VulnerableCode Package Details - pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-15.SP12_redhat

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-15.SP12_redhat_3.1.ep7?arch=el7

purl	pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-15.SP12_redhat_3.1.ep7?arch=el7

Next non-vulnerable version	None.
Latest non-vulnerable version	None.
Risk	4.0

Vulnerabilities affecting this package (3)

Vulnerability	Summary	Fixed by
VCID-g7n5-h7g7-uqbn Aliases: CVE-2018-10934	wildfly-core: Cross-site scripting (XSS) in JBoss Management Console	There are no reported fixed by versions.
VCID-nmya-eyxd-9ybe Aliases: CVE-2018-1000632 GHSA-6pcc-3rfx-4gpm	dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specifying attributes or elements in the XML document. This vulnerability appears to have been fixed in 2.1.1 or later.	There are no reported fixed by versions.
VCID-rqvc-k1jm-9kg9 Aliases: CVE-2018-14642 GHSA-vf6r-mmhc-3xcm	Information Exposure An information leak vulnerability was found in Undertow. If all headers are not written out in the first `write()` call, the code that handles flushing the buffer will always write out the full contents of the `writevBuffer` buffer, which may contain data from previous requests.	There are no reported fixed by versions.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T14:23:48.848980+00:00	RedHat Importer	Affected by	VCID-nmya-eyxd-9ybe	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000632.json	38.0.0
2026-04-01T14:22:50.943643+00:00	RedHat Importer	Affected by	VCID-g7n5-h7g7-uqbn	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10934.json	38.0.0
2026-04-01T14:22:21.428109+00:00	RedHat Importer	Affected by	VCID-rqvc-k1jm-9kg9	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14642.json	38.0.0