Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/rh-sso7-keycloak@9.0.12-1.redhat_00001.1?arch=el7sso

Type rpm

Namespace redhat

Name rh-sso7-keycloak

Version 9.0.12-1.redhat_00001.1

Qualifiers

arch	el7sso

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-djwn-hkwg-g3gk

vulnerability_id

VCID-djwn-hkwg-g3gk

summary

keycloak: reusable "state" parameter at redirect_uri endpoint enables possibility of replay attacks

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14302.json

reference_id

reference_type

scores

value	3.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14302.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-14302

reference_id

reference_type

scores

value	0.00154
scoring_system	epss
scoring_elements	0.36059
published_at	2026-04-01T12:55:00Z

value	0.00154
scoring_system	epss
scoring_elements	0.36254
published_at	2026-04-02T12:55:00Z

value	0.00154
scoring_system	epss
scoring_elements	0.36287
published_at	2026-04-04T12:55:00Z

value	0.00154
scoring_system	epss
scoring_elements	0.36123
published_at	2026-04-07T12:55:00Z

value	0.00154
scoring_system	epss
scoring_elements	0.36172
published_at	2026-04-08T12:55:00Z

value	0.00154
scoring_system	epss
scoring_elements	0.3619
published_at	2026-04-09T12:55:00Z

value	0.00154
scoring_system	epss
scoring_elements	0.36196
published_at	2026-04-11T12:55:00Z

value	0.00154
scoring_system	epss
scoring_elements	0.36159
published_at	2026-04-12T12:55:00Z

value	0.00154
scoring_system	epss
scoring_elements	0.36133
published_at	2026-04-13T12:55:00Z

value	0.00154
scoring_system	epss
scoring_elements	0.36175
published_at	2026-04-16T12:55:00Z

value	0.00154
scoring_system	epss
scoring_elements	0.3616
published_at	2026-04-18T12:55:00Z

value	0.00154
scoring_system	epss
scoring_elements	0.36108
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-14302

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1849584
reference_id	1849584
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1849584

reference_url	https://security.archlinux.org/ASA-202105-6
reference_id	ASA-202105-6
reference_type
scores
url	https://security.archlinux.org/ASA-202105-6

reference_url

https://security.archlinux.org/AVG-1926

reference_id

AVG-1926

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1926

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2020-14302
reference_id	CVE-2020-14302
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2020-14302

reference_url	https://access.redhat.com/errata/RHSA-2021:0967
reference_id	RHSA-2021:0967
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0967

reference_url	https://access.redhat.com/errata/RHSA-2021:0968
reference_id	RHSA-2021:0968
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0968

reference_url	https://access.redhat.com/errata/RHSA-2021:0969
reference_id	RHSA-2021:0969
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0969

reference_url	https://access.redhat.com/errata/RHSA-2021:0974
reference_id	RHSA-2021:0974
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0974

fixed_packages

aliases

CVE-2020-14302

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-djwn-hkwg-g3gk

url

VCID-rvrc-5q4c-63bh

vulnerability_id

VCID-rvrc-5q4c-63bh

summary

Angular vulnerable to Cross-site Scripting
angular.js prior to 1.8.0 allows cross site scripting. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping `<option>` elements in `<select>` ones changes parsing behavior, leading to possibly unsanitizing code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7676.json

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7676.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-7676

reference_id

reference_type

scores

value	0.00563
scoring_system	epss
scoring_elements	0.68399
published_at	2026-04-21T12:55:00Z

value	0.00563
scoring_system	epss
scoring_elements	0.68421
published_at	2026-04-18T12:55:00Z

value	0.00563
scoring_system	epss
scoring_elements	0.68408
published_at	2026-04-16T12:55:00Z

value	0.00563
scoring_system	epss
scoring_elements	0.6837
published_at	2026-04-13T12:55:00Z

value	0.00563
scoring_system	epss
scoring_elements	0.68403
published_at	2026-04-12T12:55:00Z

value	0.00563
scoring_system	epss
scoring_elements	0.68415
published_at	2026-04-11T12:55:00Z

value	0.00563
scoring_system	epss
scoring_elements	0.68388
published_at	2026-04-09T12:55:00Z

value	0.00563
scoring_system	epss
scoring_elements	0.68371
published_at	2026-04-08T12:55:00Z

value	0.00563
scoring_system	epss
scoring_elements	0.6832
published_at	2026-04-07T12:55:00Z

value	0.00563
scoring_system	epss
scoring_elements	0.68343
published_at	2026-04-04T12:55:00Z

value	0.00563
scoring_system	epss
scoring_elements	0.68324
published_at	2026-04-02T12:55:00Z

value	0.00563
scoring_system	epss
scoring_elements	0.68304
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-7676

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7676
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7676

reference_url

https://github.com/angular/angular.js

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/angular/angular.js

reference_url

https://github.com/angular/angular.js/commit/2df43c07779137d1bddf7f3b282a1287a8634acd

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/angular/angular.js/commit/2df43c07779137d1bddf7f3b282a1287a8634acd

reference_url

https://github.com/angular/angular.js/pull/17028

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/angular/angular.js/pull/17028

reference_url

https://lists.apache.org/thread.html/r198985c02829ba8285ed4f9b1de54a33b5f31b08bb38ac51fc86961b@%3Cozone-issues.hadoop.apache.org%3E

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r198985c02829ba8285ed4f9b1de54a33b5f31b08bb38ac51fc86961b@%3Cozone-issues.hadoop.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r198985c02829ba8285ed4f9b1de54a33b5f31b08bb38ac51fc86961b%40%3Cozone-issues.hadoop.apache.org%3E

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r198985c02829ba8285ed4f9b1de54a33b5f31b08bb38ac51fc86961b%40%3Cozone-issues.hadoop.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r3f05cfd587c774ea83c18e59eda9fa37fa9bbf3421484d4ee1017a20@%3Cozone-issues.hadoop.apache.org%3E

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r3f05cfd587c774ea83c18e59eda9fa37fa9bbf3421484d4ee1017a20@%3Cozone-issues.hadoop.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r3f05cfd587c774ea83c18e59eda9fa37fa9bbf3421484d4ee1017a20%40%3Cozone-issues.hadoop.apache.org%3E

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r3f05cfd587c774ea83c18e59eda9fa37fa9bbf3421484d4ee1017a20%40%3Cozone-issues.hadoop.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r446c297cd6cda2bd7e345c9b0741d7f611df89902e5d515848c6f4b1@%3Cozone-issues.hadoop.apache.org%3E

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r446c297cd6cda2bd7e345c9b0741d7f611df89902e5d515848c6f4b1@%3Cozone-issues.hadoop.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r446c297cd6cda2bd7e345c9b0741d7f611df89902e5d515848c6f4b1%40%3Cozone-issues.hadoop.apache.org%3E

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r446c297cd6cda2bd7e345c9b0741d7f611df89902e5d515848c6f4b1%40%3Cozone-issues.hadoop.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r455ebd83a1c69ae8fd897560534a079c70a483dbe1e75504f1ca499b@%3Cozone-issues.hadoop.apache.org%3E

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r455ebd83a1c69ae8fd897560534a079c70a483dbe1e75504f1ca499b@%3Cozone-issues.hadoop.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r455ebd83a1c69ae8fd897560534a079c70a483dbe1e75504f1ca499b%40%3Cozone-issues.hadoop.apache.org%3E

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r455ebd83a1c69ae8fd897560534a079c70a483dbe1e75504f1ca499b%40%3Cozone-issues.hadoop.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r57383582dcad2305430321589dfaca6793f5174c55da6ce8d06fbf9b@%3Cozone-issues.hadoop.apache.org%3E

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r57383582dcad2305430321589dfaca6793f5174c55da6ce8d06fbf9b@%3Cozone-issues.hadoop.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r57383582dcad2305430321589dfaca6793f5174c55da6ce8d06fbf9b%40%3Cozone-issues.hadoop.apache.org%3E

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r57383582dcad2305430321589dfaca6793f5174c55da6ce8d06fbf9b%40%3Cozone-issues.hadoop.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r79e3feaaf87b81e80da0e17a579015f6dcb94c95551ced398d50c8d7@%3Cozone-issues.hadoop.apache.org%3E

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r79e3feaaf87b81e80da0e17a579015f6dcb94c95551ced398d50c8d7@%3Cozone-issues.hadoop.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r79e3feaaf87b81e80da0e17a579015f6dcb94c95551ced398d50c8d7%40%3Cozone-issues.hadoop.apache.org%3E

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r79e3feaaf87b81e80da0e17a579015f6dcb94c95551ced398d50c8d7%40%3Cozone-issues.hadoop.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r80f210a5f4833d59c5d3de17dd7312f9daba0765ec7d4052469f13f1@%3Cozone-commits.hadoop.apache.org%3E

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r80f210a5f4833d59c5d3de17dd7312f9daba0765ec7d4052469f13f1@%3Cozone-commits.hadoop.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r80f210a5f4833d59c5d3de17dd7312f9daba0765ec7d4052469f13f1%40%3Cozone-commits.hadoop.apache.org%3E

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r80f210a5f4833d59c5d3de17dd7312f9daba0765ec7d4052469f13f1%40%3Cozone-commits.hadoop.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rb6423268b25db0f800359986867648e11dbd38e133b9383e85067f02@%3Cozone-issues.hadoop.apache.org%3E

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rb6423268b25db0f800359986867648e11dbd38e133b9383e85067f02@%3Cozone-issues.hadoop.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rb6423268b25db0f800359986867648e11dbd38e133b9383e85067f02%40%3Cozone-issues.hadoop.apache.org%3E

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rb6423268b25db0f800359986867648e11dbd38e133b9383e85067f02%40%3Cozone-issues.hadoop.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679@%3Ccommits.nifi.apache.org%3E

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679@%3Ccommits.nifi.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679%40%3Ccommits.nifi.apache.org%3E

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679%40%3Ccommits.nifi.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rfa2b19d01d10a8637dc319a7d5994c3dbdb88c0a8f9a21533403577a@%3Cozone-issues.hadoop.apache.org%3E

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rfa2b19d01d10a8637dc319a7d5994c3dbdb88c0a8f9a21533403577a@%3Cozone-issues.hadoop.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rfa2b19d01d10a8637dc319a7d5994c3dbdb88c0a8f9a21533403577a%40%3Cozone-issues.hadoop.apache.org%3E

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rfa2b19d01d10a8637dc319a7d5994c3dbdb88c0a8f9a21533403577a%40%3Cozone-issues.hadoop.apache.org%3E

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-7676

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-7676

reference_url

https://snyk.io/vuln/SNYK-JS-ANGULAR-570058

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://snyk.io/vuln/SNYK-JS-ANGULAR-570058

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1849206
reference_id	1849206
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1849206

reference_url	https://access.redhat.com/errata/RHSA-2020:5249
reference_id	RHSA-2020:5249
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5249

reference_url	https://access.redhat.com/errata/RHSA-2020:5568
reference_id	RHSA-2020:5568
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5568

reference_url	https://access.redhat.com/errata/RHSA-2021:0417
reference_id	RHSA-2021:0417
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0417

reference_url	https://access.redhat.com/errata/RHSA-2021:0967
reference_id	RHSA-2021:0967
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0967

reference_url	https://access.redhat.com/errata/RHSA-2021:0968
reference_id	RHSA-2021:0968
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0968

reference_url	https://access.redhat.com/errata/RHSA-2021:0969
reference_id	RHSA-2021:0969
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0969

reference_url	https://access.redhat.com/errata/RHSA-2021:0974
reference_id	RHSA-2021:0974
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0974

fixed_packages

aliases

CVE-2020-7676, GHSA-mhp6-pxh8-r675

risk_score

3.1

exploitability

0.5

weighted_severity

6.2

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-rvrc-5q4c-63bh

Fixing_vulnerabilities

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@9.0.12-1.redhat_00001.1%3Farch=el7sso

Package Instance