Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/jboss-as-jsf@7.4.3-3.Final_redhat_2.1.ep6?arch=el5
Typerpm
Namespaceredhat
Namejboss-as-jsf
Version7.4.3-3.Final_redhat_2.1.ep6
Qualifiers
arch el5
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-2u9c-d6qt-syg8
vulnerability_id VCID-2u9c-d6qt-syg8
summary 
Wrong security context loaded when using SAML2 STS Login Module
The `org.jboss.security.plugins.mapping.JBossMappingManager` implementation in this package uses the default security domain when a security domain is undefined, which allows remote authenticated users to bypass intended access restrictions by leveraging credentials on the default domain for a role that is also on the application domain.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7827.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7827.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-7827
reference_id
reference_type
scores
0
value 0.00316
scoring_system epss
scoring_elements 0.54944
published_at 2026-06-04T12:55:00Z
1
value 0.00316
scoring_system epss
scoring_elements 0.55002
published_at 2026-06-05T12:55:00Z
2
value 0.00316
scoring_system epss
scoring_elements 0.55011
published_at 2026-06-06T12:55:00Z
3
value 0.00316
scoring_system epss
scoring_elements 0.55001
published_at 2026-06-07T12:55:00Z
4
value 0.00316
scoring_system epss
scoring_elements 0.54983
published_at 2026-06-08T12:55:00Z
5
value 0.00316
scoring_system epss
scoring_elements 0.55004
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-7827
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1160574
reference_id 1160574
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1160574
3
reference_url https://bugzilla.redhat.com/CVE-2014-7827
reference_id CVE-2014-7827
reference_type
scores
url https://bugzilla.redhat.com/CVE-2014-7827
4
reference_url https://access.redhat.com/errata/RHSA-2015:0215
reference_id RHSA-2015:0215
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0215
5
reference_url https://access.redhat.com/errata/RHSA-2015:0216
reference_id RHSA-2015:0216
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0216
6
reference_url https://access.redhat.com/errata/RHSA-2015:0217
reference_id RHSA-2015:0217
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0217
7
reference_url https://access.redhat.com/errata/RHSA-2015:0218
reference_id RHSA-2015:0218
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0218
8
reference_url https://access.redhat.com/errata/RHSA-2015:0850
reference_id RHSA-2015:0850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0850
9
reference_url https://access.redhat.com/errata/RHSA-2015:0851
reference_id RHSA-2015:0851
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0851
fixed_packages
aliases CVE-2014-7827
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2u9c-d6qt-syg8
1
url VCID-a7z7-bpv6-wuhj
vulnerability_id VCID-a7z7-bpv6-wuhj
summary 
External entities expanded by DocumentProvider
`DocumentProvider` in this package does not configure the external-general-entities or external-parameter-entities features, which allows remote attackers to conduct XML external entity (XXE) attacks via unspecified vectors.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2015-0675.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0675.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2015-0773.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0773.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2015-0850.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0850.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2015-0851.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0851.html
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7839.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7839.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-7839
reference_id
reference_type
scores
0
value 0.01262
scoring_system epss
scoring_elements 0.79767
published_at 2026-06-04T12:55:00Z
1
value 0.01262
scoring_system epss
scoring_elements 0.798
published_at 2026-06-09T12:55:00Z
2
value 0.01262
scoring_system epss
scoring_elements 0.79781
published_at 2026-06-08T12:55:00Z
3
value 0.01262
scoring_system epss
scoring_elements 0.79792
published_at 2026-06-07T12:55:00Z
4
value 0.01262
scoring_system epss
scoring_elements 0.79798
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-7839
6
reference_url https://github.com/resteasy/Resteasy
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/resteasy/Resteasy
7
reference_url https://github.com/resteasy/resteasy/pull/611/commits/3ab999c899c455a0b0a00bf5e455ed3e8d9ae347
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/resteasy/resteasy/pull/611/commits/3ab999c899c455a0b0a00bf5e455ed3e8d9ae347
8
reference_url https://github.com/resteasy/resteasy/pull/611/commits/8b5d8cfc963794a74636d9a840e899408ec8fdc6
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/resteasy/resteasy/pull/611/commits/8b5d8cfc963794a74636d9a840e899408ec8fdc6
9
reference_url https://issues.jboss.org/browse/RESTEASY-1130
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://issues.jboss.org/browse/RESTEASY-1130
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-7839
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-7839
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1165328
reference_id 1165328
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1165328
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770544
reference_id 770544
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770544
13
reference_url https://bugzilla.redhat.com/CVE-2014-7839
reference_id CVE-2014-7839
reference_type
scores
url https://bugzilla.redhat.com/CVE-2014-7839
14
reference_url https://github.com/advisories/GHSA-pc54-pchm-xcw6
reference_id GHSA-pc54-pchm-xcw6
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pc54-pchm-xcw6
15
reference_url https://access.redhat.com/errata/RHSA-2015:0215
reference_id RHSA-2015:0215
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0215
16
reference_url https://access.redhat.com/errata/RHSA-2015:0216
reference_id RHSA-2015:0216
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0216
17
reference_url https://access.redhat.com/errata/RHSA-2015:0217
reference_id RHSA-2015:0217
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0217
18
reference_url https://access.redhat.com/errata/RHSA-2015:0218
reference_id RHSA-2015:0218
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0218
19
reference_url https://access.redhat.com/errata/RHSA-2015:0675
reference_id RHSA-2015:0675
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0675
20
reference_url https://access.redhat.com/errata/RHSA-2015:0773
reference_id RHSA-2015:0773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0773
21
reference_url https://access.redhat.com/errata/RHSA-2015:0850
reference_id RHSA-2015:0850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0850
22
reference_url https://access.redhat.com/errata/RHSA-2015:0851
reference_id RHSA-2015:0851
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0851
23
reference_url https://access.redhat.com/errata/RHSA-2015:1009
reference_id RHSA-2015:1009
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1009
fixed_packages
aliases CVE-2014-7839, GHSA-pc54-pchm-xcw6
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a7z7-bpv6-wuhj
2
url VCID-h56z-q2b9-4qb8
vulnerability_id VCID-h56z-q2b9-4qb8
summary Subsystem: Information disclosure via incorrect sensitivity classification of attribute
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7853.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7853.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-7853
reference_id
reference_type
scores
0
value 0.00428
scoring_system epss
scoring_elements 0.62793
published_at 2026-06-04T12:55:00Z
1
value 0.00428
scoring_system epss
scoring_elements 0.62837
published_at 2026-06-09T12:55:00Z
2
value 0.00428
scoring_system epss
scoring_elements 0.62846
published_at 2026-06-06T12:55:00Z
3
value 0.00428
scoring_system epss
scoring_elements 0.62836
published_at 2026-06-07T12:55:00Z
4
value 0.00428
scoring_system epss
scoring_elements 0.62822
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-7853
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1165522
reference_id 1165522
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1165522
3
reference_url https://access.redhat.com/errata/RHSA-2015:0215
reference_id RHSA-2015:0215
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0215
4
reference_url https://access.redhat.com/errata/RHSA-2015:0216
reference_id RHSA-2015:0216
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0216
5
reference_url https://access.redhat.com/errata/RHSA-2015:0217
reference_id RHSA-2015:0217
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0217
6
reference_url https://access.redhat.com/errata/RHSA-2015:0218
reference_id RHSA-2015:0218
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0218
7
reference_url https://access.redhat.com/errata/RHSA-2015:0920
reference_id RHSA-2015:0920
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0920
fixed_packages
aliases CVE-2014-7853
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h56z-q2b9-4qb8
3
url VCID-rhqx-ze7c-53bc
vulnerability_id VCID-rhqx-ze7c-53bc
summary 
Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)
Race condition in JBoss Weld Alpha3 allows remote attackers to obtain information from a previous conversation via vectors related to a stale thread state.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2015-0215.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0215.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2015-0216.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0216.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2015-0217.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0217.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2015-0218.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0218.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2015-0675.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0675.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2015-0773.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0773.html
6
reference_url http://rhn.redhat.com/errata/RHSA-2015-0850.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0850.html
7
reference_url http://rhn.redhat.com/errata/RHSA-2015-0851.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0851.html
8
reference_url http://rhn.redhat.com/errata/RHSA-2015-0920.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0920.html
9
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8122.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8122.json
10
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-8122
reference_id
reference_type
scores
0
value 0.00754
scoring_system epss
scoring_elements 0.73622
published_at 2026-06-09T12:55:00Z
1
value 0.00754
scoring_system epss
scoring_elements 0.73583
published_at 2026-06-04T12:55:00Z
2
value 0.00754
scoring_system epss
scoring_elements 0.73619
published_at 2026-06-05T12:55:00Z
3
value 0.00754
scoring_system epss
scoring_elements 0.73624
published_at 2026-06-06T12:55:00Z
4
value 0.00754
scoring_system epss
scoring_elements 0.73611
published_at 2026-06-07T12:55:00Z
5
value 0.00754
scoring_system epss
scoring_elements 0.73596
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-8122
11
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/100892
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/100892
12
reference_url https://github.com/victims/victims-cve-db/blob/master/database/java/2014/8122.yaml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/victims/victims-cve-db/blob/master/database/java/2014/8122.yaml
13
reference_url https://github.com/weld/core
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/weld/core
14
reference_url https://github.com/weld/core/commit/29fd1107fd30579ad9bb23fae4dc3ba464205745
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/weld/core/commit/29fd1107fd30579ad9bb23fae4dc3ba464205745
15
reference_url https://github.com/weld/core/commit/6808b11cd6d97c71a2eed754ed4f955acd789086
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/weld/core/commit/6808b11cd6d97c71a2eed754ed4f955acd789086
16
reference_url https://github.com/weld/core/commit/8e413202fa1af08c09c580f444e4fd16874f9c65
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/weld/core/commit/8e413202fa1af08c09c580f444e4fd16874f9c65
17
reference_url http://www.securityfocus.com/bid/74252
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/74252
18
reference_url http://www.securitytracker.com/id/1031741
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1031741
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1169237
reference_id 1169237
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1169237
20
reference_url https://bugzilla.redhat.com/CVE-2014-8122
reference_id CVE-2014-8122
reference_type
scores
url https://bugzilla.redhat.com/CVE-2014-8122
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-8122
reference_id CVE-2014-8122
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-8122
22
reference_url https://github.com/advisories/GHSA-338v-3958-8v8r
reference_id GHSA-338v-3958-8v8r
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-338v-3958-8v8r
23
reference_url https://access.redhat.com/errata/RHSA-2015:0215
reference_id RHSA-2015:0215
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0215
24
reference_url https://access.redhat.com/errata/RHSA-2015:0216
reference_id RHSA-2015:0216
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0216
25
reference_url https://access.redhat.com/errata/RHSA-2015:0217
reference_id RHSA-2015:0217
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0217
26
reference_url https://access.redhat.com/errata/RHSA-2015:0218
reference_id RHSA-2015:0218
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0218
27
reference_url https://access.redhat.com/errata/RHSA-2015:0675
reference_id RHSA-2015:0675
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0675
28
reference_url https://access.redhat.com/errata/RHSA-2015:0773
reference_id RHSA-2015:0773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0773
29
reference_url https://access.redhat.com/errata/RHSA-2015:0850
reference_id RHSA-2015:0850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0850
30
reference_url https://access.redhat.com/errata/RHSA-2015:0851
reference_id RHSA-2015:0851
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0851
31
reference_url https://access.redhat.com/errata/RHSA-2015:0920
reference_id RHSA-2015:0920
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0920
fixed_packages
aliases CVE-2014-8122, GHSA-338v-3958-8v8r
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rhqx-ze7c-53bc
4
url VCID-rthc-mq1v-jbgw
vulnerability_id VCID-rthc-mq1v-jbgw
summary Management: Limited RBAC authorization bypass
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7849.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7849.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-7849
reference_id
reference_type
scores
0
value 0.004
scoring_system epss
scoring_elements 0.6102
published_at 2026-06-04T12:55:00Z
1
value 0.004
scoring_system epss
scoring_elements 0.61069
published_at 2026-06-05T12:55:00Z
2
value 0.004
scoring_system epss
scoring_elements 0.61076
published_at 2026-06-06T12:55:00Z
3
value 0.004
scoring_system epss
scoring_elements 0.61065
published_at 2026-06-09T12:55:00Z
4
value 0.004
scoring_system epss
scoring_elements 0.61047
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-7849
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1165170
reference_id 1165170
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1165170
3
reference_url https://access.redhat.com/errata/RHSA-2015:0215
reference_id RHSA-2015:0215
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0215
4
reference_url https://access.redhat.com/errata/RHSA-2015:0216
reference_id RHSA-2015:0216
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0216
5
reference_url https://access.redhat.com/errata/RHSA-2015:0217
reference_id RHSA-2015:0217
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0217
6
reference_url https://access.redhat.com/errata/RHSA-2015:0218
reference_id RHSA-2015:0218
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0218
7
reference_url https://access.redhat.com/errata/RHSA-2015:0920
reference_id RHSA-2015:0920
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0920
fixed_packages
aliases CVE-2014-7849
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rthc-mq1v-jbgw
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jboss-as-jsf@7.4.3-3.Final_redhat_2.1.ep6%3Farch=el5