exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2015-0226

больше 8 лет назад

Apache WSS4J before 1.6.17 and 2.0.x before 2.0.2 improperly leaks information about decryption failures when decrypting an encrypted key or message data, which makes it easier for remote attackers to recover the plaintext form of a symmetric key via a series of crafted messages. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-2487.

CVSS3: 7.5

EPSS: Низкий

CVE-2015-0226

почти 11 лет назад

Apache WSS4J before 1.6.17 and 2.0.x before 2.0.2 improperly leaks information about decryption failures when decrypting an encrypted key or message data, which makes it easier for remote attackers to recover the plaintext form of a symmetric key via a series of crafted messages. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-2487.

CVSS2: 7.8

EPSS: Низкий

CVE-2015-0226

больше 8 лет назад

Apache WSS4J before 1.6.17 and 2.0.x before 2.0.2 improperly leaks information about decryption failures when decrypting an encrypted key or message data, which makes it easier for remote attackers to recover the plaintext form of a symmetric key via a series of crafted messages. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-2487.

CVSS3: 7.5

EPSS: Низкий

CVE-2015-0226

больше 8 лет назад

Apache WSS4J before 1.6.17 and 2.0.x before 2.0.2 improperly leaks inf ...

CVSS3: 7.5

EPSS: Низкий

GHSA-vjwc-5hfh-2vv5

больше 3 лет назад

Use of a Broken or Risky Cryptographic Algorithm in Apache WSS4J

CVSS3: 7.5

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2015-0226 Apache WSS4J before 1.6.17 and 2.0.x before 2.0.2 improperly leaks information about decryption failures when decrypting an encrypted key or message data, which makes it easier for remote attackers to recover the plaintext form of a symmetric key via a series of crafted messages. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-2487.	CVSS3: 7.5	5% Низкий	больше 8 лет назад
CVE-2015-0226 Apache WSS4J before 1.6.17 and 2.0.x before 2.0.2 improperly leaks information about decryption failures when decrypting an encrypted key or message data, which makes it easier for remote attackers to recover the plaintext form of a symmetric key via a series of crafted messages. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-2487.	CVSS2: 7.8	5% Низкий	почти 11 лет назад
CVE-2015-0226 Apache WSS4J before 1.6.17 and 2.0.x before 2.0.2 improperly leaks information about decryption failures when decrypting an encrypted key or message data, which makes it easier for remote attackers to recover the plaintext form of a symmetric key via a series of crafted messages. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-2487.	CVSS3: 7.5	5% Низкий	больше 8 лет назад
CVE-2015-0226 Apache WSS4J before 1.6.17 and 2.0.x before 2.0.2 improperly leaks inf ...	CVSS3: 7.5	5% Низкий	больше 8 лет назад
GHSA-vjwc-5hfh-2vv5 Use of a Broken or Risky Cryptographic Algorithm in Apache WSS4J	CVSS3: 7.5	5% Низкий	больше 3 лет назад

Уязвимостей на страницу