Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/eap7-wildfly@7.4.1-2.GA_redhat_00003.1?arch=el8eap
Typerpm
Namespaceredhat
Nameeap7-wildfly
Version7.4.1-2.GA_redhat_00003.1
Qualifiers
arch el8eap
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-ft9p-n5ew-abbf
vulnerability_id VCID-ft9p-n5ew-abbf
summary 
Cross-site Scripting in Wildfly
A flaw was found in Wildfly in versions before 23.0.2.Final while creating a new role in domain mode via the admin console, it is possible to add a payload in the name field, leading to XSS. This affects Confidentiality and Integrity.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3536.json
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3536.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3536
reference_id
reference_type
scores
0
value 0.00284
scoring_system epss
scoring_elements 0.51854
published_at 2026-04-21T12:55:00Z
1
value 0.00284
scoring_system epss
scoring_elements 0.5186
published_at 2026-04-11T12:55:00Z
2
value 0.00284
scoring_system epss
scoring_elements 0.51839
published_at 2026-04-12T12:55:00Z
3
value 0.00284
scoring_system epss
scoring_elements 0.51824
published_at 2026-04-13T12:55:00Z
4
value 0.00284
scoring_system epss
scoring_elements 0.51866
published_at 2026-04-16T12:55:00Z
5
value 0.00284
scoring_system epss
scoring_elements 0.51873
published_at 2026-04-18T12:55:00Z
6
value 0.00284
scoring_system epss
scoring_elements 0.51721
published_at 2026-04-01T12:55:00Z
7
value 0.00284
scoring_system epss
scoring_elements 0.51771
published_at 2026-04-02T12:55:00Z
8
value 0.00284
scoring_system epss
scoring_elements 0.51796
published_at 2026-04-04T12:55:00Z
9
value 0.00284
scoring_system epss
scoring_elements 0.51757
published_at 2026-04-07T12:55:00Z
10
value 0.00284
scoring_system epss
scoring_elements 0.51812
published_at 2026-04-08T12:55:00Z
11
value 0.00284
scoring_system epss
scoring_elements 0.51808
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3536
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1948001
reference_id
reference_type
scores
0
value 3.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1948001
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3536
reference_id
reference_type
scores
0
value 3.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-3536
4
reference_url https://github.com/advisories/GHSA-v2wx-jj66-2hp7
reference_id GHSA-v2wx-jj66-2hp7
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v2wx-jj66-2hp7
5
reference_url https://access.redhat.com/errata/RHSA-2021:2692
reference_id RHSA-2021:2692
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2692
6
reference_url https://access.redhat.com/errata/RHSA-2021:2693
reference_id RHSA-2021:2693
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2693
7
reference_url https://access.redhat.com/errata/RHSA-2021:2694
reference_id RHSA-2021:2694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2694
8
reference_url https://access.redhat.com/errata/RHSA-2021:2696
reference_id RHSA-2021:2696
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2696
9
reference_url https://access.redhat.com/errata/RHSA-2021:2755
reference_id RHSA-2021:2755
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2755
10
reference_url https://access.redhat.com/errata/RHSA-2021:2965
reference_id RHSA-2021:2965
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2965
11
reference_url https://access.redhat.com/errata/RHSA-2021:3656
reference_id RHSA-2021:3656
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3656
12
reference_url https://access.redhat.com/errata/RHSA-2021:3658
reference_id RHSA-2021:3658
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3658
13
reference_url https://access.redhat.com/errata/RHSA-2021:3660
reference_id RHSA-2021:3660
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3660
14
reference_url https://access.redhat.com/errata/RHSA-2021:5134
reference_id RHSA-2021:5134
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5134
fixed_packages
aliases CVE-2021-3536, GHSA-v2wx-jj66-2hp7
risk_score 1.7
exploitability 0.5
weighted_severity 3.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ft9p-n5ew-abbf
1
url VCID-ppap-96ds-9ygc
vulnerability_id VCID-ppap-96ds-9ygc
summary 
wildfly-core allows user with access to management interface to access vault expression, retrieve item from vault
A flaw was found in wildfly-core in all versions. If a vault expression is in the form of a single attribute that contains multiple expressions, a user who was granted access to the management interface can potentially access a vault expression they should not be able to access and possibly retrieve the item which was stored in the vault. The highest threat from this vulnerability is data confidentiality and integrity.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3644.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3644.json
1
reference_url https://access.redhat.com/security/cve/CVE-2021-3644
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2021-3644
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3644
reference_id
reference_type
scores
0
value 0.0044
scoring_system epss
scoring_elements 0.6325
published_at 2026-04-11T12:55:00Z
1
value 0.0044
scoring_system epss
scoring_elements 0.63221
published_at 2026-04-21T12:55:00Z
2
value 0.0044
scoring_system epss
scoring_elements 0.63242
published_at 2026-04-18T12:55:00Z
3
value 0.0044
scoring_system epss
scoring_elements 0.63198
published_at 2026-04-13T12:55:00Z
4
value 0.0044
scoring_system epss
scoring_elements 0.63109
published_at 2026-04-01T12:55:00Z
5
value 0.0044
scoring_system epss
scoring_elements 0.63169
published_at 2026-04-02T12:55:00Z
6
value 0.0044
scoring_system epss
scoring_elements 0.63199
published_at 2026-04-04T12:55:00Z
7
value 0.0044
scoring_system epss
scoring_elements 0.63164
published_at 2026-04-07T12:55:00Z
8
value 0.0044
scoring_system epss
scoring_elements 0.63216
published_at 2026-04-08T12:55:00Z
9
value 0.0044
scoring_system epss
scoring_elements 0.63234
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3644
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1976052
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1976052
4
reference_url https://github.com/wildfly/wildfly-core
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/wildfly/wildfly-core
5
reference_url https://github.com/wildfly/wildfly-core/commit/06dd9884f6ba50470b1fb5a35198a8784f037714
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/wildfly/wildfly-core/commit/06dd9884f6ba50470b1fb5a35198a8784f037714
6
reference_url https://github.com/wildfly/wildfly-core/commit/6d8db43cd43b5994b7a14003db978064e086090b
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/wildfly/wildfly-core/commit/6d8db43cd43b5994b7a14003db978064e086090b
7
reference_url https://github.com/wildfly/wildfly-core/pull/4668
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/wildfly/wildfly-core/pull/4668
8
reference_url https://issues.redhat.com/browse/WFCORE-5511
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://issues.redhat.com/browse/WFCORE-5511
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3644
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-3644
10
reference_url https://github.com/advisories/GHSA-w88m-2936-rmxr
reference_id GHSA-w88m-2936-rmxr
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w88m-2936-rmxr
11
reference_url https://access.redhat.com/errata/RHSA-2021:3466
reference_id RHSA-2021:3466
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3466
12
reference_url https://access.redhat.com/errata/RHSA-2021:3467
reference_id RHSA-2021:3467
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3467
13
reference_url https://access.redhat.com/errata/RHSA-2021:3468
reference_id RHSA-2021:3468
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3468
14
reference_url https://access.redhat.com/errata/RHSA-2021:3471
reference_id RHSA-2021:3471
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3471
15
reference_url https://access.redhat.com/errata/RHSA-2021:3516
reference_id RHSA-2021:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3516
16
reference_url https://access.redhat.com/errata/RHSA-2021:3534
reference_id RHSA-2021:3534
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3534
17
reference_url https://access.redhat.com/errata/RHSA-2021:3656
reference_id RHSA-2021:3656
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3656
18
reference_url https://access.redhat.com/errata/RHSA-2021:3658
reference_id RHSA-2021:3658
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3658
19
reference_url https://access.redhat.com/errata/RHSA-2021:3660
reference_id RHSA-2021:3660
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3660
20
reference_url https://access.redhat.com/errata/RHSA-2022:5532
reference_id RHSA-2022:5532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5532
21
reference_url https://access.redhat.com/errata/RHSA-2022:5903
reference_id RHSA-2022:5903
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5903
fixed_packages
aliases CVE-2021-3644, GHSA-w88m-2936-rmxr
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ppap-96ds-9ygc
Fixing_vulnerabilities
Risk_score1.7
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly@7.4.1-2.GA_redhat_00003.1%3Farch=el8eap