Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.wss4j/wss4j-ws-security-dom@2.0.0
Typemaven
Namespaceorg.apache.wss4j
Namewss4j-ws-security-dom
Version2.0.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.0.2
Latest_non_vulnerable_version3.0.2
Affected_by_vulnerabilities
0
url VCID-6vju-5x5m-mube
vulnerability_id VCID-6vju-5x5m-mube
summary Apache WSS4J before 1.6.17 and 2.0.x before 2.0.2 improperly leaks information about decryption failures when decrypting an encrypted key or message data, which makes it easier for remote attackers to recover the plaintext form of a symmetric key via a series of crafted messages. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-2487.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2015-0846.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0846.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2015-0847.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0847.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2015-0848.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0848.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2015-0849.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0849.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2015-1176.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1176.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2015-1177.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1177.html
6
reference_url https://access.redhat.com/errata/RHSA-2016:1376
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:1376
7
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0226.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0226.json
8
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-0226
reference_id
reference_type
scores
0
value 0.0521
scoring_system epss
scoring_elements 0.90185
published_at 2026-06-12T12:55:00Z
1
value 0.0521
scoring_system epss
scoring_elements 0.90154
published_at 2026-06-11T12:55:00Z
2
value 0.0521
scoring_system epss
scoring_elements 0.90192
published_at 2026-06-14T12:55:00Z
3
value 0.0521
scoring_system epss
scoring_elements 0.90194
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-0226
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0226
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0226
10
reference_url https://github.com/apache/ws-wss4j
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/ws-wss4j
11
reference_url https://github.com/apache/ws-wss4j/commit/970b3e3756e2c75bf2379ce198365e1a7168c3c3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/ws-wss4j/commit/970b3e3756e2c75bf2379ce198365e1a7168c3c3
12
reference_url https://github.com/apache/ws-wss4j/commit/de5104b30ddde5fe7388ad57e1c5ace5c5509924
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/ws-wss4j/commit/de5104b30ddde5fe7388ad57e1c5ace5c5509924
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-0226
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-0226
14
reference_url https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03900en_us
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03900en_us
15
reference_url https://svn.apache.org/viewvc?view=revision&revision=1621329
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://svn.apache.org/viewvc?view=revision&revision=1621329
16
reference_url https://ws.apache.org/wss4j/advisories/CVE-2015-0226.txt.asc
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://ws.apache.org/wss4j/advisories/CVE-2015-0226.txt.asc
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1191446
reference_id 1191446
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1191446
18
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777741
reference_id 777741
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777741
19
reference_url https://github.com/advisories/GHSA-vjwc-5hfh-2vv5
reference_id GHSA-vjwc-5hfh-2vv5
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vjwc-5hfh-2vv5
20
reference_url https://access.redhat.com/errata/RHSA-2015:0773
reference_id RHSA-2015:0773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0773
21
reference_url https://access.redhat.com/errata/RHSA-2015:0846
reference_id RHSA-2015:0846
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0846
22
reference_url https://access.redhat.com/errata/RHSA-2015:0847
reference_id RHSA-2015:0847
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0847
23
reference_url https://access.redhat.com/errata/RHSA-2015:0848
reference_id RHSA-2015:0848
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0848
24
reference_url https://access.redhat.com/errata/RHSA-2015:0849
reference_id RHSA-2015:0849
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0849
25
reference_url https://access.redhat.com/errata/RHSA-2015:1009
reference_id RHSA-2015:1009
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1009
26
reference_url https://access.redhat.com/errata/RHSA-2015:1176
reference_id RHSA-2015:1176
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1176
27
reference_url https://access.redhat.com/errata/RHSA-2015:1177
reference_id RHSA-2015:1177
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1177
fixed_packages
0
url pkg:maven/org.apache.wss4j/wss4j-ws-security-dom@2.0.2
purl pkg:maven/org.apache.wss4j/wss4j-ws-security-dom@2.0.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.wss4j/wss4j-ws-security-dom@2.0.2
aliases CVE-2015-0226, GHSA-vjwc-5hfh-2vv5
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6vju-5x5m-mube
1
url VCID-ngfd-6rfm-m7fw
vulnerability_id VCID-ngfd-6rfm-m7fw
summary Improper Authentication in Apache WSS4J
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2015-0236.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0236.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2015-0675.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0675.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2015-0850.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0850.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2015-0851.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0851.html
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3623.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3623.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3623
reference_id
reference_type
scores
0
value 0.0249
scoring_system epss
scoring_elements 0.85689
published_at 2026-06-14T12:55:00Z
1
value 0.0249
scoring_system epss
scoring_elements 0.85635
published_at 2026-06-11T12:55:00Z
2
value 0.0249
scoring_system epss
scoring_elements 0.85696
published_at 2026-06-13T12:55:00Z
3
value 0.0249
scoring_system epss
scoring_elements 0.85687
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3623
6
reference_url http://seclists.org/oss-sec/2014/q4/437
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2014/q4/437
7
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/97754
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/97754
8
reference_url https://issues.apache.org/jira/browse/WSS-511
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/WSS-511
9
reference_url https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1157304
reference_id 1157304
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1157304
16
reference_url https://bugzilla.redhat.com/CVE-2014-3623
reference_id CVE-2014-3623
reference_type
scores
url https://bugzilla.redhat.com/CVE-2014-3623
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-3623
reference_id CVE-2014-3623
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-3623
18
reference_url http://cxf.apache.org/security-advisories.data/CVE-2014-3623.txt.asc
reference_id CVE-2014-3623.TXT.ASC
reference_type
scores
url http://cxf.apache.org/security-advisories.data/CVE-2014-3623.txt.asc
19
reference_url https://github.com/advisories/GHSA-99v3-9x35-c5vf
reference_id GHSA-99v3-9x35-c5vf
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-99v3-9x35-c5vf
20
reference_url https://access.redhat.com/errata/RHSA-2014:2019
reference_id RHSA-2014:2019
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:2019
21
reference_url https://access.redhat.com/errata/RHSA-2014:2020
reference_id RHSA-2014:2020
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:2020
22
reference_url https://access.redhat.com/errata/RHSA-2015:0236
reference_id RHSA-2015:0236
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0236
23
reference_url https://access.redhat.com/errata/RHSA-2015:0675
reference_id RHSA-2015:0675
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0675
24
reference_url https://access.redhat.com/errata/RHSA-2015:0850
reference_id RHSA-2015:0850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0850
25
reference_url https://access.redhat.com/errata/RHSA-2015:0851
reference_id RHSA-2015:0851
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0851
fixed_packages
0
url pkg:maven/org.apache.wss4j/wss4j-ws-security-dom@2.0.2
purl pkg:maven/org.apache.wss4j/wss4j-ws-security-dom@2.0.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.wss4j/wss4j-ws-security-dom@2.0.2
1
url pkg:maven/org.apache.wss4j/wss4j-ws-security-dom@3.0.2
purl pkg:maven/org.apache.wss4j/wss4j-ws-security-dom@3.0.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.wss4j/wss4j-ws-security-dom@3.0.2
aliases CVE-2014-3623, GHSA-99v3-9x35-c5vf
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ngfd-6rfm-m7fw
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.wss4j/wss4j-ws-security-dom@2.0.0