{"url":"http://public2.vulnerablecode.io/api/packages/128855?format=json","purl":"pkg:rpm/redhat/glassfish-jaxb@2.1.4-1jpp.ep1.4.el5?arch=2","type":"rpm","namespace":"redhat","name":"glassfish-jaxb","version":"2.1.4-1jpp.ep1.4.el5","qualifiers":{"arch":"2"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88338?format=json","vulnerability_id":"VCID-6h78-yqz1-xkbw","summary":"JBossEAP  allows download of non-EJB class files","references":[{"reference_url":"http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=458823","reference_id":"","reference_type":"","scores":[],"url":"http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=458823"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3519.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3519.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3519","reference_id":"","reference_type":"","scores":[{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72189","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72063","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72069","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72089","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72066","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72103","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72115","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72137","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72122","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72107","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72148","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72156","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72142","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72185","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72195","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3519"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/45305","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/45305"},{"reference_url":"http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/4.2.0.cp04/html-single/readme/index.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/4.2.0.cp04/html-single/readme/index.html"},{"reference_url":"http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/4.3.0.cp02/html-single/readme/index.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/4.3.0.cp02/html-single/readme/index.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0831.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0831.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0832.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0832.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0833.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0833.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0834.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0834.html"},{"reference_url":"http://www.securityfocus.com/bid/31300","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/31300"},{"reference_url":"http://www.securitytracker.com/id?1020905","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020905"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=458823","reference_id":"458823","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=458823"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.2:cp01:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.2:cp01:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.2:cp01:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.2:cp02:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.2:cp02:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.2:cp02:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:*:cp01:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:jboss_enterprise_application_platform:*:cp01:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:*:cp01:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:*:cp03:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:jboss_enterprise_application_platform:*:cp03:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:*:cp03:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3519","reference_id":"CVE-2008-3519","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3519"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0831","reference_id":"RHSA-2008:0831","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0831"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0832","reference_id":"RHSA-2008:0832","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0832"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0833","reference_id":"RHSA-2008:0833","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0833"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0834","reference_id":"RHSA-2008:0834","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0834"}],"fixed_packages":[],"aliases":["CVE-2008-3519"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6h78-yqz1-xkbw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4761?format=json","vulnerability_id":"VCID-hhkg-mfp5-2kax","summary":"The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attackers to modify logging configuration options and overwrite arbitrary files, as demonstrated by changing the (1) level, (2) directory, and (3) prefix attributes in the org.apache.juli.FileHandler handler.","references":[{"reference_url":"http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=139344343412337&w=2","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://marc.info/?l=bugtraq&m=139344343412337&w=2"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5342.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5342.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5342","reference_id":"","reference_type":"","scores":[{"value":"0.18121","scoring_system":"epss","scoring_elements":"0.95195","published_at":"2026-04-24T12:55:00Z"},{"value":"0.18121","scoring_system":"epss","scoring_elements":"0.95194","published_at":"2026-04-21T12:55:00Z"},{"value":"0.18121","scoring_system":"epss","scoring_elements":"0.95193","published_at":"2026-04-18T12:55:00Z"},{"value":"0.18121","scoring_system":"epss","scoring_elements":"0.95189","published_at":"2026-04-16T12:55:00Z"},{"value":"0.18121","scoring_system":"epss","scoring_elements":"0.95181","published_at":"2026-04-13T12:55:00Z"},{"value":"0.18121","scoring_system":"epss","scoring_elements":"0.95178","published_at":"2026-04-12T12:55:00Z"},{"value":"0.18121","scoring_system":"epss","scoring_elements":"0.95172","published_at":"2026-04-09T12:55:00Z"},{"value":"0.18121","scoring_system":"epss","scoring_elements":"0.95168","published_at":"2026-04-08T12:55:00Z"},{"value":"0.18121","scoring_system":"epss","scoring_elements":"0.95161","published_at":"2026-04-07T12:55:00Z"},{"value":"0.18121","scoring_system":"epss","scoring_elements":"0.95158","published_at":"2026-04-04T12:55:00Z"},{"value":"0.18121","scoring_system":"epss","scoring_elements":"0.95145","published_at":"2026-04-01T12:55:00Z"},{"value":"0.18121","scoring_system":"epss","scoring_elements":"0.95156","published_at":"2026-04-02T12:55:00Z"},{"value":"0.18121","scoring_system":"epss","scoring_elements":"0.95196","published_at":"2026-04-29T12:55:00Z"},{"value":"0.18121","scoring_system":"epss","scoring_elements":"0.95197","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5342"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200804-10.xml","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://security.gentoo.org/glsa/glsa-200804-10.xml"},{"reference_url":"http://securityreason.com/securityalert/3485","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://securityreason.com/securityalert/3485"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/39201","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/39201"},{"reference_url":"https://github.com/apache/tomcat/tree/main/java/org/apache/juli","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/tree/main/java/org/apache/juli"},{"reference_url":"https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10417","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10417"},{"reference_url":"http://support.apple.com/kb/HT3216","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://support.apple.com/kb/HT3216"},{"reference_url":"http://support.avaya.com/elmodocs2/security/ASA-2008-401.htm","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://support.avaya.com/elmodocs2/security/ASA-2008-401.htm"},{"reference_url":"http://svn.apache.org/viewvc?view=rev&revision=606594","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://svn.apache.org/viewvc?view=rev&revision=606594"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00315.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00315.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00460.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00460.html"},{"reference_url":"http://tomcat.apache.org/security-5.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://tomcat.apache.org/security-5.html"},{"reference_url":"http://tomcat.apache.org/security-6.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://tomcat.apache.org/security-6.html"},{"reference_url":"http://www.debian.org/security/2008/dsa-1447","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2008/dsa-1447"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:188","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:188"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0042.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2008-0042.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0195.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2008-0195.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0831.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2008-0831.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0832.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2008-0832.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0833.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2008-0833.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0834.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2008-0834.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0862.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2008-0862.html"},{"reference_url":"http://www.securityfocus.com/archive/1/485481/100/0/threaded","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/archive/1/485481/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/507985/100/0/threaded","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/archive/1/507985/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/27006","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/27006"},{"reference_url":"http://www.securityfocus.com/bid/31681","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/31681"},{"reference_url":"http://www.vmware.com/security/advisories/VMSA-2008-0010.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.vmware.com/security/advisories/VMSA-2008-0010.html"},{"reference_url":"http://www.vmware.com/security/advisories/VMSA-2009-0016.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.vmware.com/security/advisories/VMSA-2009-0016.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=427216","reference_id":"427216","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=427216"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5342","reference_id":"CVE-2007-5342","reference_type":"","scores":[{"value":"Low","scoring_system":"apache_tomcat","scoring_elements":""}],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5342"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2007-5342","reference_id":"CVE-2007-5342","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-5342"},{"reference_url":"https://github.com/advisories/GHSA-w65j-cmqc-37p2","reference_id":"GHSA-w65j-cmqc-37p2","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-w65j-cmqc-37p2"},{"reference_url":"https://security.gentoo.org/glsa/200804-10","reference_id":"GLSA-200804-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200804-10"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0042","reference_id":"RHSA-2008:0042","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0042"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0195","reference_id":"RHSA-2008:0195","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0195"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0831","reference_id":"RHSA-2008:0831","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0831"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0832","reference_id":"RHSA-2008:0832","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0832"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0833","reference_id":"RHSA-2008:0833","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0833"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0834","reference_id":"RHSA-2008:0834","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0834"}],"fixed_packages":[],"aliases":["CVE-2007-5342","GHSA-w65j-cmqc-37p2"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hhkg-mfp5-2kax"}],"fixing_vulnerabilities":[],"risk_score":"3.1","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/glassfish-jaxb@2.1.4-1jpp.ep1.4.el5%3Farch=2"}