Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/eap7-undertow@2.2.9-2.SP1_redhat_00001.1?arch=el8eap
Typerpm
Namespaceredhat
Nameeap7-undertow
Version2.2.9-2.SP1_redhat_00001.1
Qualifiers
arch el8eap
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-14ff-vn3t-vyhy
vulnerability_id VCID-14ff-vn3t-vyhy
summary 
Undertow vulnerable to memory exhaustion due to buffer leak
Buffer leak on incoming WebSocket PONG message(s) in Undertow before 2.0.40 and 2.2.10 can lead to memory exhaustion and allow a denial of service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3690.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3690.json
1
reference_url https://access.redhat.com/security/cve/CVE-2021-3690
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2021-3690
2
reference_url https://access.redhat.com/security/cve/cve-2021-3690#cve-cvss-v3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/cve-2021-3690#cve-cvss-v3
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3690
reference_id
reference_type
scores
0
value 0.00278
scoring_system epss
scoring_elements 0.51141
published_at 2026-04-07T12:55:00Z
1
value 0.00278
scoring_system epss
scoring_elements 0.51223
published_at 2026-04-21T12:55:00Z
2
value 0.00278
scoring_system epss
scoring_elements 0.51246
published_at 2026-04-18T12:55:00Z
3
value 0.00278
scoring_system epss
scoring_elements 0.51239
published_at 2026-04-16T12:55:00Z
4
value 0.00278
scoring_system epss
scoring_elements 0.512
published_at 2026-04-13T12:55:00Z
5
value 0.00278
scoring_system epss
scoring_elements 0.51195
published_at 2026-04-08T12:55:00Z
6
value 0.00278
scoring_system epss
scoring_elements 0.51106
published_at 2026-04-01T12:55:00Z
7
value 0.00278
scoring_system epss
scoring_elements 0.51159
published_at 2026-04-02T12:55:00Z
8
value 0.00278
scoring_system epss
scoring_elements 0.51183
published_at 2026-04-04T12:55:00Z
9
value 0.00278
scoring_system epss
scoring_elements 0.51214
published_at 2026-04-12T12:55:00Z
10
value 0.00278
scoring_system epss
scoring_elements 0.51236
published_at 2026-04-11T12:55:00Z
11
value 0.00278
scoring_system epss
scoring_elements 0.51192
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3690
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1991299
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1991299
5
reference_url https://github.com/undertow-io/undertow
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/undertow-io/undertow
6
reference_url https://github.com/undertow-io/undertow/commit/c7e84a0b7efced38506d7d1dfea5902366973877
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/undertow-io/undertow/commit/c7e84a0b7efced38506d7d1dfea5902366973877
7
reference_url https://issues.redhat.com/browse/UNDERTOW-1935
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://issues.redhat.com/browse/UNDERTOW-1935
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3690
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-3690
9
reference_url https://www.mend.io/vulnerability-database/CVE-2021-3690
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.mend.io/vulnerability-database/CVE-2021-3690
10
reference_url https://github.com/advisories/GHSA-fj7c-vg2v-ccrm
reference_id GHSA-fj7c-vg2v-ccrm
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fj7c-vg2v-ccrm
11
reference_url https://access.redhat.com/errata/RHSA-2021:3216
reference_id RHSA-2021:3216
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3216
12
reference_url https://access.redhat.com/errata/RHSA-2021:3217
reference_id RHSA-2021:3217
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3217
13
reference_url https://access.redhat.com/errata/RHSA-2021:3218
reference_id RHSA-2021:3218
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3218
14
reference_url https://access.redhat.com/errata/RHSA-2021:3219
reference_id RHSA-2021:3219
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3219
15
reference_url https://access.redhat.com/errata/RHSA-2021:3425
reference_id RHSA-2021:3425
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3425
16
reference_url https://access.redhat.com/errata/RHSA-2021:3466
reference_id RHSA-2021:3466
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3466
17
reference_url https://access.redhat.com/errata/RHSA-2021:3467
reference_id RHSA-2021:3467
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3467
18
reference_url https://access.redhat.com/errata/RHSA-2021:3468
reference_id RHSA-2021:3468
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3468
19
reference_url https://access.redhat.com/errata/RHSA-2021:3471
reference_id RHSA-2021:3471
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3471
20
reference_url https://access.redhat.com/errata/RHSA-2021:3516
reference_id RHSA-2021:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3516
21
reference_url https://access.redhat.com/errata/RHSA-2021:3534
reference_id RHSA-2021:3534
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3534
22
reference_url https://access.redhat.com/errata/RHSA-2021:3656
reference_id RHSA-2021:3656
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3656
23
reference_url https://access.redhat.com/errata/RHSA-2021:3658
reference_id RHSA-2021:3658
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3658
24
reference_url https://access.redhat.com/errata/RHSA-2021:3660
reference_id RHSA-2021:3660
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3660
25
reference_url https://access.redhat.com/errata/RHSA-2021:4767
reference_id RHSA-2021:4767
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4767
26
reference_url https://access.redhat.com/errata/RHSA-2021:5134
reference_id RHSA-2021:5134
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5134
27
reference_url https://access.redhat.com/errata/RHSA-2022:1029
reference_id RHSA-2022:1029
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1029
fixed_packages
aliases CVE-2021-3690, GHSA-fj7c-vg2v-ccrm, GMS-2022-2964
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-14ff-vn3t-vyhy
1
url VCID-gsr8-1dea-effx
vulnerability_id VCID-gsr8-1dea-effx
summary 
undertow Race Condition vulnerability
A flaw was found in undertow. The HTTP2SourceChannel fails to write the final frame under some circumstances, resulting in a denial of service. The highest threat from this vulnerability is availability. This flaw affects Undertow versions prior to 2.0.35.SP1, prior to 2.2.6.SP1, prior to 2.2.7.SP1, prior to 2.0.36.SP1, prior to 2.2.9.Final and prior to 2.0.39.Final.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3597.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3597.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3597
reference_id
reference_type
scores
0
value 0.00169
scoring_system epss
scoring_elements 0.38118
published_at 2026-04-21T12:55:00Z
1
value 0.00169
scoring_system epss
scoring_elements 0.38269
published_at 2026-04-04T12:55:00Z
2
value 0.00169
scoring_system epss
scoring_elements 0.38138
published_at 2026-04-07T12:55:00Z
3
value 0.00169
scoring_system epss
scoring_elements 0.38188
published_at 2026-04-08T12:55:00Z
4
value 0.00169
scoring_system epss
scoring_elements 0.38196
published_at 2026-04-09T12:55:00Z
5
value 0.00169
scoring_system epss
scoring_elements 0.38215
published_at 2026-04-11T12:55:00Z
6
value 0.00169
scoring_system epss
scoring_elements 0.38179
published_at 2026-04-12T12:55:00Z
7
value 0.00169
scoring_system epss
scoring_elements 0.38155
published_at 2026-04-13T12:55:00Z
8
value 0.00169
scoring_system epss
scoring_elements 0.38201
published_at 2026-04-16T12:55:00Z
9
value 0.00169
scoring_system epss
scoring_elements 0.38183
published_at 2026-04-18T12:55:00Z
10
value 0.00169
scoring_system epss
scoring_elements 0.38066
published_at 2026-04-01T12:55:00Z
11
value 0.00169
scoring_system epss
scoring_elements 0.38246
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3597
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1970930
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1970930
3
reference_url https://github.com/undertow-io/undertow
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/undertow-io/undertow
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3597
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-3597
5
reference_url https://security.netapp.com/advisory/ntap-20220804-0003
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220804-0003
6
reference_url https://security.netapp.com/advisory/ntap-20220804-0003/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20220804-0003/
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989861
reference_id 989861
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989861
8
reference_url https://github.com/advisories/GHSA-mfhv-gwf8-4m88
reference_id GHSA-mfhv-gwf8-4m88
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mfhv-gwf8-4m88
9
reference_url https://access.redhat.com/errata/RHSA-2021:3466
reference_id RHSA-2021:3466
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3466
10
reference_url https://access.redhat.com/errata/RHSA-2021:3467
reference_id RHSA-2021:3467
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3467
11
reference_url https://access.redhat.com/errata/RHSA-2021:3468
reference_id RHSA-2021:3468
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3468
12
reference_url https://access.redhat.com/errata/RHSA-2021:3471
reference_id RHSA-2021:3471
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3471
13
reference_url https://access.redhat.com/errata/RHSA-2021:3516
reference_id RHSA-2021:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3516
14
reference_url https://access.redhat.com/errata/RHSA-2021:3534
reference_id RHSA-2021:3534
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3534
15
reference_url https://access.redhat.com/errata/RHSA-2021:3656
reference_id RHSA-2021:3656
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3656
16
reference_url https://access.redhat.com/errata/RHSA-2021:3658
reference_id RHSA-2021:3658
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3658
17
reference_url https://access.redhat.com/errata/RHSA-2021:3660
reference_id RHSA-2021:3660
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3660
18
reference_url https://access.redhat.com/errata/RHSA-2021:5134
reference_id RHSA-2021:5134
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5134
19
reference_url https://access.redhat.com/errata/RHSA-2022:1179
reference_id RHSA-2022:1179
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1179
fixed_packages
aliases CVE-2021-3597, GHSA-mfhv-gwf8-4m88
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gsr8-1dea-effx
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow@2.2.9-2.SP1_redhat_00001.1%3Farch=el8eap