{"url":"http://public2.vulnerablecode.io/api/packages/319508?format=json","purl":"pkg:rpm/redhat/java-1.5.0-sun@1.5.0.12-1jpp.2?arch=el4","type":"rpm","namespace":"redhat","name":"java-1.5.0-sun","version":"1.5.0.12-1jpp.2","qualifiers":{"arch":"el4"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76080?format=json","vulnerability_id":"VCID-81jk-4ppu-cyeg","summary":"Java Secure Socket Extension Does Not Correctly Process SSL/TLS Handshake Requests Resulting in a Denial of Service (DoS) Condition","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3698.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3698.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3698","reference_id":"","reference_type":"","scores":[{"value":"0.19037","scoring_system":"epss","scoring_elements":"0.95438","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3698"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=249539","reference_id":"249539","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=249539"},{"reference_url":"https://security.gentoo.org/glsa/200709-15","reference_id":"GLSA-200709-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200709-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0818","reference_id":"RHSA-2007:0818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0956","reference_id":"RHSA-2007:0956","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0956"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1086","reference_id":"RHSA-2007:1086","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1086"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0100","reference_id":"RHSA-2008:0100","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0132","reference_id":"RHSA-2008:0132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0132"}],"fixed_packages":[],"aliases":["CVE-2007-3698"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-81jk-4ppu-cyeg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76079?format=json","vulnerability_id":"VCID-bca5-gvfs-s3gs","summary":"A buffer overflow vulnerability in Java Web Start URL parsing code","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3655.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3655.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3655","reference_id":"","reference_type":"","scores":[{"value":"0.62246","scoring_system":"epss","scoring_elements":"0.98379","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3655"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=248864","reference_id":"248864","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=248864"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/4168.vbs","reference_id":"CVE-2007-3655","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/4168.vbs"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/30284.vbs","reference_id":"CVE-2007-3655;OSVDB-37756","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/30284.vbs"},{"reference_url":"https://www.securityfocus.com/bid/24832/info","reference_id":"CVE-2007-3655;OSVDB-37756","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/24832/info"},{"reference_url":"https://security.gentoo.org/glsa/200804-20","reference_id":"GLSA-200804-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200804-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0818","reference_id":"RHSA-2007:0818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0829","reference_id":"RHSA-2007:0829","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0829"}],"fixed_packages":[],"aliases":["CVE-2007-3655"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bca5-gvfs-s3gs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76092?format=json","vulnerability_id":"VCID-gcfm-cs2p-s3d8","summary":"HTML files generated with Javadoc are vulnerable to a XSS","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3503.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3503.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3503","reference_id":"","reference_type":"","scores":[{"value":"0.01057","scoring_system":"epss","scoring_elements":"0.77903","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3503"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=246765","reference_id":"246765","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=246765"},{"reference_url":"https://security.gentoo.org/glsa/200709-15","reference_id":"GLSA-200709-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200709-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0818","reference_id":"RHSA-2007:0818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0829","reference_id":"RHSA-2007:0829","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0829"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0956","reference_id":"RHSA-2007:0956","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0956"}],"fixed_packages":[],"aliases":["CVE-2007-3503"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gcfm-cs2p-s3d8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76073?format=json","vulnerability_id":"VCID-nfec-m61t-v7b8","summary":"Vulnerability in the Java Runtime Environment May Allow an Untrusted Applet to Circumvent Network Access Restrictions","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3922.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3922.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3922","reference_id":"","reference_type":"","scores":[{"value":"0.05048","scoring_system":"epss","scoring_elements":"0.89914","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3922"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=249533","reference_id":"249533","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=249533"},{"reference_url":"https://security.gentoo.org/glsa/200709-15","reference_id":"GLSA-200709-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200709-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0818","reference_id":"RHSA-2007:0818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0829","reference_id":"RHSA-2007:0829","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0829"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0133","reference_id":"RHSA-2008:0133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0133"}],"fixed_packages":[],"aliases":["CVE-2007-3922"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nfec-m61t-v7b8"}],"fixing_vulnerabilities":[],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.5.0-sun@1.5.0.12-1jpp.2%3Farch=el4"}