{"url":"http://public2.vulnerablecode.io/api/packages/368655?format=json","purl":"pkg:rpm/redhat/jboss-aop@1.5.5-3.CP05.2.ep1.1?arch=el5","type":"rpm","namespace":"redhat","name":"jboss-aop","version":"1.5.5-3.CP05.2.ep1.1","qualifiers":{"arch":"el5"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87360?format=json","vulnerability_id":"VCID-3w5z-cxvc-23es","summary":"The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0738.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0738.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0738","reference_id":"","reference_type":"","scores":[{"value":"0.92431","scoring_system":"epss","scoring_elements":"0.99746","published_at":"2026-06-11T12:55:00Z"},{"value":"0.92431","scoring_system":"epss","scoring_elements":"0.99747","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0738"},{"reference_url":"http://www.vupen.com/english/advisories/2010/0992","reference_id":"0992","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:23:07Z/"}],"url":"http://www.vupen.com/english/advisories/2010/0992"},{"reference_url":"http://secunia.com/advisories/39563","reference_id":"39563","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:23:07Z/"}],"url":"http://secunia.com/advisories/39563"},{"reference_url":"http://www.securityfocus.com/bid/39710","reference_id":"39710","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:23:07Z/"}],"url":"http://www.securityfocus.com/bid/39710"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/58147","reference_id":"58147","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:23:07Z/"}],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/58147"},{"reference_url":"http://securityreason.com/securityalert/8408","reference_id":"8408","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:23:07Z/"}],"url":"http://securityreason.com/securityalert/8408"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/jsp/webapps/16274.pl","reference_id":"CVE-2010-0738","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/jsp/webapps/16274.pl"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/16316.rb","reference_id":"CVE-2010-0738","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/16316.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/16319.rb","reference_id":"CVE-2010-0738","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/16319.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/jsp/webapps/17924.pl","reference_id":"CVE-2010-0738;OSVDB-64171","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/jsp/webapps/17924.pl"},{"reference_url":"http://securitytracker.com/id?1023918","reference_id":"id?1023918","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:23:07Z/"}],"url":"http://securitytracker.com/id?1023918"},{"reference_url":"http://marc.info/?l=bugtraq&m=132129312609324&w=2","reference_id":"?l=bugtraq&m=132129312609324&w=2","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:23:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=132129312609324&w=2"},{"reference_url":"http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=35","reference_id":"NVD_Detail_Rpt.aspx?ID=35","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:23:07Z/"}],"url":"http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=35"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0376","reference_id":"RHSA-2010:0376","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0376"},{"reference_url":"https://rhn.redhat.com/errata/RHSA-2010-0376.html","reference_id":"RHSA-2010-0376.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:23:07Z/"}],"url":"https://rhn.redhat.com/errata/RHSA-2010-0376.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0377","reference_id":"RHSA-2010:0377","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0377"},{"reference_url":"https://rhn.redhat.com/errata/RHSA-2010-0377.html","reference_id":"RHSA-2010-0377.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:23:07Z/"}],"url":"https://rhn.redhat.com/errata/RHSA-2010-0377.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0378","reference_id":"RHSA-2010:0378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0378"},{"reference_url":"https://rhn.redhat.com/errata/RHSA-2010-0378.html","reference_id":"RHSA-2010-0378.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:23:07Z/"}],"url":"https://rhn.redhat.com/errata/RHSA-2010-0378.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0379","reference_id":"RHSA-2010:0379","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0379"},{"reference_url":"https://rhn.redhat.com/errata/RHSA-2010-0379.html","reference_id":"RHSA-2010-0379.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:23:07Z/"}],"url":"https://rhn.redhat.com/errata/RHSA-2010-0379.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=574105","reference_id":"show_bug.cgi?id=574105","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:23:07Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=574105"}],"fixed_packages":[],"aliases":["CVE-2010-0738"],"risk_score":9.6,"exploitability":"2.0","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3w5z-cxvc-23es"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87325?format=json","vulnerability_id":"VCID-agk1-rn4r-j3d8","summary":"The Web Console (aka web-console) in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to obtain sensitive information via an unspecified request that uses a different method.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1428.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1428.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1428","reference_id":"","reference_type":"","scores":[{"value":"0.67611","scoring_system":"epss","scoring_elements":"0.98603","published_at":"2026-06-12T12:55:00Z"},{"value":"0.67611","scoring_system":"epss","scoring_elements":"0.98598","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1428"},{"reference_url":"http://www.vupen.com/english/advisories/2010/0992","reference_id":"0992","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:23:24Z/"}],"url":"http://www.vupen.com/english/advisories/2010/0992"},{"reference_url":"http://secunia.com/advisories/39563","reference_id":"39563","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:23:24Z/"}],"url":"http://secunia.com/advisories/39563"},{"reference_url":"http://www.securityfocus.com/bid/39710","reference_id":"39710","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:23:24Z/"}],"url":"http://www.securityfocus.com/bid/39710"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/58148","reference_id":"58148","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:23:24Z/"}],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/58148"},{"reference_url":"http://securitytracker.com/id?1023917","reference_id":"id?1023917","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:23:24Z/"}],"url":"http://securitytracker.com/id?1023917"},{"reference_url":"http://marc.info/?l=bugtraq&m=132698550418872&w=2","reference_id":"?l=bugtraq&m=132698550418872&w=2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:23:24Z/"}],"url":"http://marc.info/?l=bugtraq&m=132698550418872&w=2"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0376","reference_id":"RHSA-2010:0376","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0376"},{"reference_url":"https://rhn.redhat.com/errata/RHSA-2010-0376.html","reference_id":"RHSA-2010-0376.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:23:24Z/"}],"url":"https://rhn.redhat.com/errata/RHSA-2010-0376.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0377","reference_id":"RHSA-2010:0377","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0377"},{"reference_url":"https://rhn.redhat.com/errata/RHSA-2010-0377.html","reference_id":"RHSA-2010-0377.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:23:24Z/"}],"url":"https://rhn.redhat.com/errata/RHSA-2010-0377.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0378","reference_id":"RHSA-2010:0378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0378"},{"reference_url":"https://rhn.redhat.com/errata/RHSA-2010-0378.html","reference_id":"RHSA-2010-0378.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:23:24Z/"}],"url":"https://rhn.redhat.com/errata/RHSA-2010-0378.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0379","reference_id":"RHSA-2010:0379","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0379"},{"reference_url":"https://rhn.redhat.com/errata/RHSA-2010-0379.html","reference_id":"RHSA-2010-0379.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:23:24Z/"}],"url":"https://rhn.redhat.com/errata/RHSA-2010-0379.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=585899","reference_id":"show_bug.cgi?id=585899","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:23:24Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=585899"}],"fixed_packages":[],"aliases":["CVE-2010-1428"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-agk1-rn4r-j3d8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/256293?format=json","vulnerability_id":"VCID-takq-msst-6uhz","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1429.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1429.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1429","reference_id":"","reference_type":"","scores":[{"value":"0.27359","scoring_system":"epss","scoring_elements":"0.96525","published_at":"2026-06-11T12:55:00Z"},{"value":"0.27359","scoring_system":"epss","scoring_elements":"0.96535","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1429"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=585900","reference_id":"585900","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=585900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0376","reference_id":"RHSA-2010:0376","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0376"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0377","reference_id":"RHSA-2010:0377","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0377"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0378","reference_id":"RHSA-2010:0378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0379","reference_id":"RHSA-2010:0379","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0379"}],"fixed_packages":[],"aliases":["CVE-2010-1429"],"risk_score":0.4,"exploitability":"2.0","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-takq-msst-6uhz"}],"fixing_vulnerabilities":[],"risk_score":"10.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jboss-aop@1.5.5-3.CP05.2.ep1.1%3Farch=el5"}