VulnerableCode Package Details - pkg:rpm/redhat/eap7-xml-security@2.0.8-1.redhat

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:rpm/redhat/eap7-xml-security@2.0.8-1.redhat_1.1.ep7?arch=el6

purl	pkg:rpm/redhat/eap7-xml-security@2.0.8-1.redhat_1.1.ep7?arch=el6

Next non-vulnerable version	None.
Latest non-vulnerable version	None.
Risk	4.0

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-hexa-jm8k-y3hc Aliases: CVE-2016-8656	jboss: jbossas: unsafe chown of server.log in jboss init script allows privilege escalation	There are no reported fixed by versions.
VCID-tzmu-y1p4-8bac Aliases: CVE-2016-9589 GHSA-p4xg-cpr9-vwvj	Uncontrolled Resource Consumption Undertow in Red Hat wildfly before version 11.0.0.Beta1 is vulnerable to a resource exhaustion resulting in a denial of service. Undertow keeps a cache of seen HTTP headers in persistent connections. It was found that this cache can easily exploited to fill memory with garbage, up to "max-headers" (default 200) * "max-header-size" (default 1MB) per active TCP connection.	There are no reported fixed by versions.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T14:34:55.072692+00:00	RedHat Importer	Affected by	VCID-hexa-jm8k-y3hc	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8656.json	38.0.0
2026-04-01T14:31:41.820787+00:00	RedHat Importer	Affected by	VCID-tzmu-y1p4-8bac	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9589.json	38.0.0