{"url":"http://public2.vulnerablecode.io/api/packages/319446?format=json","purl":"pkg:rpm/redhat/java-1.5.0-ibm@1:1.5.0.5-1jpp.2?arch=el4","type":"rpm","namespace":"redhat","name":"java-1.5.0-ibm","version":"1:1.5.0.5-1jpp.2","qualifiers":{"arch":"el4"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76041?format=json","vulnerability_id":"VCID-4zu4-fbzz-cfc7","summary":"java: Vulnerability in the font parsing code","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4381.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4381.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-4381","reference_id":"","reference_type":"","scores":[{"value":"0.18441","scoring_system":"epss","scoring_elements":"0.95348","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-4381"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=253488","reference_id":"253488","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=253488"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/java/remote/30502.txt","reference_id":"CVE-2007-4381;OSVDB-37766","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/java/remote/30502.txt"},{"reference_url":"https://www.securityfocus.com/bid/25340/info","reference_id":"CVE-2007-4381;OSVDB-37766","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/25340/info"},{"reference_url":"https://security.gentoo.org/glsa/200709-15","reference_id":"GLSA-200709-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200709-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0829","reference_id":"RHSA-2007:0829","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0829"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0956","reference_id":"RHSA-2007:0956","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0956"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1086","reference_id":"RHSA-2007:1086","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1086"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0100","reference_id":"RHSA-2008:0100","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0132","reference_id":"RHSA-2008:0132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0132"}],"fixed_packages":[],"aliases":["CVE-2007-4381"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4zu4-fbzz-cfc7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76160?format=json","vulnerability_id":"VCID-8fhp-evkj-4yfd","summary":"javaws vulnerabilities","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2435.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2435.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-2435","reference_id":"","reference_type":"","scores":[{"value":"0.04707","scoring_system":"epss","scoring_elements":"0.89535","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-2435"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=239660","reference_id":"239660","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=239660"},{"reference_url":"https://security.gentoo.org/glsa/200705-23","reference_id":"GLSA-200705-23","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200705-23"},{"reference_url":"https://security.gentoo.org/glsa/200706-08","reference_id":"GLSA-200706-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200706-08"},{"reference_url":"https://security.gentoo.org/glsa/200804-20","reference_id":"GLSA-200804-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200804-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0817","reference_id":"RHSA-2007:0817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0829","reference_id":"RHSA-2007:0829","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0829"}],"fixed_packages":[],"aliases":["CVE-2007-2435"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8fhp-evkj-4yfd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76133?format=json","vulnerability_id":"VCID-awgs-xg7z-2kc2","summary":"BMP image parser vulnerability","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2789.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2789.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-2789","reference_id":"","reference_type":"","scores":[{"value":"0.05079","scoring_system":"epss","scoring_elements":"0.8994","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-2789"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=250729","reference_id":"250729","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=250729"},{"reference_url":"https://security.gentoo.org/glsa/200705-23","reference_id":"GLSA-200705-23","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200705-23"},{"reference_url":"https://security.gentoo.org/glsa/200706-08","reference_id":"GLSA-200706-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200706-08"},{"reference_url":"https://security.gentoo.org/glsa/200709-15","reference_id":"GLSA-200709-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200709-15"},{"reference_url":"https://security.gentoo.org/glsa/200804-20","reference_id":"GLSA-200804-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200804-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0817","reference_id":"RHSA-2007:0817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0829","reference_id":"RHSA-2007:0829","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0829"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0956","reference_id":"RHSA-2007:0956","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0956"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1086","reference_id":"RHSA-2007:1086","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1086"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0100","reference_id":"RHSA-2008:0100","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0100"}],"fixed_packages":[],"aliases":["CVE-2007-2789"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-awgs-xg7z-2kc2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76079?format=json","vulnerability_id":"VCID-bca5-gvfs-s3gs","summary":"A buffer overflow vulnerability in Java Web Start URL parsing code","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3655.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3655.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3655","reference_id":"","reference_type":"","scores":[{"value":"0.62246","scoring_system":"epss","scoring_elements":"0.98379","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3655"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=248864","reference_id":"248864","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=248864"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/4168.vbs","reference_id":"CVE-2007-3655","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/4168.vbs"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/30284.vbs","reference_id":"CVE-2007-3655;OSVDB-37756","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/30284.vbs"},{"reference_url":"https://www.securityfocus.com/bid/24832/info","reference_id":"CVE-2007-3655;OSVDB-37756","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/24832/info"},{"reference_url":"https://security.gentoo.org/glsa/200804-20","reference_id":"GLSA-200804-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200804-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0818","reference_id":"RHSA-2007:0818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0829","reference_id":"RHSA-2007:0829","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0829"}],"fixed_packages":[],"aliases":["CVE-2007-3655"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bca5-gvfs-s3gs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76092?format=json","vulnerability_id":"VCID-gcfm-cs2p-s3d8","summary":"HTML files generated with Javadoc are vulnerable to a XSS","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3503.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3503.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3503","reference_id":"","reference_type":"","scores":[{"value":"0.01057","scoring_system":"epss","scoring_elements":"0.77903","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3503"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=246765","reference_id":"246765","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=246765"},{"reference_url":"https://security.gentoo.org/glsa/200709-15","reference_id":"GLSA-200709-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200709-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0818","reference_id":"RHSA-2007:0818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0829","reference_id":"RHSA-2007:0829","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0829"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0956","reference_id":"RHSA-2007:0956","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0956"}],"fixed_packages":[],"aliases":["CVE-2007-3503"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gcfm-cs2p-s3d8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76132?format=json","vulnerability_id":"VCID-ge47-qsk3-13gk","summary":"Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2788.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2788.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-2788","reference_id":"","reference_type":"","scores":[{"value":"0.51086","scoring_system":"epss","scoring_elements":"0.97919","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-2788"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=250725","reference_id":"250725","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=250725"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/30043.txt","reference_id":"CVE-2007-2788;OSVDB-36199","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/30043.txt"},{"reference_url":"https://www.securityfocus.com/bid/24004/info","reference_id":"CVE-2007-2788;OSVDB-36199","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/24004/info"},{"reference_url":"https://security.gentoo.org/glsa/200705-23","reference_id":"GLSA-200705-23","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200705-23"},{"reference_url":"https://security.gentoo.org/glsa/200706-08","reference_id":"GLSA-200706-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200706-08"},{"reference_url":"https://security.gentoo.org/glsa/200709-15","reference_id":"GLSA-200709-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200709-15"},{"reference_url":"https://security.gentoo.org/glsa/200804-20","reference_id":"GLSA-200804-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200804-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0817","reference_id":"RHSA-2007:0817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0829","reference_id":"RHSA-2007:0829","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0829"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0956","reference_id":"RHSA-2007:0956","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0956"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1086","reference_id":"RHSA-2007:1086","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1086"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0100","reference_id":"RHSA-2008:0100","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0100"}],"fixed_packages":[],"aliases":["CVE-2007-2788"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ge47-qsk3-13gk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76073?format=json","vulnerability_id":"VCID-nfec-m61t-v7b8","summary":"Vulnerability in the Java Runtime Environment May Allow an Untrusted Applet to Circumvent Network Access Restrictions","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3922.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3922.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3922","reference_id":"","reference_type":"","scores":[{"value":"0.05048","scoring_system":"epss","scoring_elements":"0.89914","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3922"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=249533","reference_id":"249533","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=249533"},{"reference_url":"https://security.gentoo.org/glsa/200709-15","reference_id":"GLSA-200709-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200709-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0818","reference_id":"RHSA-2007:0818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0829","reference_id":"RHSA-2007:0829","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0829"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0133","reference_id":"RHSA-2008:0133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0133"}],"fixed_packages":[],"aliases":["CVE-2007-3922"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nfec-m61t-v7b8"}],"fixing_vulnerabilities":[],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.5.0-ibm@1:1.5.0.5-1jpp.2%3Farch=el4"}