Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/eap7-picketbox@4.9.8-1.Final_redhat_1.1.ep7?arch=el7
Typerpm
Namespaceredhat
Nameeap7-picketbox
Version4.9.8-1.Final_redhat_1.1.ep7
Qualifiers
arch el7
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-77xn-dtdn-hfa2
vulnerability_id VCID-77xn-dtdn-hfa2
summary 
Inconsistent Interpretation of HTTP Requests (HTTP Request Smuggling)
It was discovered in Undertow that the code that parses the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack, or obtain sensitive information from requests other than their own.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2017-1409.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-1409.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2666.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2666.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-2666
reference_id
reference_type
scores
0
value 0.01394
scoring_system epss
scoring_elements 0.80382
published_at 2026-04-13T12:55:00Z
1
value 0.01394
scoring_system epss
scoring_elements 0.80346
published_at 2026-04-07T12:55:00Z
2
value 0.01394
scoring_system epss
scoring_elements 0.80375
published_at 2026-04-08T12:55:00Z
3
value 0.01394
scoring_system epss
scoring_elements 0.80385
published_at 2026-04-09T12:55:00Z
4
value 0.01394
scoring_system epss
scoring_elements 0.80404
published_at 2026-04-11T12:55:00Z
5
value 0.01394
scoring_system epss
scoring_elements 0.80389
published_at 2026-04-12T12:55:00Z
6
value 0.01394
scoring_system epss
scoring_elements 0.8033
published_at 2026-04-01T12:55:00Z
7
value 0.01394
scoring_system epss
scoring_elements 0.80337
published_at 2026-04-02T12:55:00Z
8
value 0.01394
scoring_system epss
scoring_elements 0.80357
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-2666
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2666
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2666
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2666
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2666
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2670
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2670
6
reference_url https://github.com/advisories/GHSA-mcfm-h73v-635m
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-mcfm-h73v-635m
7
reference_url http://www.securityfocus.com/bid/98966
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/98966
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1436163
reference_id 1436163
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1436163
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864405
reference_id 864405
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864405
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-2666
reference_id CVE-2017-2666
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-2666
11
reference_url https://access.redhat.com/errata/RHSA-2017:1409
reference_id RHSA-2017:1409
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1409
fixed_packages
aliases CVE-2017-2666, GHSA-mcfm-h73v-635m
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-77xn-dtdn-hfa2
1
url VCID-9zut-79gt-1bgy
vulnerability_id VCID-9zut-79gt-1bgy
summary It was found in Undertow before 1.3.28 that with non-clean TCP close, the Websocket server gets into infinite loop on every IO thread, effectively causing DoS.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2017-1409.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-1409.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2670.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2670.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-2670
reference_id
reference_type
scores
0
value 0.05972
scoring_system epss
scoring_elements 0.90659
published_at 2026-04-13T12:55:00Z
1
value 0.05972
scoring_system epss
scoring_elements 0.90631
published_at 2026-04-04T12:55:00Z
2
value 0.05972
scoring_system epss
scoring_elements 0.90639
published_at 2026-04-07T12:55:00Z
3
value 0.05972
scoring_system epss
scoring_elements 0.9065
published_at 2026-04-08T12:55:00Z
4
value 0.05972
scoring_system epss
scoring_elements 0.90656
published_at 2026-04-09T12:55:00Z
5
value 0.05972
scoring_system epss
scoring_elements 0.90665
published_at 2026-04-12T12:55:00Z
6
value 0.05972
scoring_system epss
scoring_elements 0.90617
published_at 2026-04-01T12:55:00Z
7
value 0.05972
scoring_system epss
scoring_elements 0.90621
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-2670
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2670
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2670
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2666
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2666
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2670
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2670
6
reference_url https://github.com/advisories/GHSA-3x7h-5hfr-hvjm
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-3x7h-5hfr-hvjm
7
reference_url https://github.com/undertow-io/undertow/commit/9bfe9fbbb595d51157b61693f072895f7dbadd1d
reference_id
reference_type
scores
url https://github.com/undertow-io/undertow/commit/9bfe9fbbb595d51157b61693f072895f7dbadd1d
8
reference_url http://www.securityfocus.com/bid/98965
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/98965
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1438885
reference_id 1438885
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1438885
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864405
reference_id 864405
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864405
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-2670
reference_id CVE-2017-2670
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-2670
12
reference_url https://access.redhat.com/errata/RHSA-2017:1409
reference_id RHSA-2017:1409
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1409
fixed_packages
aliases CVE-2017-2670, GHSA-3x7h-5hfr-hvjm
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9zut-79gt-1bgy
2
url VCID-jtbq-4rr9-vud6
vulnerability_id VCID-jtbq-4rr9-vud6
summary wildfly: Arbitrary file read via path traversal
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2595.json
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2595.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-2595
reference_id
reference_type
scores
0
value 0.01106
scoring_system epss
scoring_elements 0.7804
published_at 2026-04-01T12:55:00Z
1
value 0.01106
scoring_system epss
scoring_elements 0.78048
published_at 2026-04-02T12:55:00Z
2
value 0.01106
scoring_system epss
scoring_elements 0.78077
published_at 2026-04-04T12:55:00Z
3
value 0.01106
scoring_system epss
scoring_elements 0.7806
published_at 2026-04-07T12:55:00Z
4
value 0.01106
scoring_system epss
scoring_elements 0.78086
published_at 2026-04-08T12:55:00Z
5
value 0.01106
scoring_system epss
scoring_elements 0.7809
published_at 2026-04-09T12:55:00Z
6
value 0.01106
scoring_system epss
scoring_elements 0.78117
published_at 2026-04-11T12:55:00Z
7
value 0.01106
scoring_system epss
scoring_elements 0.78099
published_at 2026-04-12T12:55:00Z
8
value 0.01106
scoring_system epss
scoring_elements 0.78095
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-2595
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1413028
reference_id 1413028
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1413028
3
reference_url https://access.redhat.com/errata/RHSA-2017:1409
reference_id RHSA-2017:1409
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1409
4
reference_url https://access.redhat.com/errata/RHSA-2017:1551
reference_id RHSA-2017:1551
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1551
fixed_packages
aliases CVE-2017-2595
risk_score 3.5
exploitability 0.5
weighted_severity 6.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jtbq-4rr9-vud6
3
url VCID-p3uc-ee2b-fff5
vulnerability_id VCID-p3uc-ee2b-fff5
summary 
Improper Input Validation
JBoss RESTEasy before version 3.1.2 could be forced into parsing a request with YamlProvider, resulting in unmarshalling of potentially untrusted data which could allow an attacker to execute arbitrary code with RESTEasy application permissions.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2017-1255.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2017-1255.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2017-1409.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2017-1409.html
2
reference_url https://access.redhat.com/errata/RHSA-2017:1253
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:1253
3
reference_url https://access.redhat.com/errata/RHSA-2017:1254
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:1254
4
reference_url https://access.redhat.com/errata/RHSA-2017:1256
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:1256
5
reference_url https://access.redhat.com/errata/RHSA-2017:1260
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:1260
6
reference_url https://access.redhat.com/errata/RHSA-2017:1410
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:1410
7
reference_url https://access.redhat.com/errata/RHSA-2017:1411
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:1411
8
reference_url https://access.redhat.com/errata/RHSA-2017:1412
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:1412
9
reference_url https://access.redhat.com/errata/RHSA-2017:1675
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:1675
10
reference_url https://access.redhat.com/errata/RHSA-2017:1676
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:1676
11
reference_url https://access.redhat.com/errata/RHSA-2018:2909
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2909
12
reference_url https://access.redhat.com/errata/RHSA-2018:2913
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2913
13
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9606.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9606.json
14
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9606
reference_id
reference_type
scores
0
value 0.02263
scoring_system epss
scoring_elements 0.84624
published_at 2026-04-13T12:55:00Z
1
value 0.02263
scoring_system epss
scoring_elements 0.84546
published_at 2026-04-01T12:55:00Z
2
value 0.02263
scoring_system epss
scoring_elements 0.84561
published_at 2026-04-02T12:55:00Z
3
value 0.02263
scoring_system epss
scoring_elements 0.84583
published_at 2026-04-04T12:55:00Z
4
value 0.02263
scoring_system epss
scoring_elements 0.84586
published_at 2026-04-07T12:55:00Z
5
value 0.02263
scoring_system epss
scoring_elements 0.84607
published_at 2026-04-08T12:55:00Z
6
value 0.02263
scoring_system epss
scoring_elements 0.84614
published_at 2026-04-09T12:55:00Z
7
value 0.02263
scoring_system epss
scoring_elements 0.84633
published_at 2026-04-11T12:55:00Z
8
value 0.02263
scoring_system epss
scoring_elements 0.84628
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9606
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1400644
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1400644
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9606
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9606
17
reference_url https://github.com/resteasy/Resteasy
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/resteasy/Resteasy
18
reference_url http://www.securityfocus.com/bid/94940
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/94940
19
reference_url http://www.securitytracker.com/id/1038524
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1038524
20
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851430
reference_id 851430
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851430
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9606
reference_id CVE-2016-9606
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-9606
22
reference_url https://github.com/advisories/GHSA-hgjr-xwj3-jfvw
reference_id GHSA-hgjr-xwj3-jfvw
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hgjr-xwj3-jfvw
23
reference_url https://access.redhat.com/errata/RHSA-2017:1255
reference_id RHSA-2017:1255
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1255
24
reference_url https://access.redhat.com/errata/RHSA-2017:1409
reference_id RHSA-2017:1409
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1409
fixed_packages
aliases CVE-2016-9606, GHSA-hgjr-xwj3-jfvw
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p3uc-ee2b-fff5
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-picketbox@4.9.8-1.Final_redhat_1.1.ep7%3Farch=el7