Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.wildfly.security/wildfly-elytron@1.15.4
Typemaven
Namespaceorg.wildfly.security
Namewildfly-elytron
Version1.15.4
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.15.15.Final
Latest_non_vulnerable_version2.6.2.Final
Affected_by_vulnerabilities
0
url VCID-7qwz-74p6-yqhs
vulnerability_id VCID-7qwz-74p6-yqhs
summary 
Observable Discrepancy in Wildfly Elytron
A flaw was found in Wildfly Elytron where ScramServer may be susceptible to Timing Attack if enabled. The highest threat of this vulnerability is confidentiality. This flaw affectes Wildfly Elytron versions prior to 1.10.14.Final, prior to 1.15.5.Final and prior to 1.16.1.Final.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3642.json
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3642.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3642
reference_id
reference_type
scores
0
value 0.00267
scoring_system epss
scoring_elements 0.50198
published_at 2026-04-18T12:55:00Z
1
value 0.00267
scoring_system epss
scoring_elements 0.50165
published_at 2026-04-09T12:55:00Z
2
value 0.00267
scoring_system epss
scoring_elements 0.50182
published_at 2026-04-11T12:55:00Z
3
value 0.00267
scoring_system epss
scoring_elements 0.50156
published_at 2026-04-12T12:55:00Z
4
value 0.00267
scoring_system epss
scoring_elements 0.50152
published_at 2026-04-13T12:55:00Z
5
value 0.00267
scoring_system epss
scoring_elements 0.50197
published_at 2026-04-16T12:55:00Z
6
value 0.00267
scoring_system epss
scoring_elements 0.50104
published_at 2026-04-01T12:55:00Z
7
value 0.00267
scoring_system epss
scoring_elements 0.50139
published_at 2026-04-02T12:55:00Z
8
value 0.00267
scoring_system epss
scoring_elements 0.50167
published_at 2026-04-04T12:55:00Z
9
value 0.00267
scoring_system epss
scoring_elements 0.50117
published_at 2026-04-07T12:55:00Z
10
value 0.00267
scoring_system epss
scoring_elements 0.50171
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3642
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1981407
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1981407
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3642
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-3642
4
reference_url https://github.com/advisories/GHSA-5499-qjvh-6j7w
reference_id GHSA-5499-qjvh-6j7w
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5499-qjvh-6j7w
5
reference_url https://access.redhat.com/errata/RHSA-2021:3656
reference_id RHSA-2021:3656
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3656
6
reference_url https://access.redhat.com/errata/RHSA-2021:3658
reference_id RHSA-2021:3658
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3658
7
reference_url https://access.redhat.com/errata/RHSA-2021:3660
reference_id RHSA-2021:3660
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3660
8
reference_url https://access.redhat.com/errata/RHSA-2021:3880
reference_id RHSA-2021:3880
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3880
9
reference_url https://access.redhat.com/errata/RHSA-2021:4767
reference_id RHSA-2021:4767
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4767
10
reference_url https://access.redhat.com/errata/RHSA-2021:5149
reference_id RHSA-2021:5149
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5149
11
reference_url https://access.redhat.com/errata/RHSA-2021:5150
reference_id RHSA-2021:5150
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5150
12
reference_url https://access.redhat.com/errata/RHSA-2021:5151
reference_id RHSA-2021:5151
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5151
13
reference_url https://access.redhat.com/errata/RHSA-2021:5154
reference_id RHSA-2021:5154
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5154
14
reference_url https://access.redhat.com/errata/RHSA-2021:5170
reference_id RHSA-2021:5170
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5170
15
reference_url https://access.redhat.com/errata/RHSA-2022:0146
reference_id RHSA-2022:0146
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0146
16
reference_url https://access.redhat.com/errata/RHSA-2022:0520
reference_id RHSA-2022:0520
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0520
17
reference_url https://access.redhat.com/errata/RHSA-2022:1179
reference_id RHSA-2022:1179
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1179
18
reference_url https://access.redhat.com/errata/RHSA-2022:5532
reference_id RHSA-2022:5532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5532
19
reference_url https://access.redhat.com/errata/RHSA-2022:5903
reference_id RHSA-2022:5903
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5903
fixed_packages
0
url pkg:maven/org.wildfly.security/wildfly-elytron@1.15.5
purl pkg:maven/org.wildfly.security/wildfly-elytron@1.15.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.wildfly.security/wildfly-elytron@1.15.5
1
url pkg:maven/org.wildfly.security/wildfly-elytron@1.15.5.Final
purl pkg:maven/org.wildfly.security/wildfly-elytron@1.15.5.Final
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6ssa-j1q1-c3cs
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.wildfly.security/wildfly-elytron@1.15.5.Final
2
url pkg:maven/org.wildfly.security/wildfly-elytron@1.16.1.Final
purl pkg:maven/org.wildfly.security/wildfly-elytron@1.16.1.Final
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6ssa-j1q1-c3cs
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.wildfly.security/wildfly-elytron@1.16.1.Final
3
url pkg:maven/org.wildfly.security/wildfly-elytron@1.16.1
purl pkg:maven/org.wildfly.security/wildfly-elytron@1.16.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.wildfly.security/wildfly-elytron@1.16.1
aliases CVE-2021-3642, GHSA-5499-qjvh-6j7w
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7qwz-74p6-yqhs
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.wildfly.security/wildfly-elytron@1.15.4