Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/jboss-as-domain-management@7.5.5-2.Final_redhat_3.1.ep6?arch=el7

Type rpm

Namespace redhat

Name jboss-as-domain-management

Version 7.5.5-2.Final_redhat_3.1.ep6

Qualifiers

arch	el7

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-d35k-bj2z-ayg9

vulnerability_id

VCID-d35k-bj2z-ayg9

summary

InvokerTransformer code execution during deserialization
This package allows code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.

references

reference_url	http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/
reference_id
reference_type
scores
url	http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/

reference_url

http://rhn.redhat.com/errata/RHSA-2016-1773.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2016-1773.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7501.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7501.json

reference_url

https://access.redhat.com/security/vulnerabilities/2059393

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/security/vulnerabilities/2059393

reference_url

https://access.redhat.com/solutions/2045023

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/solutions/2045023

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-7501

reference_id

reference_type

scores

value	0.71461
scoring_system	epss
scoring_elements	0.98743
published_at	2026-06-06T12:55:00Z

value	0.71461
scoring_system	epss
scoring_elements	0.98744
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-7501

reference_url

https://arxiv.org/pdf/2306.05534.pdf

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://arxiv.org/pdf/2306.05534.pdf

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1279330

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1279330

reference_url

https://commons.apache.org/proper/commons-collections/release_4_1.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://commons.apache.org/proper/commons-collections/release_4_1.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7501
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7501

reference_url

https://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability

reference_url	https://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/
reference_id
reference_type
scores
url	https://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/

reference_url

https://github.com/apache/commons-collections

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/commons-collections

reference_url

https://issues.apache.org/jira/browse/COLLECTIONS-580.

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://issues.apache.org/jira/browse/COLLECTIONS-580.

reference_url

https://sourceforge.net/p/collections/code/HEAD/tree

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://sourceforge.net/p/collections/code/HEAD/tree

reference_url	https://sourceforge.net/p/collections/code/HEAD/tree/
reference_id
reference_type
scores
url	https://sourceforge.net/p/collections/code/HEAD/tree/

reference_url

https://github.com/jensdietrich/xshady-release/tree/main/CVE-2015-7501

reference_id

CVE-2015-7501

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/jensdietrich/xshady-release/tree/main/CVE-2015-7501

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-7501

reference_id

CVE-2015-7501

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2015-7501

reference_url

https://github.com/advisories/GHSA-fjq5-5j5f-mvxh

reference_id

GHSA-fjq5-5j5f-mvxh

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-fjq5-5j5f-mvxh

reference_url	https://access.redhat.com/errata/RHSA-2015:2500
reference_id	RHSA-2015:2500
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2500

reference_url	https://access.redhat.com/errata/RHSA-2015:2501
reference_id	RHSA-2015:2501
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2501

reference_url	https://access.redhat.com/errata/RHSA-2015:2502
reference_id	RHSA-2015:2502
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2502

reference_url	https://access.redhat.com/errata/RHSA-2015:2514
reference_id	RHSA-2015:2514
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2514

reference_url	https://access.redhat.com/errata/RHSA-2015:2516
reference_id	RHSA-2015:2516
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2516

reference_url	https://access.redhat.com/errata/RHSA-2015:2517
reference_id	RHSA-2015:2517
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2517

reference_url	https://access.redhat.com/errata/RHSA-2015:2521
reference_id	RHSA-2015:2521
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2521

reference_url	https://access.redhat.com/errata/RHSA-2015:2522
reference_id	RHSA-2015:2522
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2522

reference_url	https://access.redhat.com/errata/RHSA-2015:2523
reference_id	RHSA-2015:2523
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2523

reference_url	https://access.redhat.com/errata/RHSA-2015:2524
reference_id	RHSA-2015:2524
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2524

reference_url	https://access.redhat.com/errata/RHSA-2015:2534
reference_id	RHSA-2015:2534
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2534

reference_url	https://access.redhat.com/errata/RHSA-2015:2535
reference_id	RHSA-2015:2535
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2535

reference_url	https://access.redhat.com/errata/RHSA-2015:2536
reference_id	RHSA-2015:2536
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2536

reference_url	https://access.redhat.com/errata/RHSA-2015:2537
reference_id	RHSA-2015:2537
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2537

reference_url	https://access.redhat.com/errata/RHSA-2015:2538
reference_id	RHSA-2015:2538
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2538

reference_url	https://access.redhat.com/errata/RHSA-2015:2539
reference_id	RHSA-2015:2539
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2539

reference_url	https://access.redhat.com/errata/RHSA-2015:2540
reference_id	RHSA-2015:2540
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2540

reference_url	https://access.redhat.com/errata/RHSA-2015:2541
reference_id	RHSA-2015:2541
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2541

reference_url	https://access.redhat.com/errata/RHSA-2015:2542
reference_id	RHSA-2015:2542
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2542

reference_url	https://access.redhat.com/errata/RHSA-2015:2547
reference_id	RHSA-2015:2547
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2547

reference_url	https://access.redhat.com/errata/RHSA-2015:2548
reference_id	RHSA-2015:2548
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2548

reference_url	https://access.redhat.com/errata/RHSA-2015:2556
reference_id	RHSA-2015:2556
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2556

reference_url	https://access.redhat.com/errata/RHSA-2015:2557
reference_id	RHSA-2015:2557
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2557

reference_url	https://access.redhat.com/errata/RHSA-2015:2559
reference_id	RHSA-2015:2559
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2559

reference_url	https://access.redhat.com/errata/RHSA-2015:2560
reference_id	RHSA-2015:2560
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2560

reference_url	https://access.redhat.com/errata/RHSA-2015:2578
reference_id	RHSA-2015:2578
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2578

reference_url	https://access.redhat.com/errata/RHSA-2015:2579
reference_id	RHSA-2015:2579
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2579

reference_url	https://access.redhat.com/errata/RHSA-2015:2670
reference_id	RHSA-2015:2670
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2670

reference_url	https://access.redhat.com/errata/RHSA-2015:2671
reference_id	RHSA-2015:2671
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2671

reference_url	https://access.redhat.com/errata/RHSA-2016:0040
reference_id	RHSA-2016:0040
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0040

reference_url	https://access.redhat.com/errata/RHSA-2016:0118
reference_id	RHSA-2016:0118
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0118

reference_url	https://access.redhat.com/errata/RHSA-2016:1773
reference_id	RHSA-2016:1773
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1773

reference_url	https://access.redhat.com/errata/RHSA-2020:4274
reference_id	RHSA-2020:4274
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4274

fixed_packages

aliases

CVE-2015-7501, GHSA-fjq5-5j5f-mvxh

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-d35k-bj2z-ayg9

url VCID-p9re-b9ku-4qc2

vulnerability_id VCID-p9re-b9ku-4qc2

summary EAP: missing authorization check for Monitor/Deployer/Auditor role when shutting down server

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5304.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5304.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-5304

reference_id

reference_type

scores

value	0.01287
scoring_system	epss
scoring_elements	0.7998
published_at	2026-06-04T12:55:00Z

value	0.01287
scoring_system	epss
scoring_elements	0.80005
published_at	2026-06-07T12:55:00Z

value	0.01287
scoring_system	epss
scoring_elements	0.80011
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-5304

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1273046
reference_id	1273046
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1273046

reference_url	https://access.redhat.com/errata/RHSA-2015:2538
reference_id	RHSA-2015:2538
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2538

reference_url	https://access.redhat.com/errata/RHSA-2015:2539
reference_id	RHSA-2015:2539
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2539

reference_url	https://access.redhat.com/errata/RHSA-2015:2540
reference_id	RHSA-2015:2540
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2540

reference_url	https://access.redhat.com/errata/RHSA-2015:2541
reference_id	RHSA-2015:2541
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2541

reference_url	https://access.redhat.com/errata/RHSA-2015:2542
reference_id	RHSA-2015:2542
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2542

fixed_packages

aliases CVE-2015-5304

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p9re-b9ku-4qc2

Fixing_vulnerabilities

Risk_score 4.5

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jboss-as-domain-management@7.5.5-2.Final_redhat_3.1.ep6%3Farch=el7

Package Instance