Search for packages
| purl | pkg:rpm/redhat/jboss-as-protocol@7.5.16-1.Final_redhat_1.1.ep6?arch=el5 |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 4.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-3cr9-g81m-4ugy
Aliases: CVE-2016-5018 GHSA-4v3g-g84w-hv7r |
In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 a malicious web application was able to bypass a configured SecurityManager via a Tomcat utility method that was accessible to web applications. | There are no reported fixed by versions. |
|
VCID-3n4t-bvb1-5qer
Aliases: CVE-2016-6796 GHSA-3mjp-p938-4329 |
A malicious web application running on Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 was able to bypass a configured SecurityManager via manipulation of the configuration parameters for the JSP Servlet. | There are no reported fixed by versions. |
|
VCID-jtbq-4rr9-vud6
Aliases: CVE-2017-2595 |
wildfly: Arbitrary file read via path traversal | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T14:33:53.045285+00:00 | RedHat Importer | Affected by | VCID-3cr9-g81m-4ugy | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5018.json | 38.0.0 |
| 2026-04-01T14:33:47.159931+00:00 | RedHat Importer | Affected by | VCID-3n4t-bvb1-5qer | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6796.json | 38.0.0 |
| 2026-04-01T14:30:22.241200+00:00 | RedHat Importer | Affected by | VCID-jtbq-4rr9-vud6 | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2595.json | 38.0.0 |