VulnerableCode Vulnerability Details

Search for vulnerabilities

System	Score	Found at
generic_textual	MODERATE	http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174915.html
generic_textual	MODERATE	http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00012.html
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2016-2035.html
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2016-2036.html
cvssv3	3.7	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7940.json
epss	0.01124	https://api.first.org/data/v1/epss?cve=CVE-2015-7940
epss	0.01124	https://api.first.org/data/v1/epss?cve=CVE-2015-7940
epss	0.01124	https://api.first.org/data/v1/epss?cve=CVE-2015-7940
epss	0.01124	https://api.first.org/data/v1/epss?cve=CVE-2015-7940
epss	0.01124	https://api.first.org/data/v1/epss?cve=CVE-2015-7940
epss	0.01124	https://api.first.org/data/v1/epss?cve=CVE-2015-7940
epss	0.01124	https://api.first.org/data/v1/epss?cve=CVE-2015-7940
epss	0.01124	https://api.first.org/data/v1/epss?cve=CVE-2015-7940
epss	0.01124	https://api.first.org/data/v1/epss?cve=CVE-2015-7940
epss	0.01124	https://api.first.org/data/v1/epss?cve=CVE-2015-7940
epss	0.01124	https://api.first.org/data/v1/epss?cve=CVE-2015-7940
epss	0.01124	https://api.first.org/data/v1/epss?cve=CVE-2015-7940
epss	0.01124	https://api.first.org/data/v1/epss?cve=CVE-2015-7940
epss	0.01124	https://api.first.org/data/v1/epss?cve=CVE-2015-7940
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-4mv7-cq75-3qjm
generic_textual	MODERATE	https://github.com/advisories/GHSA-4mv7-cq75-3qjm
generic_textual	MODERATE	https://nvd.nist.gov/vuln/detail/CVE-2015-7940
generic_textual	MODERATE	https://usn.ubuntu.com/3727-1
generic_textual	MODERATE	https://www.oracle.com/security-alerts/cpuapr2020.html
generic_textual	MODERATE	https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
generic_textual	MODERATE	http://web-in-security.blogspot.ca/2015/09/practical-invalid-curve-attacks.html
generic_textual	MODERATE	http://www.debian.org/security/2015/dsa-3417
generic_textual	MODERATE	http://www.openwall.com/lists/oss-security/2015/10/22/7
generic_textual	MODERATE	http://www.openwall.com/lists/oss-security/2015/10/22/9
generic_textual	MODERATE	http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
generic_textual	MODERATE	http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
generic_textual	MODERATE	http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
generic_textual	MODERATE	http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
generic_textual	MODERATE	http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
generic_textual	MODERATE	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
generic_textual	MODERATE	http://www.securityfocus.com/bid/79091
generic_textual	MODERATE	http://www.securitytracker.com/id/1037036
generic_textual	MODERATE	http://www.securitytracker.com/id/1037046
generic_textual	MODERATE	http://www.securitytracker.com/id/1037053

System

Score

Found at

generic_textual

MODERATE

http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174915.html

generic_textual

MODERATE

http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00012.html

generic_textual

MODERATE

http://rhn.redhat.com/errata/RHSA-2016-2035.html

generic_textual

MODERATE

http://rhn.redhat.com/errata/RHSA-2016-2036.html

cvssv3

3.7

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7940.json

epss

0.01124

https://api.first.org/data/v1/epss?cve=CVE-2015-7940

epss

0.01124

https://api.first.org/data/v1/epss?cve=CVE-2015-7940

epss

0.01124

https://api.first.org/data/v1/epss?cve=CVE-2015-7940

epss

0.01124

https://api.first.org/data/v1/epss?cve=CVE-2015-7940

epss

0.01124

https://api.first.org/data/v1/epss?cve=CVE-2015-7940

epss

0.01124

https://api.first.org/data/v1/epss?cve=CVE-2015-7940

epss

0.01124

https://api.first.org/data/v1/epss?cve=CVE-2015-7940

epss

0.01124

https://api.first.org/data/v1/epss?cve=CVE-2015-7940

epss

0.01124

https://api.first.org/data/v1/epss?cve=CVE-2015-7940

epss

0.01124

https://api.first.org/data/v1/epss?cve=CVE-2015-7940

epss

0.01124

https://api.first.org/data/v1/epss?cve=CVE-2015-7940

epss

0.01124

https://api.first.org/data/v1/epss?cve=CVE-2015-7940

epss

0.01124

https://api.first.org/data/v1/epss?cve=CVE-2015-7940

epss

0.01124

https://api.first.org/data/v1/epss?cve=CVE-2015-7940

cvssv3.1_qr

MODERATE

https://github.com/advisories/GHSA-4mv7-cq75-3qjm

generic_textual

MODERATE

https://github.com/advisories/GHSA-4mv7-cq75-3qjm

generic_textual

MODERATE

https://nvd.nist.gov/vuln/detail/CVE-2015-7940

generic_textual

MODERATE

https://usn.ubuntu.com/3727-1

generic_textual

MODERATE

https://www.oracle.com/security-alerts/cpuapr2020.html

generic_textual

MODERATE

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

generic_textual

MODERATE

http://web-in-security.blogspot.ca/2015/09/practical-invalid-curve-attacks.html

generic_textual

MODERATE

http://www.debian.org/security/2015/dsa-3417

generic_textual

MODERATE

http://www.openwall.com/lists/oss-security/2015/10/22/7

generic_textual

MODERATE

http://www.openwall.com/lists/oss-security/2015/10/22/9

generic_textual

MODERATE

http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html

generic_textual

MODERATE

http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html

generic_textual

MODERATE

http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html

generic_textual

MODERATE

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

generic_textual

MODERATE

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

generic_textual

MODERATE

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

generic_textual

MODERATE

http://www.securityfocus.com/bid/79091

generic_textual

MODERATE

http://www.securitytracker.com/id/1037036

generic_textual

MODERATE

http://www.securitytracker.com/id/1037046

generic_textual

MODERATE

http://www.securitytracker.com/id/1037053

Reference id

Reference type

URL

http://git.bouncycastle.org/repositories/bc-java/commit/5cb2f0578e6ec8f0d67e59d05d8c4704d8e05f83

http://git.bouncycastle.org/repositories/bc-java/commit/e25e94a046a6934819133886439984e2fecb2b04

http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174915.html

http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00012.html

http://rhn.redhat.com/errata/RHSA-2016-2035.html

http://rhn.redhat.com/errata/RHSA-2016-2036.html

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7940.json

https://api.first.org/data/v1/epss?cve=CVE-2015-7940

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7940

https://github.com/advisories/GHSA-4mv7-cq75-3qjm

https://nvd.nist.gov/vuln/detail/CVE-2015-7940

https://usn.ubuntu.com/3727-1

https://www.oracle.com/security-alerts/cpuapr2020.html

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

http://web-in-security.blogspot.ca/2015/09/practical-invalid-curve-attacks.html

http://www.debian.org/security/2015/dsa-3417

http://www.openwall.com/lists/oss-security/2015/10/22/7

http://www.openwall.com/lists/oss-security/2015/10/22/9

http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html

http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html

http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

http://www.securityfocus.com/bid/79091

http://www.securitytracker.com/id/1037036

http://www.securitytracker.com/id/1037046

http://www.securitytracker.com/id/1037053

1276272

https://bugzilla.redhat.com/show_bug.cgi?id=1276272

802671

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802671

RHSA-2016:2035

https://access.redhat.com/errata/RHSA-2016:2035

RHSA-2016:2036

https://access.redhat.com/errata/RHSA-2016:2036

USN-3727-1

https://usn.ubuntu.com/3727-1/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Date	Actor	Action	Source	VulnerableCode Version
2025-07-31T07:58:41.039909+00:00	ProjectKB MSRImporter	Import	https://raw.githubusercontent.com/SAP/project-kb/master/MSR2019/dataset/vulas_db_msr2019_release.csv	37.0.0

2025-07-31T07:58:41.039909+00:00

ProjectKB MSRImporter

Import

https://raw.githubusercontent.com/SAP/project-kb/master/MSR2019/dataset/vulas_db_msr2019_release.csv

37.0.0

Vulnerability ID	VCID-uk6y-7hfb-33aa
Aliases	CVE-2015-7940 GHSA-4mv7-cq75-3qjm
Summary
Status	Published
Exploitability	0.5
Weighted Severity	6.2
Risk	3.1
Affected and Fixed Packages	Package Details

CWE-200	Exposure of Sensitive Information to an Unauthorized Actor
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-310	Cryptographic Issues
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-358	Improperly Implemented Security Check for Standard

Percentile	0.77356
EPSS Score	0.01124
Published At	July 31, 2025, 12:55 p.m.