Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/hsqldb@1.8.0.9-3
Typedeb
Namespacedebian
Namehsqldb
Version1.8.0.9-3
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.5.1-1+deb11u2
Latest_non_vulnerable_version2.5.1-1+deb11u2
Affected_by_vulnerabilities
0
url VCID-e7dq-77gj-1fc2
vulnerability_id VCID-e7dq-77gj-1fc2
summary libreoffice: Arbitrary file write
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1183.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1183.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-1183
reference_id
reference_type
scores
0
value 0.06891
scoring_system epss
scoring_elements 0.91338
published_at 2026-04-02T12:55:00Z
1
value 0.06891
scoring_system epss
scoring_elements 0.91348
published_at 2026-04-04T12:55:00Z
2
value 0.06891
scoring_system epss
scoring_elements 0.91356
published_at 2026-04-07T12:55:00Z
3
value 0.06891
scoring_system epss
scoring_elements 0.91368
published_at 2026-04-08T12:55:00Z
4
value 0.06891
scoring_system epss
scoring_elements 0.91375
published_at 2026-04-09T12:55:00Z
5
value 0.06891
scoring_system epss
scoring_elements 0.91382
published_at 2026-04-11T12:55:00Z
6
value 0.06891
scoring_system epss
scoring_elements 0.91385
published_at 2026-04-12T12:55:00Z
7
value 0.06891
scoring_system epss
scoring_elements 0.91384
published_at 2026-04-13T12:55:00Z
8
value 0.06891
scoring_system epss
scoring_elements 0.91409
published_at 2026-04-21T12:55:00Z
9
value 0.06891
scoring_system epss
scoring_elements 0.91407
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-1183
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1183
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1183
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2208506
reference_id 2208506
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2208506
5
reference_url https://access.redhat.com/errata/RHSA-2023:6508
reference_id RHSA-2023:6508
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6508
6
reference_url https://access.redhat.com/errata/RHSA-2023:6933
reference_id RHSA-2023:6933
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6933
fixed_packages
0
url pkg:deb/debian/hsqldb@2.5.1-1%2Bdeb11u2
purl pkg:deb/debian/hsqldb@2.5.1-1%2Bdeb11u2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/hsqldb@2.5.1-1%252Bdeb11u2
aliases CVE-2023-1183
risk_score 2.2
exploitability 0.5
weighted_severity 4.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e7dq-77gj-1fc2
1
url VCID-knw5-d2nn-vyhq
vulnerability_id VCID-knw5-d2nn-vyhq
summary 
HyperSQL DataBase vulnerable to remote code execution when processing untrusted input
Those using `java.sql.Statement` or `java.sql.PreparedStatement` in hsqldb (HyperSQL DataBase) to process untrusted input may be vulnerable to a remote code execution attack. By default it is allowed to call any static method of any Java class in the classpath resulting in code execution. The issue can be prevented by updating to 2.7.1 or by setting the system property "hsqldb.method_class_names" to classes which are allowed to be called. For example, `System.setProperty("hsqldb.method_class_names", "abc")` or Java argument `-Dhsqldb.method_class_names="abc"` can be used. From version 2.7.1 all classes by default are not accessible except those in `java.lang.Math` and need to be manually enabled.
references
0
reference_url http://hsqldb.org/doc/2.0/guide/sqlroutines-chapt.html#src_jrt_access_control
reference_id
reference_type
scores
0
value 8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-21T13:37:02Z/
url http://hsqldb.org/doc/2.0/guide/sqlroutines-chapt.html#src_jrt_access_control
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41853.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41853.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-41853
reference_id
reference_type
scores
0
value 0.70144
scoring_system epss
scoring_elements 0.98681
published_at 2026-04-16T12:55:00Z
1
value 0.70144
scoring_system epss
scoring_elements 0.98678
published_at 2026-04-13T12:55:00Z
2
value 0.70144
scoring_system epss
scoring_elements 0.98677
published_at 2026-04-12T12:55:00Z
3
value 0.70144
scoring_system epss
scoring_elements 0.98676
published_at 2026-04-11T12:55:00Z
4
value 0.70144
scoring_system epss
scoring_elements 0.98674
published_at 2026-04-09T12:55:00Z
5
value 0.70144
scoring_system epss
scoring_elements 0.98682
published_at 2026-04-18T12:55:00Z
6
value 0.70144
scoring_system epss
scoring_elements 0.98666
published_at 2026-04-02T12:55:00Z
7
value 0.70144
scoring_system epss
scoring_elements 0.98669
published_at 2026-04-04T12:55:00Z
8
value 0.70144
scoring_system epss
scoring_elements 0.98683
published_at 2026-04-21T12:55:00Z
9
value 0.70144
scoring_system epss
scoring_elements 0.98673
published_at 2026-04-08T12:55:00Z
10
value 0.70144
scoring_system epss
scoring_elements 0.98672
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-41853
3
reference_url https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50212#c7
reference_id
reference_type
scores
0
value 8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-21T13:37:02Z/
url https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50212#c7
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41853
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41853
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://lists.debian.org/debian-lts-announce/2022/12/msg00020.html
reference_id
reference_type
scores
0
value 8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-21T13:37:02Z/
url https://lists.debian.org/debian-lts-announce/2022/12/msg00020.html
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-41853
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-41853
8
reference_url https://sourceforge.net/projects/hsqldb
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://sourceforge.net/projects/hsqldb
9
reference_url https://www.debian.org/security/2023/dsa-5313
reference_id
reference_type
scores
0
value 8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-21T13:37:02Z/
url https://www.debian.org/security/2023/dsa-5313
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023573
reference_id 1023573
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023573
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2136141
reference_id 2136141
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2136141
12
reference_url https://github.com/advisories/GHSA-77xx-rxvh-q682
reference_id GHSA-77xx-rxvh-q682
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-77xx-rxvh-q682
13
reference_url https://access.redhat.com/errata/RHSA-2022:8559
reference_id RHSA-2022:8559
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8559
14
reference_url https://access.redhat.com/errata/RHSA-2022:8560
reference_id RHSA-2022:8560
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8560
15
reference_url https://access.redhat.com/errata/RHSA-2022:8652
reference_id RHSA-2022:8652
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8652
16
reference_url https://access.redhat.com/errata/RHSA-2023:2100
reference_id RHSA-2023:2100
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2100
fixed_packages
0
url pkg:deb/debian/hsqldb@2.5.1-1%2Bdeb11u2
purl pkg:deb/debian/hsqldb@2.5.1-1%2Bdeb11u2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/hsqldb@2.5.1-1%252Bdeb11u2
aliases CVE-2022-41853, GHSA-77xx-rxvh-q682
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-knw5-d2nn-vyhq
Fixing_vulnerabilities
0
url VCID-ymqq-9gmh-6kfn
vulnerability_id VCID-ymqq-9gmh-6kfn
summary 
An unspecified vulnerability has been reported in OpenOffice.org, possibly
    allowing for the execution of arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4575.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4575.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-4575
reference_id
reference_type
scores
0
value 0.06316
scoring_system epss
scoring_elements 0.9092
published_at 2026-04-01T12:55:00Z
1
value 0.06316
scoring_system epss
scoring_elements 0.90926
published_at 2026-04-02T12:55:00Z
2
value 0.06316
scoring_system epss
scoring_elements 0.90935
published_at 2026-04-04T12:55:00Z
3
value 0.06316
scoring_system epss
scoring_elements 0.90945
published_at 2026-04-07T12:55:00Z
4
value 0.06316
scoring_system epss
scoring_elements 0.90957
published_at 2026-04-08T12:55:00Z
5
value 0.06316
scoring_system epss
scoring_elements 0.90963
published_at 2026-04-09T12:55:00Z
6
value 0.06316
scoring_system epss
scoring_elements 0.90971
published_at 2026-04-11T12:55:00Z
7
value 0.06316
scoring_system epss
scoring_elements 0.90973
published_at 2026-04-12T12:55:00Z
8
value 0.06316
scoring_system epss
scoring_elements 0.90972
published_at 2026-04-13T12:55:00Z
9
value 0.06316
scoring_system epss
scoring_elements 0.90997
published_at 2026-04-16T12:55:00Z
10
value 0.06316
scoring_system epss
scoring_elements 0.90995
published_at 2026-04-18T12:55:00Z
11
value 0.06316
scoring_system epss
scoring_elements 0.90996
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-4575
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4575
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4575
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=299801
reference_id 299801
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=299801
4
reference_url https://security.gentoo.org/glsa/200712-25
reference_id GLSA-200712-25
reference_type
scores
url https://security.gentoo.org/glsa/200712-25
5
reference_url https://access.redhat.com/errata/RHSA-2007:1048
reference_id RHSA-2007:1048
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:1048
6
reference_url https://access.redhat.com/errata/RHSA-2007:1090
reference_id RHSA-2007:1090
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:1090
7
reference_url https://access.redhat.com/errata/RHSA-2008:0151
reference_id RHSA-2008:0151
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0151
8
reference_url https://access.redhat.com/errata/RHSA-2008:0158
reference_id RHSA-2008:0158
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0158
9
reference_url https://access.redhat.com/errata/RHSA-2008:0213
reference_id RHSA-2008:0213
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0213
10
reference_url https://usn.ubuntu.com/609-1/
reference_id USN-609-1
reference_type
scores
url https://usn.ubuntu.com/609-1/
fixed_packages
0
url pkg:deb/debian/hsqldb@1.8.0.9-3
purl pkg:deb/debian/hsqldb@1.8.0.9-3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-e7dq-77gj-1fc2
1
vulnerability VCID-knw5-d2nn-vyhq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/hsqldb@1.8.0.9-3
aliases CVE-2007-4575
risk_score 0.1
exploitability 0.5
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ymqq-9gmh-6kfn
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/hsqldb@1.8.0.9-3