{"url":"http://public2.vulnerablecode.io/api/packages/118892?format=json","purl":"pkg:rpm/redhat/mod_security-jws3@2.8.0-6.GA.ep7?arch=el7","type":"rpm","namespace":"redhat","name":"mod_security-jws3","version":"2.8.0-6.GA.ep7","qualifiers":{"arch":"el7"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58059?format=json","vulnerability_id":"VCID-2n2t-jyg7-gbev","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8111.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8111.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8111","reference_id":"","reference_type":"","scores":[{"value":"0.03739","scoring_system":"epss","scoring_elements":"0.88011","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03739","scoring_system":"epss","scoring_elements":"0.87951","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03739","scoring_system":"epss","scoring_elements":"0.87962","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03739","scoring_system":"epss","scoring_elements":"0.87976","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03739","scoring_system":"epss","scoring_elements":"0.87979","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03739","scoring_system":"epss","scoring_elements":"0.88","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03739","scoring_system":"epss","scoring_elements":"0.88007","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03739","scoring_system":"epss","scoring_elements":"0.88017","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03739","scoring_system":"epss","scoring_elements":"0.8801","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8111"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8111","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8111"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1182591","reference_id":"1182591","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1182591"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783233","reference_id":"783233","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0846","reference_id":"RHSA-2015:0846","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0846"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0847","reference_id":"RHSA-2015:0847","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0847"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0848","reference_id":"RHSA-2015:0848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0849","reference_id":"RHSA-2015:0849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1641","reference_id":"RHSA-2015:1641","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1641"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1642","reference_id":"RHSA-2015:1642","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1642"}],"fixed_packages":[],"aliases":["CVE-2014-8111"],"risk_score":1.2,"exploitability":"0.5","weighted_severity":"2.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2n2t-jyg7-gbev"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4520?format=json","vulnerability_id":"VCID-4mkw-7haq-pkgn","summary":"Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service (thread consumption) via a series of aborted upload attempts.","references":[{"reference_url":"http://mail-archives.apache.org/mod_mbox/tomcat-announce/201505.mbox/%3C554949D1.8030904%40apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://mail-archives.apache.org/mod_mbox/tomcat-announce/201505.mbox/%3C554949D1.8030904%40apache.org%3E"},{"reference_url":"http://marc.info/?l=bugtraq&m=144498216801440&w=2","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://marc.info/?l=bugtraq&m=144498216801440&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=145974991225029&w=2","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://marc.info/?l=bugtraq&m=145974991225029&w=2"},{"reference_url":"http://openwall.com/lists/oss-security/2015/04/10/1","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openwall.com/lists/oss-security/2015/04/10/1"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-1622.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2015-1622.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0595.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2016-0595.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0596.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2016-0596.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0597.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2016-0597.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0598.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2016-0598.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2659","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2015:2659"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2660","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2015:2660"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0230.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0230.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0230","reference_id":"","reference_type":"","scores":[{"value":"0.05655","scoring_system":"epss","scoring_elements":"0.90364","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05655","scoring_system":"epss","scoring_elements":"0.90326","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05655","scoring_system":"epss","scoring_elements":"0.90324","published_at":"2026-04-01T12:55:00Z"},{"value":"0.05655","scoring_system":"epss","scoring_elements":"0.90338","published_at":"2026-04-04T12:55:00Z"},{"value":"0.05655","scoring_system":"epss","scoring_elements":"0.90342","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05655","scoring_system":"epss","scoring_elements":"0.90356","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05655","scoring_system":"epss","scoring_elements":"0.90363","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05655","scoring_system":"epss","scoring_elements":"0.90371","published_at":"2026-04-11T12:55:00Z"},{"value":"0.05655","scoring_system":"epss","scoring_elements":"0.9037","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0230"},{"reference_url":"https://github.com/apache/tomcat","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat"},{"reference_url":"https://github.com/apache/tomcat70/commit/b1c8477e3e3ee635d19cc4d5987c2b157431e0c1","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat70/commit/b1c8477e3e3ee635d19cc4d5987c2b157431e0c1"},{"reference_url":"https://github.com/apache/tomcat/commit/6b2cfacf749be186ea77249a979af1d4863e47ba","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/6b2cfacf749be186ea77249a979af1d4863e47ba"},{"reference_url":"https://github.com/apache/tomcat/commit/812088583d0e60717a8fe9c6d14e12bcdc3e6c51","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/812088583d0e60717a8fe9c6d14e12bcdc3e6c51"},{"reference_url":"https://github.com/apache/tomcat/commit/b1c8477e3e3ee635d19cc4d5987c2b157431e0c1","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/b1c8477e3e3ee635d19cc4d5987c2b157431e0c1"},{"reference_url":"https://github.com/apache/tomcat/commit/c1357e649641844109711d60cacb98e4b5fcd3cb","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/c1357e649641844109711d60cacb98e4b5fcd3cb"},{"reference_url":"https://github.com/apache/tomcat/commit/e28dd578fad90a6d5726ec34f3245c9f99d909a5","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/e28dd578fad90a6d5726ec34f3245c9f99d909a5"},{"reference_url":"https://github.com/apache/tomcat/commit/e3146f4b03a2386c3e57597e86134d4ed5c31303","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/e3146f4b03a2386c3e57597e86134d4ed5c31303"},{"reference_url":"https://github.com/apache/tomcat/commit/fc049912464f0dcf9dede3761f38049369057e16","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/fc049912464f0dcf9dede3761f38049369057e16"},{"reference_url":"https://github.com/apache/tomcat/commit/fdd9f11dc24b95e5425076abb58e968336f320a2","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/fdd9f11dc24b95e5425076abb58e968336f320a2"},{"reference_url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964"},{"reference_url":"https://issues.jboss.org/browse/JWS-219","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://issues.jboss.org/browse/JWS-219"},{"reference_url":"https://issues.jboss.org/browse/JWS-220","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://issues.jboss.org/browse/JWS-220"},{"reference_url":"https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E"},{"reference_url":"https://svn.apache.org/viewvc?view=rev&rev=1603770","reference_id":"","reference_type":"","scores":[],"url":"https://svn.apache.org/viewvc?view=rev&rev=1603770"},{"reference_url":"https://svn.apache.org/viewvc?view=rev&rev=1603775","reference_id":"","reference_type":"","scores":[],"url":"https://svn.apache.org/viewvc?view=rev&rev=1603775"},{"reference_url":"https://svn.apache.org/viewvc?view=rev&rev=1603779","reference_id":"","reference_type":"","scores":[],"url":"https://svn.apache.org/viewvc?view=rev&rev=1603779"},{"reference_url":"https://svn.apache.org/viewvc?view=rev&rev=1603781","reference_id":"","reference_type":"","scores":[],"url":"https://svn.apache.org/viewvc?view=rev&rev=1603781"},{"reference_url":"https://svn.apache.org/viewvc?view=rev&rev=1603811","reference_id":"","reference_type":"","scores":[],"url":"https://svn.apache.org/viewvc?view=rev&rev=1603811"},{"reference_url":"https://svn.apache.org/viewvc?view=rev&rev=1609175","reference_id":"","reference_type":"","scores":[],"url":"https://svn.apache.org/viewvc?view=rev&rev=1609175"},{"reference_url":"https://svn.apache.org/viewvc?view=rev&rev=1609176","reference_id":"","reference_type":"","scores":[],"url":"https://svn.apache.org/viewvc?view=rev&rev=1609176"},{"reference_url":"https://svn.apache.org/viewvc?view=rev&rev=1659294","reference_id":"","reference_type":"","scores":[],"url":"https://svn.apache.org/viewvc?view=rev&rev=1659294"},{"reference_url":"https://svn.apache.org/viewvc?view=rev&rev=1659295","reference_id":"","reference_type":"","scores":[],"url":"https://svn.apache.org/viewvc?view=rev&rev=1659295"},{"reference_url":"https://svn.apache.org/viewvc?view=rev&rev=1659537","reference_id":"","reference_type":"","scores":[],"url":"https://svn.apache.org/viewvc?view=rev&rev=1659537"},{"reference_url":"http://svn.apache.org/viewvc?view=revision&revision=1603770","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://svn.apache.org/viewvc?view=revision&revision=1603770"},{"reference_url":"http://svn.apache.org/viewvc?view=revision&revision=1603775","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://svn.apache.org/viewvc?view=revision&revision=1603775"},{"reference_url":"http://svn.apache.org/viewvc?view=revision&revision=1603779","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://svn.apache.org/viewvc?view=revision&revision=1603779"},{"reference_url":"http://tomcat.apache.org/security-6.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://tomcat.apache.org/security-6.html"},{"reference_url":"http://tomcat.apache.org/security-7.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://tomcat.apache.org/security-7.html"},{"reference_url":"http://tomcat.apache.org/security-8.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://tomcat.apache.org/security-8.html"},{"reference_url":"http://www.debian.org/security/2016/dsa-3447","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2016/dsa-3447"},{"reference_url":"http://www.debian.org/security/2016/dsa-3530","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2016/dsa-3530"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"},{"reference_url":"http://www.ubuntu.com/usn/USN-2654-1","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-2654-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2655-1","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-2655-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1191200","reference_id":"1191200","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1191200"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0230","reference_id":"CVE-2014-0230","reference_type":"","scores":[{"value":"Low","scoring_system":"apache_tomcat","scoring_elements":""}],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0230"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-0230","reference_id":"CVE-2014-0230","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-0230"},{"reference_url":"https://github.com/advisories/GHSA-pxcx-cxq8-4mmw","reference_id":"GHSA-pxcx-cxq8-4mmw","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-pxcx-cxq8-4mmw"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1621","reference_id":"RHSA-2015:1621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1622","reference_id":"RHSA-2015:1622","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1622"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2661","reference_id":"RHSA-2015:2661","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2661"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0595","reference_id":"RHSA-2016:0595","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0595"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0596","reference_id":"RHSA-2016:0596","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0596"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0597","reference_id":"RHSA-2016:0597","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0597"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0598","reference_id":"RHSA-2016:0598","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0598"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0599","reference_id":"RHSA-2016:0599","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0599"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2599","reference_id":"RHSA-2016:2599","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2599"},{"reference_url":"https://usn.ubuntu.com/2654-1/","reference_id":"USN-2654-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2654-1/"},{"reference_url":"https://usn.ubuntu.com/2655-1/","reference_id":"USN-2655-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2655-1/"}],"fixed_packages":[],"aliases":["CVE-2014-0230","GHSA-pxcx-cxq8-4mmw"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4mkw-7haq-pkgn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34923?format=json","vulnerability_id":"VCID-fme4-s7d2-z7bh","summary":"Multiple vulnerabilities have been found in OpenSSL that can result\n    in either Denial of Service or information disclosure.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0288.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0288.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-0288","reference_id":"","reference_type":"","scores":[{"value":"0.06745","scoring_system":"epss","scoring_elements":"0.91237","published_at":"2026-04-01T12:55:00Z"},{"value":"0.06745","scoring_system":"epss","scoring_elements":"0.91242","published_at":"2026-04-02T12:55:00Z"},{"value":"0.06745","scoring_system":"epss","scoring_elements":"0.91251","published_at":"2026-04-04T12:55:00Z"},{"value":"0.06745","scoring_system":"epss","scoring_elements":"0.91258","published_at":"2026-04-07T12:55:00Z"},{"value":"0.06745","scoring_system":"epss","scoring_elements":"0.91271","published_at":"2026-04-08T12:55:00Z"},{"value":"0.06745","scoring_system":"epss","scoring_elements":"0.91278","published_at":"2026-04-09T12:55:00Z"},{"value":"0.06745","scoring_system":"epss","scoring_elements":"0.91284","published_at":"2026-04-11T12:55:00Z"},{"value":"0.06745","scoring_system":"epss","scoring_elements":"0.91287","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-0288"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0289","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0289"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0292","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0292"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1202418","reference_id":"1202418","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1202418"},{"reference_url":"https://security.gentoo.org/glsa/201503-11","reference_id":"GLSA-201503-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201503-11"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0715","reference_id":"RHSA-2015:0715","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0715"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0716","reference_id":"RHSA-2015:0716","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0716"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0752","reference_id":"RHSA-2015:0752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0800","reference_id":"RHSA-2015:0800","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0800"},{"reference_url":"https://usn.ubuntu.com/2537-1/","reference_id":"USN-2537-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2537-1/"}],"fixed_packages":[],"aliases":["CVE-2015-0288"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fme4-s7d2-z7bh"}],"fixing_vulnerabilities":[],"risk_score":"4.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/mod_security-jws3@2.8.0-6.GA.ep7%3Farch=el7"}