[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2015-0254":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T14:55:33.319Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":18,"aliases":19,"duplicate_of":9,"upstream":21,"downstream":22,"duplicates":49,"related":50,"reserved_at":9,"published_at":54,"modified_at":55,"state":56,"summary":57,"references_raw":66,"kevs":208,"epss":209,"epss_history":212,"metrics":461,"affected":466},"CVE-2015-0254","Apache Standard Taglibs before 1.2.3 allows remote attackers to execute arbitrary code or conduct external XML entity (XXE) attacks via a crafted XSLT extension in a (1) \u003Cx:parse> or (2) \u003Cx:transform> JSTL XML tag.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":9,"likelihood_of_exploit":9,"capec":17},"NVD-CWE-OTHER","Other","NVD uses this CWE ID when the weakness does not map to any existing CWE entry.","placeholder","NVD-Reserved",[],[],[20],"GHSA-6x4w-8w53-xrvv",[],[23,25,27,29,31,33,35,37,39,41,43,45,47],{"_key":24},"RHSA-2015:1695",{"_key":26},"RHSA-2016:0121",{"_key":28},"RHSA-2016:0122",{"_key":30},"RHSA-2016:0123",{"_key":32},"RHSA-2016:0124",{"_key":34},"SUSE-SU-2017:1568-1",{"_key":36},"SUSE-SU-2017:1701-1",{"_key":38},"UBUNTU-CVE-2015-0254",{"_key":40},"USN-2551-1",{"_key":42},"RHSA-2016:1838",{"_key":44},"RHSA-2016:1839",{"_key":46},"RHSA-2016:1840",{"_key":48},"MGASA-2015-0140",[],[51,52,53],{"_key":34},{"_key":36},{"_key":48},"2015-03-09T14:00:00.000Z","2024-08-06T04:03:10.466Z","Modified",{"cisa_kev":58,"cisa_ransomware":58,"cisa_vendor":9,"epss_severity":59,"epss_score":60,"severity":61,"severity_score":62,"severity_version":63,"severity_source":64,"severity_vector":65,"severity_status":56},false,"low",0.03808,"high",7.5,"v2.0","nvd","AV:N/AC:L/Au:N/C:P/I:P/A:P",[67,77,82,86,92,96,101,105,109,114,120,124,129,133,137,141,145,150,155,159,163,167,171,175,180,184,188,192,196,200,204],{"url":68,"sources":69,"tags":72},"http://www.ubuntu.com/usn/USN-2551-1",[70,64,71],"cve.org","osv_maven",[73,74,75,76],"Vendor Advisory","X Refsource UBUNTU","Third Party Advisory","WEB",{"url":78,"sources":79,"tags":80},"https://access.redhat.com/errata/RHSA-2016:1376",[70,64,71],[73,81,76],"X Refsource REDHAT",{"url":83,"sources":84,"tags":85},"http://rhn.redhat.com/errata/RHSA-2016-1841.html",[70,64,71],[73,81,76],{"url":87,"sources":88,"tags":89},"http://mail-archives.apache.org/mod_mbox/tomcat-taglibs-user/201502.mbox/%3C82207A16-6348-4DEE-877E-F7B87292576A%40apache.org%3E",[70,64,71],[90,91,73,76],"Mailing List","X Refsource MLIST",{"url":93,"sources":94,"tags":95},"http://rhn.redhat.com/errata/RHSA-2016-1838.html",[70,64,71],[73,81,76],{"url":97,"sources":98,"tags":99},"http://www.securityfocus.com/archive/1/534772/100/0/threaded",[70,64,71],[90,100,76],"X Refsource BUGTRAQ",{"url":102,"sources":103,"tags":104},"http://rhn.redhat.com/errata/RHSA-2015-1695.html",[70,64,71],[73,81,76],{"url":106,"sources":107,"tags":108},"http://rhn.redhat.com/errata/RHSA-2016-1839.html",[70,64,71],[73,81,76],{"url":110,"sources":111,"tags":112},"http://lists.opensuse.org/opensuse-updates/2015-10/msg00033.html",[70,64,71],[73,113,76],"X Refsource SUSE",{"url":115,"sources":116,"tags":117},"http://www.securityfocus.com/bid/72809",[70,64,71],[118,119,75,76],"VDB Entry","X Refsource BID",{"url":121,"sources":122,"tags":123},"http://rhn.redhat.com/errata/RHSA-2016-1840.html",[70,64,71],[73,81,76],{"url":125,"sources":126,"tags":127},"http://www.securitytracker.com/id/1034934",[70,64,71],[118,128,76],"X Refsource SECTRACK",{"url":130,"sources":131,"tags":132},"https://lists.apache.org/thread.html/8a20e48acb2a40be5130df91cf9d39d8ad93181989413d4abcaa4914%40%3Cdev.tomcat.apache.org%3E",[70,64],[90,91],{"url":134,"sources":135,"tags":136},"https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E",[70,64],[90,91],{"url":138,"sources":139,"tags":140},"https://lists.apache.org/thread.html/rfc2bfd99c340dafd501676693cd889c1f9f838b97bdd0776a8f5557d%40%3Cdev.tomcat.apache.org%3E",[70,64],[90,91],{"url":142,"sources":143,"tags":144},"https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E",[70,64],[90,91],{"url":146,"sources":147,"tags":148},"https://www.oracle.com/security-alerts/cpuapr2020.html",[70,64,71],[149,76],"X Refsource MISC",{"url":151,"sources":152,"tags":153},"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",[70,64,71],[154,76],"X Refsource CONFIRM",{"url":156,"sources":157,"tags":158},"https://lists.apache.org/thread.html/rc1686f6196bb9063bf26577a21b8033c19c1a30e5a9159869c8f3d38%40%3Cpluto-dev.portals.apache.org%3E",[70,64],[90,91],{"url":160,"sources":161,"tags":162},"https://lists.apache.org/thread.html/rf1179e6971bc46f0f68879a9a10cc97ad4424451b0889aeef04c8077%40%3Cpluto-scm.portals.apache.org%3E",[70,64],[90,91],{"url":164,"sources":165,"tags":166},"https://lists.apache.org/thread.html/r6c93d8ade3788dbc00f5a37238bc278e7d859f2446b885460783a16f%40%3Cpluto-dev.portals.apache.org%3E",[70,64],[90,91],{"url":168,"sources":169,"tags":170},"https://www.oracle.com//security-alerts/cpujul2021.html",[70,64],[149],{"url":172,"sources":173,"tags":174},"http://packetstormsecurity.com/files/130575/Apache-Standard-Taglibs-1.2.1-XXE-Remote-Command-Execution.html",[70,64,71],[149,75,118,76],{"url":176,"sources":177,"tags":178},"https://nvd.nist.gov/vuln/detail/CVE-2015-0254",[71],[179],"Advisory",{"url":181,"sources":182,"tags":183},"https://lists.apache.org/thread.html/8a20e48acb2a40be5130df91cf9d39d8ad93181989413d4abcaa4914@%3Cdev.tomcat.apache.org%3E",[71],[76],{"url":185,"sources":186,"tags":187},"https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2@%3Cdev.tomcat.apache.org%3E",[71],[76],{"url":189,"sources":190,"tags":191},"https://lists.apache.org/thread.html/r6c93d8ade3788dbc00f5a37238bc278e7d859f2446b885460783a16f@%3Cpluto-dev.portals.apache.org%3E",[71],[76],{"url":193,"sources":194,"tags":195},"https://lists.apache.org/thread.html/rc1686f6196bb9063bf26577a21b8033c19c1a30e5a9159869c8f3d38@%3Cpluto-dev.portals.apache.org%3E",[71],[76],{"url":197,"sources":198,"tags":199},"https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220@%3Cdev.tomcat.apache.org%3E",[71],[76],{"url":201,"sources":202,"tags":203},"https://lists.apache.org/thread.html/rf1179e6971bc46f0f68879a9a10cc97ad4424451b0889aeef04c8077@%3Cpluto-scm.portals.apache.org%3E",[71],[76],{"url":205,"sources":206,"tags":207},"https://lists.apache.org/thread.html/rfc2bfd99c340dafd501676693cd889c1f9f838b97bdd0776a8f5557d@%3Cdev.tomcat.apache.org%3E",[71],[76],[],{"date":210,"score":60,"percentile":211},"2026-06-04",0.88307,[213,216,219,222,225,228,231,234,237,239,242,245,248,251,253,256,259,262,265,268,270,272,275,278,280,283,286,288,291,294,297,300,303,305,308,310,313,316,319,322,325,327,330,332,335,338,341,344,347,350,353,356,359,362,365,368,371,373,376,379,382,385,388,390,393,396,398,401,403,405,408,410,413,416,419,422,424,426,429,432,435,438,441,444,447,449,451,454,456,458],{"date":214,"score":60,"percentile":215},"2025-11-04",0.87604,{"date":217,"score":60,"percentile":218},"2025-11-05",0.87605,{"date":220,"score":60,"percentile":221},"2025-11-06",0.87592,{"date":223,"score":60,"percentile":224},"2025-11-07",0.87598,{"date":226,"score":60,"percentile":227},"2025-11-08",0.876,{"date":229,"score":60,"percentile":230},"2025-11-09",0.87596,{"date":232,"score":60,"percentile":233},"2025-11-10",0.87594,{"date":235,"score":60,"percentile":236},"2025-11-11",0.87599,{"date":238,"score":60,"percentile":218},"2025-11-12",{"date":240,"score":60,"percentile":241},"2025-11-13",0.8761,{"date":243,"score":60,"percentile":244},"2025-11-14",0.87613,{"date":246,"score":60,"percentile":247},"2025-11-15",0.87609,{"date":249,"score":60,"percentile":250},"2025-11-16",0.87615,{"date":252,"score":60,"percentile":241},"2025-11-17",{"date":254,"score":60,"percentile":255},"2025-11-18",0.86965,{"date":257,"score":60,"percentile":258},"2025-11-19",0.86966,{"date":260,"score":60,"percentile":261},"2025-11-20",0.86969,{"date":263,"score":60,"percentile":264},"2025-11-21",0.87623,{"date":266,"score":60,"percentile":267},"2025-11-22",0.87619,{"date":269,"score":60,"percentile":250},"2025-11-23",{"date":271,"score":60,"percentile":250},"2025-11-24",{"date":273,"score":60,"percentile":274},"2025-11-25",0.87617,{"date":276,"score":60,"percentile":277},"2025-11-26",0.87616,{"date":279,"score":60,"percentile":274},"2025-11-27",{"date":281,"score":60,"percentile":282},"2025-11-28",0.87603,{"date":284,"score":60,"percentile":285},"2025-11-29",0.87677,{"date":287,"score":60,"percentile":285},"2025-11-30",{"date":289,"score":60,"percentile":290},"2025-12-01",0.8774,{"date":292,"score":60,"percentile":293},"2025-12-02",0.87742,{"date":295,"score":60,"percentile":296},"2025-12-03",0.87741,{"date":298,"score":60,"percentile":299},"2025-12-04",0.87675,{"date":301,"score":60,"percentile":302},"2025-12-05",0.87679,{"date":304,"score":60,"percentile":285},"2025-12-06",{"date":306,"score":60,"percentile":307},"2025-12-07",0.87674,{"date":309,"score":60,"percentile":299},"2025-12-08",{"date":311,"score":60,"percentile":312},"2025-12-09",0.87688,{"date":314,"score":60,"percentile":315},"2025-12-10",0.87703,{"date":317,"score":60,"percentile":318},"2025-12-11",0.87708,{"date":320,"score":60,"percentile":321},"2025-12-12",0.87712,{"date":323,"score":60,"percentile":324},"2025-12-13",0.87713,{"date":326,"score":60,"percentile":318},"2025-12-14",{"date":328,"score":60,"percentile":329},"2025-12-15",0.87706,{"date":331,"score":60,"percentile":321},"2025-12-16",{"date":333,"score":60,"percentile":334},"2025-12-17",0.87715,{"date":336,"score":60,"percentile":337},"2025-12-18",0.87723,{"date":339,"score":60,"percentile":340},"2025-12-19",0.87725,{"date":342,"score":60,"percentile":343},"2025-12-20",0.87724,{"date":345,"score":60,"percentile":346},"2025-12-21",0.87729,{"date":348,"score":60,"percentile":349},"2025-12-22",0.8773,{"date":351,"score":60,"percentile":352},"2025-12-23",0.87735,{"date":354,"score":60,"percentile":355},"2025-12-24",0.87739,{"date":357,"score":60,"percentile":358},"2025-12-25",0.87752,{"date":360,"score":60,"percentile":361},"2025-12-26",0.8775,{"date":363,"score":60,"percentile":364},"2025-12-27",0.87786,{"date":366,"score":60,"percentile":367},"2025-12-28",0.87738,{"date":369,"score":60,"percentile":370},"2025-12-29",0.87732,{"date":372,"score":60,"percentile":293},"2025-12-30",{"date":374,"score":60,"percentile":375},"2025-12-31",0.87754,{"date":377,"score":60,"percentile":378},"2026-01-01",0.87812,{"date":380,"score":60,"percentile":381},"2026-01-02",0.87808,{"date":383,"score":60,"percentile":384},"2026-01-03",0.87807,{"date":386,"score":60,"percentile":387},"2026-01-04",0.87745,{"date":389,"score":60,"percentile":296},"2026-01-05",{"date":391,"score":60,"percentile":392},"2026-01-06",0.87744,{"date":394,"score":60,"percentile":395},"2026-01-07",0.87746,{"date":397,"score":60,"percentile":358},"2026-01-08",{"date":399,"score":60,"percentile":400},"2026-01-09",0.87753,{"date":402,"score":60,"percentile":400},"2026-01-10",{"date":404,"score":60,"percentile":395},"2026-01-11",{"date":406,"score":60,"percentile":407},"2026-01-12",0.87743,{"date":409,"score":60,"percentile":293},"2026-01-13",{"date":411,"score":60,"percentile":412},"2026-01-14",0.87755,{"date":414,"score":60,"percentile":415},"2026-01-15",0.87756,{"date":417,"score":60,"percentile":418},"2026-01-16",0.87761,{"date":420,"score":60,"percentile":421},"2026-01-17",0.87763,{"date":423,"score":60,"percentile":421},"2026-01-18",{"date":425,"score":60,"percentile":418},"2026-01-19",{"date":427,"score":60,"percentile":428},"2026-01-20",0.8776,{"date":430,"score":60,"percentile":431},"2026-01-21",0.87764,{"date":433,"score":60,"percentile":434},"2026-01-22",0.87769,{"date":436,"score":60,"percentile":437},"2026-01-23",0.87781,{"date":439,"score":60,"percentile":440},"2026-01-24",0.87787,{"date":442,"score":60,"percentile":443},"2026-01-25",0.87783,{"date":445,"score":60,"percentile":446},"2026-01-26",0.87782,{"date":448,"score":60,"percentile":443},"2026-01-27",{"date":450,"score":60,"percentile":364},"2026-01-28",{"date":452,"score":60,"percentile":453},"2026-01-29",0.87792,{"date":455,"score":60,"percentile":453},"2026-01-30",{"date":457,"score":60,"percentile":440},"2026-01-31",{"date":459,"score":60,"percentile":460},"2026-02-01",0.87856,[462],{"source":64,"cvss_v2_0":463,"cvss_v3_0":9,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":62,"baseSeverity":9,"vectorString":65,"impactScore":464,"exploitabilityScore":465},6.4,10,[467,479,489,501],{"ecosystem":9,"name":468,"vendor":469,"product":470,"cpe_part":471,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":472},"standard taglibs","apache","standard_taglibs","a",[473],{"version":474,"is_range":475,"range_type":476,"version_start":9,"version_start_type":9,"version_end":477,"version_end_type":478,"fixed_in":9},"lte1.2.1",true,"cpe","1.2.1","including",{"ecosystem":9,"name":480,"vendor":481,"product":482,"cpe_part":483,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":484},"ubuntu linux","canonical","ubuntu_linux","o",[485,487],{"version":486,"is_range":58,"range_type":476,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"14.04",{"version":488,"is_range":58,"range_type":476,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"14.10",{"ecosystem":490,"name":491,"vendor":492,"product":493,"cpe_part":9,"purl_type":494,"purl_namespace":492,"purl_name":493,"source":9,"versions":495},"Maven","org.apache.taglibs:taglibs-standard","org.apache.taglibs","taglibs-standard","maven",[496],{"version":497,"is_range":475,"range_type":498,"version_start":9,"version_start_type":9,"version_end":499,"version_end_type":500,"fixed_in":9},"lt1_2_3","ecosystem","1.2.3","excluding",{"ecosystem":490,"name":502,"vendor":492,"product":503,"cpe_part":9,"purl_type":494,"purl_namespace":492,"purl_name":503,"source":9,"versions":504},"org.apache.taglibs:taglibs-standard-impl","taglibs-standard-impl",[505],{"version":497,"is_range":475,"range_type":498,"version_start":9,"version_start_type":9,"version_end":499,"version_end_type":500,"fixed_in":9}]