-rdja-cuf5

vulnerability	VCID-d68d-u8dc-r3be

vulnerability	VCID-darq-bg13-x3fd

vulnerability	VCID-edja-kj1j-7kh5

vulnerability	VCID-efw6-swgm-4fbc

vulnerability	VCID-fekg-fn5e-augk

vulnerability	VCID-j1db-vh8s-6yaz

vulnerability	VCID-sb6r-52yp-x7g5

vulnerability	VCID-tw87-3mzf-8uem

vulnerability	VCID-vatr-ygcg-f3au

vulnerability	VCID-x3q1-vymh-jkew

vulnerability	VCID-xzs8-rbhd-mkbp

vulnerability	VCID-y8up-mkx2-abcn

vulnerability	VCID-yqr6-8zk9-4fgv

vulnerability	VCID-ytk3-rjrf-wfh9

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-core@3.0.3

url pkg:maven/org.apache.cxf/cxf-core@3.0.4

purl pkg:maven/org.apache.cxf/cxf-core@3.0.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-669s-jgrm-efgg

vulnerability	VCID-6nvj-sh6e-q3h3

vulnerability	VCID-b3sp-rdja-cuf5

vulnerability	VCID-d68d-u8dc-r3be

vulnerability	VCID-darq-bg13-x3fd

vulnerability	VCID-edja-kj1j-7kh5

vulnerability	VCID-efw6-swgm-4fbc

vulnerability	VCID-fekg-fn5e-augk

vulnerability	VCID-j1db-vh8s-6yaz

vulnerability	VCID-sb6r-52yp-x7g5

vulnerability	VCID-tw87-3mzf-8uem

vulnerability	VCID-vatr-ygcg-f3au

vulnerability	VCID-x3q1-vymh-jkew

vulnerability	VCID-xzs8-rbhd-mkbp

vulnerability	VCID-y8up-mkx2-abcn

vulnerability	VCID-yqr6-8zk9-4fgv

vulnerability	VCID-ytk3-rjrf-wfh9

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-core@3.0.4

url pkg:maven/org.apache.cxf/cxf-core@3.0.5

purl pkg:maven/org.apache.cxf/cxf-core@3.0.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-669s-jgrm-efgg

vulnerability	VCID-6nvj-sh6e-q3h3

vulnerability	VCID-b3sp-rdja-cuf5

vulnerability	VCID-d68d-u8dc-r3be

vulnerability	VCID-darq-bg13-x3fd

vulnerability	VCID-edja-kj1j-7kh5

vulnerability	VCID-efw6-swgm-4fbc

vulnerability	VCID-fekg-fn5e-augk

vulnerability	VCID-j1db-vh8s-6yaz

vulnerability	VCID-sb6r-52yp-x7g5

vulnerability	VCID-tw87-3mzf-8uem

vulnerability	VCID-vatr-ygcg-f3au

vulnerability	VCID-x3q1-vymh-jkew

vulnerability	VCID-xzs8-rbhd-mkbp

vulnerability	VCID-y8up-mkx2-abcn

vulnerability	VCID-yqr6-8zk9-4fgv

vulnerability	VCID-ytk3-rjrf-wfh9

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-core@3.0.5

url pkg:maven/org.apache.cxf/cxf-core@3.0.6

purl pkg:maven/org.apache.cxf/cxf-core@3.0.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-669s-jgrm-efgg

vulnerability	VCID-6nvj-sh6e-q3h3

vulnerability	VCID-b3sp-rdja-cuf5

vulnerability	VCID-d68d-u8dc-r3be

vulnerability	VCID-darq-bg13-x3fd

vulnerability	VCID-edja-kj1j-7kh5

vulnerability	VCID-efw6-swgm-4fbc

vulnerability	VCID-fekg-fn5e-augk

vulnerability	VCID-j1db-vh8s-6yaz

vulnerability	VCID-sb6r-52yp-x7g5

vulnerability	VCID-tw87-3mzf-8uem

vulnerability	VCID-vatr-ygcg-f3au

vulnerability	VCID-x3q1-vymh-jkew

vulnerability	VCID-xzs8-rbhd-mkbp

vulnerability	VCID-y8up-mkx2-abcn

vulnerability	VCID-yqr6-8zk9-4fgv

vulnerability	VCID-ytk3-rjrf-wfh9

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-core@3.0.6

url pkg:maven/org.apache.cxf/cxf-core@3.1.0

purl pkg:maven/org.apache.cxf/cxf-core@3.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-669s-jgrm-efgg

vulnerability	VCID-6nvj-sh6e-q3h3

vulnerability	VCID-b3sp-rdja-cuf5

vulnerability	VCID-d68d-u8dc-r3be

vulnerability	VCID-darq-bg13-x3fd

vulnerability	VCID-edja-kj1j-7kh5

vulnerability	VCID-efw6-swgm-4fbc

vulnerability	VCID-fekg-fn5e-augk

vulnerability	VCID-j1db-vh8s-6yaz

vulnerability	VCID-sb6r-52yp-x7g5

vulnerability	VCID-tw87-3mzf-8uem

vulnerability	VCID-vatr-ygcg-f3au

vulnerability	VCID-x3q1-vymh-jkew

vulnerability	VCID-xzs8-rbhd-mkbp

vulnerability	VCID-y8up-mkx2-abcn

vulnerability	VCID-yqr6-8zk9-4fgv

vulnerability	VCID-ytk3-rjrf-wfh9

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-core@3.1.0

url pkg:maven/org.apache.cxf/cxf-core@3.1.1

purl pkg:maven/org.apache.cxf/cxf-core@3.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-669s-jgrm-efgg

vulnerability	VCID-6nvj-sh6e-q3h3

vulnerability	VCID-b3sp-rdja-cuf5

vulnerability	VCID-d68d-u8dc-r3be

vulnerability	VCID-darq-bg13-x3fd

vulnerability	VCID-edja-kj1j-7kh5

vulnerability	VCID-efw6-swgm-4fbc

vulnerability	VCID-fekg-fn5e-augk

vulnerability	VCID-j1db-vh8s-6yaz

vulnerability	VCID-sb6r-52yp-x7g5

vulnerability	VCID-tw87-3mzf-8uem

vulnerability	VCID-vatr-ygcg-f3au

vulnerability	VCID-x3q1-vymh-jkew

vulnerability	VCID-xzs8-rbhd-mkbp

vulnerability	VCID-y8up-mkx2-abcn

vulnerability	VCID-yqr6-8zk9-4fgv

vulnerability	VCID-ytk3-rjrf-wfh9

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-core@3.1.1

url pkg:maven/org.apache.cxf/cxf-core@3.1.2

purl pkg:maven/org.apache.cxf/cxf-core@3.1.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-669s-jgrm-efgg

vulnerability	VCID-6nvj-sh6e-q3h3

vulnerability	VCID-b3sp-rdja-cuf5

vulnerability	VCID-d68d-u8dc-r3be

vulnerability	VCID-darq-bg13-x3fd

vulnerability	VCID-edja-kj1j-7kh5

vulnerability	VCID-efw6-swgm-4fbc

vulnerability	VCID-fekg-fn5e-augk

vulnerability	VCID-j1db-vh8s-6yaz

vulnerability	VCID-sb6r-52yp-x7g5

vulnerability	VCID-tw87-3mzf-8uem

vulnerability	VCID-vatr-ygcg-f3au

vulnerability	VCID-x3q1-vymh-jkew

vulnerability	VCID-xzs8-rbhd-mkbp

vulnerability	VCID-y8up-mkx2-abcn

vulnerability	VCID-yqr6-8zk9-4fgv

vulnerability	VCID-ytk3-rjrf-wfh9

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-core@3.1.2

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.1

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.1

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.2

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.2

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.3

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.3

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.4

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.4

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.5

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.5

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.6

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.6

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.7

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.7

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.8

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.8

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.9

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.9

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.10

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.10

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.11

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.11

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.12

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.12

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.13

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.13

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.13

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.14

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.14

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.14

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.15

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.15

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.15

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.16

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.16

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.16

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.17

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.17

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.6.17

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.0

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.0

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.1

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.1

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.2

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.2

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.3

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.3

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.4

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.4

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.5

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.5

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.6

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.6

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.7

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.7

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.8

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.8

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.9

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.9

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.10

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.10

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.11

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.11

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.12

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.12

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.13

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.13

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.13

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.14

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.14

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.14

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.15

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.15

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.15

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.16

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.16

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.16

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.17

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.17

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@2.7.17

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.0.0

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.0.0

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.0.1

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.0.1

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.0.2

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.0.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.0.2

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.0.3

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.0.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.0.3

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.0.4

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.0.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.0.4

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.0.5

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.0.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.0.5

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.0.6

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.0.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.0.6

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.1.0

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.1.0

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.1.1

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.1.1

url pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.1.2

purl pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.1.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vatr-ygcg-f3au

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.1.2

References

reference_url

http://rhn.redhat.com/errata/RHSA-2016-0321.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2016-0321.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5253.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5253.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-5253

reference_id

reference_type

scores

value	0.00336
scoring_system	epss
scoring_elements	0.56544
published_at	2026-04-16T12:55:00Z

value	0.00336
scoring_system	epss
scoring_elements	0.56387
published_at	2026-04-01T12:55:00Z

value	0.00336
scoring_system	epss
scoring_elements	0.56485
published_at	2026-04-02T12:55:00Z

value	0.00336
scoring_system	epss
scoring_elements	0.56507
published_at	2026-04-04T12:55:00Z

value	0.00336
scoring_system	epss
scoring_elements	0.56487
published_at	2026-04-07T12:55:00Z

value	0.00336
scoring_system	epss
scoring_elements	0.56538
published_at	2026-04-08T12:55:00Z

value	0.00336
scoring_system	epss
scoring_elements	0.56543
published_at	2026-04-09T12:55:00Z

value	0.00336
scoring_system	epss
scoring_elements	0.56553
published_at	2026-04-11T12:55:00Z

value	0.00336
scoring_system	epss
scoring_elements	0.56529
published_at	2026-04-12T12:55:00Z

value	0.00336
scoring_system	epss
scoring_elements	0.5651
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-5253

reference_url

https://github.com/apache/cxf

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/cxf

reference_url

https://github.com/apache/cxf/commit/02245c656941f28b6b2be5e461e6db04a70d2436

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/cxf/commit/02245c656941f28b6b2be5e461e6db04a70d2436

reference_url

https://github.com/apache/cxf/commit/1c2a53080004d6ce275f2e70f46a0098d4140787

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/cxf/commit/1c2a53080004d6ce275f2e70f46a0098d4140787

reference_url

https://github.com/apache/cxf/commit/845eccb6484b43ba02875c71e824db23ae4f20c0

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/cxf/commit/845eccb6484b43ba02875c71e824db23ae4f20c0

reference_url	https://github.com/apache/cxf/commit/845eccb6484b43ba02875c71e824db23ae4f20c0#diff-921f09f2f42d9dee79e60428679f11cd4788a33854bb957f18ded6c939f585fd
reference_id
reference_type
scores
url	https://github.com/apache/cxf/commit/845eccb6484b43ba02875c71e824db23ae4f20c0#diff-921f09f2f42d9dee79e60428679f11cd4788a33854bb957f18ded6c939f585fd

reference_url	https://git-wip-us.apache.org/repos/asf?p=cxf.git%3Ba=commitdiff%3Bh=845eccb6484b43ba02875c71e824db23ae4f20c0
reference_id
reference_type
scores
url	https://git-wip-us.apache.org/repos/asf?p=cxf.git%3Ba=commitdiff%3Bh=845eccb6484b43ba02875c71e824db23ae4f20c0

reference_url

https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=commitdiff;h=845eccb6484b43ba02875c71e824db23ae4f20c0

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=commitdiff;h=845eccb6484b43ba02875c71e824db23ae4f20c0

reference_url

https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E

reference_url

http://www.openwall.com/lists/oss-security/2015/11/14/1

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2015/11/14/1

reference_url	http://www.securitytracker.com/id/1034162
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1034162

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1282411
reference_id	1282411
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1282411

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf::::::::
reference_id	cpe:2.3:a:apache:cxf::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-5253

reference_id

CVE-2015-5253

reference_type

scores

value	4.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:N/I:P/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2015-5253

reference_url

http://cxf.apache.org/security-advisories.data/CVE-2015-5253.txt.asc

reference_id

CVE-2015-5253.TXT.ASC

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://cxf.apache.org/security-advisories.data/CVE-2015-5253.txt.asc

reference_url

https://github.com/advisories/GHSA-3336-h95j-hvvf

reference_id

GHSA-3336-h95j-hvvf

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-3336-h95j-hvvf

reference_url	https://access.redhat.com/errata/RHSA-2016:0321
reference_id	RHSA-2016:0321
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0321

Weaknesses

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

cwe_id	264
name	Permissions, Privileges, and Access Controls
description	Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

cwe_id	284
name	Improper Access Control
description	The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

Exploits

Severity_range_score 4.0 - 6.9

Exploitability 0.5

Weighted_severity 6.2

Risk_score 3.1

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vatr-ygcg-f3au

Vulnerability Instance