Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/125132?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/125132?format=api", "purl": "pkg:rpm/redhat/java-1.7.0-openjdk@1:1.7.0.9-2.3.4.el5_9?arch=1", "type": "rpm", "namespace": "redhat", "name": "java-1.7.0-openjdk", "version": "1:1.7.0.9-2.3.4.el5_9", "qualifiers": { "arch": "1" }, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61041?format=api", "vulnerability_id": "VCID-9f18-fhez-5qba", "summary": "Multiple vulnerabilities have been found in the Oracle JRE/JDK,\n allowing attackers to cause unspecified impact.", "references": [ { "reference_url": "http://blog.fuseyism.com/index.php/2013/01/15/security-icedtea-2-1-4-2-2-4-2-3-4-released/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://blog.fuseyism.com/index.php/2013/01/15/security-icedtea-2-1-4-2-2-4-2-3-4-released/" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00025.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00025.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-0156.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2013-0156.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-0165.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2013-0165.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3174.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3174.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-3174", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01406", "scoring_system": "epss", "scoring_elements": "0.80492", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01406", "scoring_system": "epss", "scoring_elements": "0.80408", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01406", "scoring_system": "epss", "scoring_elements": "0.80414", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01406", "scoring_system": "epss", "scoring_elements": "0.80436", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01406", "scoring_system": "epss", "scoring_elements": "0.80425", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01406", "scoring_system": "epss", "scoring_elements": "0.80454", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01406", "scoring_system": "epss", "scoring_elements": "0.80464", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01406", "scoring_system": "epss", "scoring_elements": "0.80482", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01406", "scoring_system": "epss", "scoring_elements": "0.80468", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01406", "scoring_system": "epss", "scoring_elements": "0.80461", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01406", "scoring_system": "epss", "scoring_elements": "0.80489", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01406", "scoring_system": "epss", "scoring_elements": "0.8049", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-3174" }, { "reference_url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0018", "reference_id": "", "reference_type": "", "scores": [], "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0018" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:095", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:095" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2013-0422-1896849.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2013-0422-1896849.html" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1693-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1693-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=894934", "reference_id": "894934", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=894934" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2012-3174", "reference_id": "CVE-2012-3174", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-3174" }, { "reference_url": "https://security.gentoo.org/glsa/201401-30", "reference_id": "GLSA-201401-30", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-30" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0156", "reference_id": "RHSA-2013:0156", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0156" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0165", "reference_id": "RHSA-2013:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0626", "reference_id": "RHSA-2013:0626", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0626" }, { "reference_url": "https://usn.ubuntu.com/1693-1/", "reference_id": "USN-1693-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1693-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2012-3174" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9f18-fhez-5qba" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61053?format=api", "vulnerability_id": "VCID-pg5w-ajf1-97fp", "summary": "Multiple vulnerabilities have been found in the Oracle JRE/JDK,\n allowing attackers to cause unspecified impact.", "references": [ { "reference_url": "http://blog.fireeye.com/research/2013/01/happy-new-year-from-new-java-zero-day.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:51:35Z/" } ], "url": "http://blog.fireeye.com/research/2013/01/happy-new-year-from-new-java-zero-day.html" }, { "reference_url": "http://blog.fuseyism.com/index.php/2013/01/15/security-icedtea-2-1-4-2-2-4-2-3-4-released/", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:51:35Z/" } ], "url": "http://blog.fuseyism.com/index.php/2013/01/15/security-icedtea-2-1-4-2-2-4-2-3-4-released/" }, { "reference_url": "http://immunityproducts.blogspot.ca/2013/01/confirmed-java-only-fixed-one-of-two.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:51:35Z/" } ], "url": "http://immunityproducts.blogspot.ca/2013/01/confirmed-java-only-fixed-one-of-two.html" }, { "reference_url": "http://krebsonsecurity.com/2013/01/zero-day-java-exploit-debuts-in-crimeware/", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:51:35Z/" } ], "url": "http://krebsonsecurity.com/2013/01/zero-day-java-exploit-debuts-in-crimeware/" }, { "reference_url": "http://labs.alienvault.com/labs/index.php/2013/new-year-new-java-zeroday/", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:51:35Z/" } ], "url": "http://labs.alienvault.com/labs/index.php/2013/new-year-new-java-zeroday/" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00025.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:51:35Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00025.html" }, { "reference_url": "http://malware.dontneedcoffee.com/2013/01/0-day-17u10-spotted-in-while-disable.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:51:35Z/" } ], "url": "http://malware.dontneedcoffee.com/2013/01/0-day-17u10-spotted-in-while-disable.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-0156.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:51:35Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0156.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-0165.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:51:35Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0165.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0422.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0422.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0422", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.93614", "scoring_system": "epss", "scoring_elements": "0.99839", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.93614", "scoring_system": "epss", "scoring_elements": "0.99837", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.93614", "scoring_system": "epss", "scoring_elements": "0.99838", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.93768", "scoring_system": "epss", "scoring_elements": "0.99854", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.93768", "scoring_system": "epss", "scoring_elements": "0.99853", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.93768", "scoring_system": "epss", "scoring_elements": "0.99855", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0422" }, { "reference_url": "http://seclists.org/bugtraq/2013/Jan/48", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:51:35Z/" } ], "url": "http://seclists.org/bugtraq/2013/Jan/48" }, { "reference_url": "https://partners.immunityinc.com/idocs/Java%20MBeanInstantiator.findClass%200day%20Analysis.pdf", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:51:35Z/" } ], "url": "https://partners.immunityinc.com/idocs/Java%20MBeanInstantiator.findClass%200day%20Analysis.pdf" }, { "reference_url": "https://threatpost.com/en_us/blogs/nasty-new-java-zero-day-found-exploit-kits-already-have-it-011013", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:51:35Z/" } ], "url": "https://threatpost.com/en_us/blogs/nasty-new-java-zero-day-found-exploit-kits-already-have-it-011013" }, { "reference_url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0018", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:51:35Z/" } ], "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0018" }, { "reference_url": "https://www-304.ibm.com/connections/blogs/PSIRT/entry/oracle_java_7_security_manager_bypass_vulnerability_cve_2013_04224?lang=en_us", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:51:35Z/" } ], "url": "https://www-304.ibm.com/connections/blogs/PSIRT/entry/oracle_java_7_security_manager_bypass_vulnerability_cve_2013_04224?lang=en_us" }, { "reference_url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-0422", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-0422" }, { "reference_url": "http://www.kb.cert.org/vuls/id/625617", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:51:35Z/" } ], "url": "http://www.kb.cert.org/vuls/id/625617" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:095", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:51:35Z/" } ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:095" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2013-0422-1896849.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:51:35Z/" } ], "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2013-0422-1896849.html" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1693-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:51:35Z/" } ], "url": "http://www.ubuntu.com/usn/USN-1693-1" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA13-010A.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:51:35Z/" } ], "url": "http://www.us-cert.gov/cas/techalerts/TA13-010A.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=894172", "reference_id": "894172", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=894172" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.7.0:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.7.0:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0422", "reference_id": "CVE-2013-0422", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0422" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/java/remote/24045.rb", "reference_id": "CVE-2013-0422;OSVDB-89059", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/java/remote/24045.rb" }, { "reference_url": "https://security.gentoo.org/glsa/201401-30", "reference_id": "GLSA-201401-30", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-30" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0156", "reference_id": "RHSA-2013:0156", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0156" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0165", "reference_id": "RHSA-2013:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0626", "reference_id": "RHSA-2013:0626", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0626" }, { "reference_url": "https://usn.ubuntu.com/1693-1/", "reference_id": "USN-1693-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1693-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2013-0422" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pg5w-ajf1-97fp" } ], "fixing_vulnerabilities": [], "risk_score": "10.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.7.0-openjdk@1:1.7.0.9-2.3.4.el5_9%3Farch=1" }