Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/pcs@0.10.1-4.el8_0?arch=5

Type rpm

Namespace redhat

Name pcs

Version 0.10.1-4.el8_0

Qualifiers

arch	5

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-d6tn-s1q2-a3hc

vulnerability_id

VCID-d6tn-s1q2-a3hc

summary

Unsafe object creation in json RubyGem
The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269/GHSA-x457-cw4h-hq5f, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent.

references

reference_url

http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00004.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00004.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10663.json

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10663.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-10663

reference_id

reference_type

scores

value	0.07526
scoring_system	epss
scoring_elements	0.91813
published_at	2026-04-13T12:55:00Z

value	0.07526
scoring_system	epss
scoring_elements	0.91817
published_at	2026-04-12T12:55:00Z

value	0.07526
scoring_system	epss
scoring_elements	0.91815
published_at	2026-04-11T12:55:00Z

value	0.07526
scoring_system	epss
scoring_elements	0.91812
published_at	2026-04-09T12:55:00Z

value	0.07526
scoring_system	epss
scoring_elements	0.91805
published_at	2026-04-08T12:55:00Z

value	0.07526
scoring_system	epss
scoring_elements	0.91792
published_at	2026-04-07T12:55:00Z

value	0.07526
scoring_system	epss
scoring_elements	0.91779
published_at	2026-04-02T12:55:00Z

value	0.07526
scoring_system	epss
scoring_elements	0.9177
published_at	2026-04-01T12:55:00Z

value	0.07526
scoring_system	epss
scoring_elements	0.91784
published_at	2026-04-04T12:55:00Z

value	0.07526
scoring_system	epss
scoring_elements	0.91827
published_at	2026-04-18T12:55:00Z

value	0.07526
scoring_system	epss
scoring_elements	0.91832
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-10663

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10663
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10663

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10933
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10933

reference_url

http://seclists.org/fulldisclosure/2020/Dec/32

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://seclists.org/fulldisclosure/2020/Dec/32

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/flori/json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/flori/json

reference_url

https://github.com/flori/json/blob/master/CHANGES.md#2019-12-11-230

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/flori/json/blob/master/CHANGES.md#2019-12-11-230

reference_url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/json/CVE-2020-10663.yml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/json/CVE-2020-10663.yml

reference_url

https://lists.apache.org/thread.html/r37c0e1807da7ff2bdd028bbe296465a6bbb99e2320dbe661d5d8b33b@%3Cissues.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r37c0e1807da7ff2bdd028bbe296465a6bbb99e2320dbe661d5d8b33b@%3Cissues.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r3b04f4e99a19613f88ae088aa18cd271231a3c79dfff8f5efa8cda61@%3Cissues.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r3b04f4e99a19613f88ae088aa18cd271231a3c79dfff8f5efa8cda61@%3Cissues.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r5f17bfca1d6e7f4b33ae978725b2fd62a9f1b3111696eafa9add802d@%3Cissues.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r5f17bfca1d6e7f4b33ae978725b2fd62a9f1b3111696eafa9add802d@%3Cissues.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r8d2e174230f6d26e16c007546e804c343f1f68956f526daaafa4aaae@%3Cdev.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r8d2e174230f6d26e16c007546e804c343f1f68956f526daaafa4aaae@%3Cdev.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rb023d54a46da1ac0d8969097f5fecc79636b07d3b80db7b818a5c55c@%3Cissues.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rb023d54a46da1ac0d8969097f5fecc79636b07d3b80db7b818a5c55c@%3Cissues.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rb2b981912446a74e14fe6076c4b7c7d8502727ea0718e6a65a9b1be5@%3Cissues.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rb2b981912446a74e14fe6076c4b7c7d8502727ea0718e6a65a9b1be5@%3Cissues.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rd9b9cc843f5cf5b532bdad9e87a817967efcf52b917e8c43b6df4cc7@%3Cissues.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rd9b9cc843f5cf5b532bdad9e87a817967efcf52b917e8c43b6df4cc7@%3Cissues.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rec8bb4d637b04575da41cfae49118e108e95d43bfac39b7b698ee4db@%3Cissues.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rec8bb4d637b04575da41cfae49118e108e95d43bfac39b7b698ee4db@%3Cissues.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/ree3abcd33c06ee95ab59faa1751198a1186d8941ddc2c2562c12966c@%3Cissues.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/ree3abcd33c06ee95ab59faa1751198a1186d8941ddc2c2562c12966c@%3Cissues.zookeeper.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2020/04/msg00030.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2020/04/msg00030.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7QL6MJD2BO4IRJ5CJFNMCDYMQQFT24BJ

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7QL6MJD2BO4IRJ5CJFNMCDYMQQFT24BJ

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7QL6MJD2BO4IRJ5CJFNMCDYMQQFT24BJ/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7QL6MJD2BO4IRJ5CJFNMCDYMQQFT24BJ/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F4TNVTT66VPRMX5UZYSDGSVRXKKDDDU5

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F4TNVTT66VPRMX5UZYSDGSVRXKKDDDU5

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F4TNVTT66VPRMX5UZYSDGSVRXKKDDDU5/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F4TNVTT66VPRMX5UZYSDGSVRXKKDDDU5/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NK2PBXWMFRUD7U7Q7LHV4KYLYID77RI4

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NK2PBXWMFRUD7U7Q7LHV4KYLYID77RI4

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NK2PBXWMFRUD7U7Q7LHV4KYLYID77RI4/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NK2PBXWMFRUD7U7Q7LHV4KYLYID77RI4/

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-10663

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-10663

reference_url

https://security.netapp.com/advisory/ntap-20210129-0003

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20210129-0003

reference_url	https://security.netapp.com/advisory/ntap-20210129-0003/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20210129-0003/

reference_url

https://support.apple.com/kb/HT211931

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://support.apple.com/kb/HT211931

reference_url

https://www.debian.org/security/2020/dsa-4721

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.debian.org/security/2020/dsa-4721

reference_url

https://www.ruby-lang.org/en/news/2020/03/19/json-dos-cve-2020-10663

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.ruby-lang.org/en/news/2020/03/19/json-dos-cve-2020-10663

reference_url

https://www.ruby-lang.org/en/news/2020/03/19/json-dos-cve-2020-10663/

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements

url

https://www.ruby-lang.org/en/news/2020/03/19/json-dos-cve-2020-10663/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1827500
reference_id	1827500
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1827500

reference_url

https://github.com/advisories/GHSA-jphg-qwrw-7w9g

reference_id

GHSA-jphg-qwrw-7w9g

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-jphg-qwrw-7w9g

reference_url	https://access.redhat.com/errata/RHSA-2020:2462
reference_id	RHSA-2020:2462
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2462

reference_url	https://access.redhat.com/errata/RHSA-2020:2473
reference_id	RHSA-2020:2473
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2473

reference_url	https://access.redhat.com/errata/RHSA-2020:2670
reference_id	RHSA-2020:2670
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2670

reference_url	https://access.redhat.com/errata/RHSA-2021:2104
reference_id	RHSA-2021:2104
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2104

reference_url	https://access.redhat.com/errata/RHSA-2021:2230
reference_id	RHSA-2021:2230
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2230

reference_url	https://access.redhat.com/errata/RHSA-2021:2587
reference_id	RHSA-2021:2587
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2587

reference_url	https://access.redhat.com/errata/RHSA-2021:2588
reference_id	RHSA-2021:2588
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2588

reference_url	https://access.redhat.com/errata/RHSA-2022:0581
reference_id	RHSA-2022:0581
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0581

reference_url	https://access.redhat.com/errata/RHSA-2022:0582
reference_id	RHSA-2022:0582
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0582

reference_url	https://usn.ubuntu.com/4882-1/
reference_id	USN-4882-1
reference_type
scores
url	https://usn.ubuntu.com/4882-1/

fixed_packages

aliases

CVE-2020-10663, GHSA-jphg-qwrw-7w9g

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-d6tn-s1q2-a3hc

Fixing_vulnerabilities

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/pcs@0.10.1-4.el8_0%3Farch=5

Package Instance