VulnerableCode Package Details - pkg:rpm/redhat/jboss-seam-int@6.0.0-10.GA_redhat_3.1.ep6?arch=el7

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:rpm/redhat/jboss-seam-int@6.0.0-10.GA_redhat_3.1.ep6?arch=el7

Essentials
History (7)

purl	pkg:rpm/redhat/jboss-seam-int@6.0.0-10.GA_redhat_3.1.ep6?arch=el7

Next non-vulnerable version	None.
Latest non-vulnerable version	None.
Risk

Vulnerabilities affecting this package (7)

Vulnerability	Summary	Fixed by
VCID-4pvv-qtjm-juhm Aliases: CVE-2014-3586	CLI: Insecure default permissions on history file	There are no reported fixed by versions.
VCID-737n-bb5z-g3gk Aliases: CVE-2015-0227 GHSA-6r5v-hp32-fjqw	Improper Access Control in Apache WSS4J Apache WSS4J before 1.6.17 and 2.x before 2.0.2 allows remote attackers to bypass the requireSignedEncryptedDataElements configuration via a vectors related to "wrapping attacks."	There are no reported fixed by versions.
VCID-fbvb-p92z-63fd Aliases: CVE-2015-0277	PicketLink: SP does not take Audience condition of a SAML assertion into account	There are no reported fixed by versions.
VCID-n4jc-awv6-j7h6 Aliases: CVE-2015-0226 GHSA-vjwc-5hfh-2vv5	Use of a Broken or Risky Cryptographic Algorithm in Apache WSS4J Apache WSS4J before 1.6.17 and 2.0.x before 2.0.2 improperly leaks information about decryption failures when decrypting an encrypted key or message data, which makes it easier for remote attackers to recover the plaintext form of a symmetric key via a series of crafted messages. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-2487.	There are no reported fixed by versions.
VCID-re6x-g4vf-77d3 Aliases: CVE-2015-0298	mod_cluster: JavaScript code injection is possible via MCMP mod_manager messages	There are no reported fixed by versions.
VCID-tbj1-ktxx-n7ak Aliases: CVE-2014-8111	mod_jk: information leak due to incorrect JkMount/JkUnmount directives processing	There are no reported fixed by versions.
VCID-uybr-5rcr-rqgw Aliases: CVE-2015-6254	PicketLink: Lack of validation for the Destination attribute in a Response element in a SAML assertion	There are no reported fixed by versions.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-05-29T10:01:03.897173+00:00	RedHat Importer	Affected by	VCID-737n-bb5z-g3gk	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0227.json	38.6.0
2026-05-29T10:00:51.830190+00:00	RedHat Importer	Affected by	VCID-n4jc-awv6-j7h6	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0226.json	38.6.0
2026-05-29T09:59:47.159141+00:00	RedHat Importer	Affected by	VCID-4pvv-qtjm-juhm	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3586.json	38.6.0
2026-05-29T09:59:05.240642+00:00	RedHat Importer	Affected by	VCID-uybr-5rcr-rqgw	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6254.json	38.6.0
2026-05-29T09:58:50.775310+00:00	RedHat Importer	Affected by	VCID-fbvb-p92z-63fd	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0277.json	38.6.0
2026-05-29T09:58:40.257142+00:00	RedHat Importer	Affected by	VCID-tbj1-ktxx-n7ak	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8111.json	38.6.0
2026-05-29T09:58:13.380025+00:00	RedHat Importer	Affected by	VCID-re6x-g4vf-77d3	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0298.json	38.6.0