Wss4j:wss4j
This hub aggregates every CVE we track for Wss4j:wss4j, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
2
CVEs tracked
0
Critical
0
High
0
In CISA KEV
Severity distribution
MEDIUM2
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 2 most recently published vulnerabilities affecting Wss4j:wss4j.
- CVE-2011-2487The implementations of PKCS#1 v1.5 key transport mechanism for XMLEncryption in JBossWS and Apache WSS4J before 1.6.5 is susceptible to a Bleichenbacher attack.5.9
- CVE-2015-0227Apache WSS4J before 1.6.17 and 2.x before 2.0.2 allows remote attackers to bypass the requireSignedEncryptedDataElements configuration via a vectors related to "wrapping attacks."5.0
Product normalization is registry-driven with AI assist and human review. How it works