Search for packages
| purl | pkg:rpm/redhat/weld-core@1.1.17-1.Final_redhat_1.1.ep6?arch=el6 |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 3.1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-h8wa-77tk-m3av
Aliases: CVE-2013-4517 GHSA-4p4w-6h54-g885 |
Apache Santuario XML Security for Java before 1.5.6, when applying Transforms, allows remote attackers to cause a denial of service (memory consumption) via crafted Document Type Definitions (DTDs), related to signatures. | There are no reported fixed by versions. |
|
VCID-mpfh-7815-7bcg
Aliases: CVE-2014-0018 |
jboss-as-server: Unchecked access to MSC Service Registry under JSM | There are no reported fixed by versions. |
|
VCID-z9nz-nkff-kfez
Aliases: CVE-2013-6440 GHSA-v723-58jv-2qc4 |
XML eXternal Entity (XXE) flaw in ParserPool and Decrypter The `BasicParserPool`, `StaticBasicParserPool`, XML Decrypter, and SAML Decrypter in this package set the expandEntityReferences property to `true`, which allows remote attackers to conduct XML external entity (XXE) attacks via a crafted XML DOCTYPE declaration. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T14:49:42.379901+00:00 | RedHat Importer | Affected by | VCID-h8wa-77tk-m3av | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4517.json | 38.0.0 |
| 2026-04-01T14:49:15.878665+00:00 | RedHat Importer | Affected by | VCID-z9nz-nkff-kfez | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6440.json | 38.0.0 |
| 2026-04-01T14:49:09.615134+00:00 | RedHat Importer | Affected by | VCID-mpfh-7815-7bcg | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0018.json | 38.0.0 |