{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85763?format=json","vulnerability_id":"VCID-p3sm-pnch-cffu","summary":"JDK: ephemeral RSA keys accepted for non-export SSL/TLS cipher suites (FREAK)","aliases":[{"alias":"CVE-2015-0138"}],"fixed_packages":[],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/118248?format=json","purl":"pkg:rpm/redhat/java-1.5.0-ibm@1:1.5.0.16.10-1jpp.1?arch=el5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2us8-szqx-zbhw"},{"vulnerability":"VCID-5zv6-dgtu-h3e4"},{"vulnerability":"VCID-8434-zswd-mfbt"},{"vulnerability":"VCID-bbfs-fg29-vkhx"},{"vulnerability":"VCID-bdjz-rqmx-83gz"},{"vulnerability":"VCID-ey6a-ffm9-4yhs"},{"vulnerability":"VCID-f72j-41w3-1be1"},{"vulnerability":"VCID-f7yp-6qxq-g3c3"},{"vulnerability":"VCID-p3sm-pnch-cffu"},{"vulnerability":"VCID-q7vq-c2wa-33d8"},{"vulnerability":"VCID-rzqe-8qgr-7fet"},{"vulnerability":"VCID-w2ja-cauk-8ke2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.5.0-ibm@1:1.5.0.16.10-1jpp.1%3Farch=el5"},{"url":"http://public2.vulnerablecode.io/api/packages/118244?format=json","purl":"pkg:rpm/redhat/java-1.5.0-ibm@1:1.5.0.16.10-1jpp.1?arch=el6_6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2us8-szqx-zbhw"},{"vulnerability":"VCID-5zv6-dgtu-h3e4"},{"vulnerability":"VCID-8434-zswd-mfbt"},{"vulnerability":"VCID-bbfs-fg29-vkhx"},{"vulnerability":"VCID-bdjz-rqmx-83gz"},{"vulnerability":"VCID-ey6a-ffm9-4yhs"},{"vulnerability":"VCID-f72j-41w3-1be1"},{"vulnerability":"VCID-f7yp-6qxq-g3c3"},{"vulnerability":"VCID-p3sm-pnch-cffu"},{"vulnerability":"VCID-q7vq-c2wa-33d8"},{"vulnerability":"VCID-rzqe-8qgr-7fet"},{"vulnerability":"VCID-w2ja-cauk-8ke2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.5.0-ibm@1:1.5.0.16.10-1jpp.1%3Farch=el6_6"},{"url":"http://public2.vulnerablecode.io/api/packages/118243?format=json","purl":"pkg:rpm/redhat/java-1.6.0-ibm@1:1.6.0.16.4-1jpp.1?arch=el6_6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2us8-szqx-zbhw"},{"vulnerability":"VCID-5zv6-dgtu-h3e4"},{"vulnerability":"VCID-8434-zswd-mfbt"},{"vulnerability":"VCID-bbfs-fg29-vkhx"},{"vulnerability":"VCID-bdjz-rqmx-83gz"},{"vulnerability":"VCID-ey6a-ffm9-4yhs"},{"vulnerability":"VCID-f72j-41w3-1be1"},{"vulnerability":"VCID-f7yp-6qxq-g3c3"},{"vulnerability":"VCID-p3sm-pnch-cffu"},{"vulnerability":"VCID-q7vq-c2wa-33d8"},{"vulnerability":"VCID-rzqe-8qgr-7fet"},{"vulnerability":"VCID-ubqp-f2qp-5qcn"},{"vulnerability":"VCID-w2ja-cauk-8ke2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.6.0-ibm@1:1.6.0.16.4-1jpp.1%3Farch=el6_6"},{"url":"http://public2.vulnerablecode.io/api/packages/118247?format=json","purl":"pkg:rpm/redhat/java-1.6.0-ibm@1:1.6.0.16.4-1jpp.1?arch=el5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2us8-szqx-zbhw"},{"vulnerability":"VCID-5zv6-dgtu-h3e4"},{"vulnerability":"VCID-8434-zswd-mfbt"},{"vulnerability":"VCID-bbfs-fg29-vkhx"},{"vulnerability":"VCID-bdjz-rqmx-83gz"},{"vulnerability":"VCID-ey6a-ffm9-4yhs"},{"vulnerability":"VCID-f72j-41w3-1be1"},{"vulnerability":"VCID-f7yp-6qxq-g3c3"},{"vulnerability":"VCID-p3sm-pnch-cffu"},{"vulnerability":"VCID-q7vq-c2wa-33d8"},{"vulnerability":"VCID-rzqe-8qgr-7fet"},{"vulnerability":"VCID-ubqp-f2qp-5qcn"},{"vulnerability":"VCID-w2ja-cauk-8ke2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.6.0-ibm@1:1.6.0.16.4-1jpp.1%3Farch=el5"},{"url":"http://public2.vulnerablecode.io/api/packages/118242?format=json","purl":"pkg:rpm/redhat/java-1.7.0-ibm@1:1.7.0.9.0-1jpp.1?arch=el5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2us8-szqx-zbhw"},{"vulnerability":"VCID-5zv6-dgtu-h3e4"},{"vulnerability":"VCID-8434-zswd-mfbt"},{"vulnerability":"VCID-bbfs-fg29-vkhx"},{"vulnerability":"VCID-bdjz-rqmx-83gz"},{"vulnerability":"VCID-ey6a-ffm9-4yhs"},{"vulnerability":"VCID-f72j-41w3-1be1"},{"vulnerability":"VCID-f7yp-6qxq-g3c3"},{"vulnerability":"VCID-p3sm-pnch-cffu"},{"vulnerability":"VCID-q7vq-c2wa-33d8"},{"vulnerability":"VCID-rzqe-8qgr-7fet"},{"vulnerability":"VCID-ubqp-f2qp-5qcn"},{"vulnerability":"VCID-w2ja-cauk-8ke2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.7.0-ibm@1:1.7.0.9.0-1jpp.1%3Farch=el5"},{"url":"http://public2.vulnerablecode.io/api/packages/118246?format=json","purl":"pkg:rpm/redhat/java-1.7.1-ibm@1:1.7.1.3.0-1jpp.2?arch=ael7b_1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2us8-szqx-zbhw"},{"vulnerability":"VCID-5zv6-dgtu-h3e4"},{"vulnerability":"VCID-8434-zswd-mfbt"},{"vulnerability":"VCID-bbfs-fg29-vkhx"},{"vulnerability":"VCID-bdjz-rqmx-83gz"},{"vulnerability":"VCID-ey6a-ffm9-4yhs"},{"vulnerability":"VCID-f72j-41w3-1be1"},{"vulnerability":"VCID-f7yp-6qxq-g3c3"},{"vulnerability":"VCID-p3sm-pnch-cffu"},{"vulnerability":"VCID-q7vq-c2wa-33d8"},{"vulnerability":"VCID-rzqe-8qgr-7fet"},{"vulnerability":"VCID-ubqp-f2qp-5qcn"},{"vulnerability":"VCID-w2ja-cauk-8ke2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.7.1-ibm@1:1.7.1.3.0-1jpp.2%3Farch=ael7b_1"},{"url":"http://public2.vulnerablecode.io/api/packages/118245?format=json","purl":"pkg:rpm/redhat/java-1.7.1-ibm@1:1.7.1.3.0-1jpp.2?arch=el6_6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2us8-szqx-zbhw"},{"vulnerability":"VCID-5zv6-dgtu-h3e4"},{"vulnerability":"VCID-8434-zswd-mfbt"},{"vulnerability":"VCID-bbfs-fg29-vkhx"},{"vulnerability":"VCID-bdjz-rqmx-83gz"},{"vulnerability":"VCID-ey6a-ffm9-4yhs"},{"vulnerability":"VCID-f72j-41w3-1be1"},{"vulnerability":"VCID-f7yp-6qxq-g3c3"},{"vulnerability":"VCID-p3sm-pnch-cffu"},{"vulnerability":"VCID-q7vq-c2wa-33d8"},{"vulnerability":"VCID-rzqe-8qgr-7fet"},{"vulnerability":"VCID-ubqp-f2qp-5qcn"},{"vulnerability":"VCID-w2ja-cauk-8ke2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.7.1-ibm@1:1.7.1.3.0-1jpp.2%3Farch=el6_6"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0138.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0138.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-0138","reference_id":"","reference_type":"","scores":[{"value":"0.00921","scoring_system":"epss","scoring_elements":"0.7591","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00921","scoring_system":"epss","scoring_elements":"0.75913","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00921","scoring_system":"epss","scoring_elements":"0.75946","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00921","scoring_system":"epss","scoring_elements":"0.75924","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00921","scoring_system":"epss","scoring_elements":"0.75957","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00921","scoring_system":"epss","scoring_elements":"0.7597","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00921","scoring_system":"epss","scoring_elements":"0.75995","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00921","scoring_system":"epss","scoring_elements":"0.75972","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00921","scoring_system":"epss","scoring_elements":"0.75964","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00921","scoring_system":"epss","scoring_elements":"0.76004","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00921","scoring_system":"epss","scoring_elements":"0.76006","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00921","scoring_system":"epss","scoring_elements":"0.75991","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00921","scoring_system":"epss","scoring_elements":"0.76029","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00921","scoring_system":"epss","scoring_elements":"0.76039","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00921","scoring_system":"epss","scoring_elements":"0.76051","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00921","scoring_system":"epss","scoring_elements":"0.7606","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00921","scoring_system":"epss","scoring_elements":"0.76088","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00921","scoring_system":"epss","scoring_elements":"0.76111","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00921","scoring_system":"epss","scoring_elements":"0.76098","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00921","scoring_system":"epss","scoring_elements":"0.76113","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00921","scoring_system":"epss","scoring_elements":"0.76162","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00921","scoring_system":"epss","scoring_elements":"0.76176","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-0138"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1219223","reference_id":"1219223","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1219223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1006","reference_id":"RHSA-2015:1006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1007","reference_id":"RHSA-2015:1007","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1007"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1020","reference_id":"RHSA-2015:1020","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1020"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1021","reference_id":"RHSA-2015:1021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1091","reference_id":"RHSA-2015:1091","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1091"}],"weaknesses":[{"cwe_id":327,"name":"Use of a Broken or Risky Cryptographic Algorithm","description":"The product uses a broken or risky cryptographic algorithm or protocol."}],"exploits":[],"severity_range_score":null,"exploitability":"0.5","weighted_severity":"0.0","risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p3sm-pnch-cffu"}