Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:gem/rack@2.2.3.0
Typegem
Namespace
Namerack
Version2.2.3.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.2.22
Latest_non_vulnerable_version3.2.6
Affected_by_vulnerabilities
0
url VCID-qt1u-2p37-xfet
vulnerability_id VCID-qt1u-2p37-xfet
summary Multiple vulnerabilities have been discovered in Rack, the worst of which can lead to sequence injection in logging compontents.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30122.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30122.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-30122
reference_id
reference_type
scores
0
value 0.00893
scoring_system epss
scoring_elements 0.75512
published_at 2026-04-02T12:55:00Z
1
value 0.00893
scoring_system epss
scoring_elements 0.75542
published_at 2026-04-04T12:55:00Z
2
value 0.00989
scoring_system epss
scoring_elements 0.76867
published_at 2026-04-13T12:55:00Z
3
value 0.00989
scoring_system epss
scoring_elements 0.76873
published_at 2026-04-12T12:55:00Z
4
value 0.00989
scoring_system epss
scoring_elements 0.76893
published_at 2026-04-11T12:55:00Z
5
value 0.00989
scoring_system epss
scoring_elements 0.76913
published_at 2026-04-18T12:55:00Z
6
value 0.00989
scoring_system epss
scoring_elements 0.76909
published_at 2026-04-16T12:55:00Z
7
value 0.00989
scoring_system epss
scoring_elements 0.76864
published_at 2026-04-09T12:55:00Z
8
value 0.00989
scoring_system epss
scoring_elements 0.76854
published_at 2026-04-08T12:55:00Z
9
value 0.00989
scoring_system epss
scoring_elements 0.76823
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-30122
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30122
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30122
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30123
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30123
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44570
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44570
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44571
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44571
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44572
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44572
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27530
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27530
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27539
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27539
9
reference_url https://discuss.rubyonrails.org/t/cve-2022-30122-denial-of-service-vulnerability-in-rack-multipart-parsing/80729
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-13T16:09:46Z/
url https://discuss.rubyonrails.org/t/cve-2022-30122-denial-of-service-vulnerability-in-rack-multipart-parsing/80729
10
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
11
reference_url https://github.com/rack/rack
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rack/rack
12
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2022-30122.yml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2022-30122.yml
13
reference_url https://groups.google.com/g/ruby-security-ann/c/L2Axto442qk
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/g/ruby-security-ann/c/L2Axto442qk
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-30122
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-30122
15
reference_url https://security.netapp.com/advisory/ntap-20231208-0012
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20231208-0012
16
reference_url https://security.netapp.com/advisory/ntap-20231208-0012/
reference_id
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-13T16:09:46Z/
url https://security.netapp.com/advisory/ntap-20231208-0012/
17
reference_url https://www.debian.org/security/2023/dsa-5530
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-13T16:09:46Z/
url https://www.debian.org/security/2023/dsa-5530
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2099519
reference_id 2099519
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2099519
19
reference_url https://github.com/advisories/GHSA-hxqx-xwvh-44m2
reference_id GHSA-hxqx-xwvh-44m2
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hxqx-xwvh-44m2
20
reference_url https://security.gentoo.org/glsa/202310-18
reference_id GLSA-202310-18
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-13T16:09:46Z/
url https://security.gentoo.org/glsa/202310-18
21
reference_url https://access.redhat.com/errata/RHSA-2022:7242
reference_id RHSA-2022:7242
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7242
22
reference_url https://access.redhat.com/errata/RHSA-2023:1486
reference_id RHSA-2023:1486
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1486
23
reference_url https://usn.ubuntu.com/5896-1/
reference_id USN-5896-1
reference_type
scores
url https://usn.ubuntu.com/5896-1/
24
reference_url https://usn.ubuntu.com/7036-1/
reference_id USN-7036-1
reference_type
scores
url https://usn.ubuntu.com/7036-1/
25
reference_url https://usn.ubuntu.com/USN-5253-1/
reference_id USN-USN-5253-1
reference_type
scores
url https://usn.ubuntu.com/USN-5253-1/
fixed_packages
0
url pkg:gem/rack@2.2.3.1
purl pkg:gem/rack@2.2.3.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ja-djzb-2bbw
1
vulnerability VCID-6c1k-vgv4-93ad
2
vulnerability VCID-7p12-ejdu-uqgy
3
vulnerability VCID-7wvj-9h3p-23am
4
vulnerability VCID-7zgg-tvu3-r7gt
5
vulnerability VCID-9rpp-9xss-duf6
6
vulnerability VCID-arac-j5h5-zkcu
7
vulnerability VCID-azu5-jcmd-3ufx
8
vulnerability VCID-c21j-snf1-d3cb
9
vulnerability VCID-c5sc-7qnn-mkb9
10
vulnerability VCID-d58r-22kr-9bct
11
vulnerability VCID-fpg2-nhey-rkcc
12
vulnerability VCID-gdhf-e8q1-kbat
13
vulnerability VCID-gtzk-m9rm-57hw
14
vulnerability VCID-npag-sz7d-v7b6
15
vulnerability VCID-s971-gkdg-jkhc
16
vulnerability VCID-skxv-7he3-xqgc
17
vulnerability VCID-vkrw-y1j6-6fe7
18
vulnerability VCID-w732-52bx-2qf8
19
vulnerability VCID-wt7k-s1yd-nke6
20
vulnerability VCID-xazq-qrm1-9ff6
21
vulnerability VCID-xkah-9nv9-wufd
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/rack@2.2.3.1
aliases CVE-2022-30122, GHSA-hxqx-xwvh-44m2, GMS-2022-1643
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qt1u-2p37-xfet
1
url VCID-udc4-7jnt-y3fu
vulnerability_id VCID-udc4-7jnt-y3fu
summary Multiple vulnerabilities have been discovered in Rack, the worst of which can lead to sequence injection in logging compontents.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30123.json
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30123.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-30123
reference_id
reference_type
scores
0
value 0.02072
scoring_system epss
scoring_elements 0.83974
published_at 2026-04-18T12:55:00Z
1
value 0.02072
scoring_system epss
scoring_elements 0.83914
published_at 2026-04-07T12:55:00Z
2
value 0.02072
scoring_system epss
scoring_elements 0.83937
published_at 2026-04-08T12:55:00Z
3
value 0.02072
scoring_system epss
scoring_elements 0.83944
published_at 2026-04-09T12:55:00Z
4
value 0.02072
scoring_system epss
scoring_elements 0.8396
published_at 2026-04-11T12:55:00Z
5
value 0.02072
scoring_system epss
scoring_elements 0.83949
published_at 2026-04-13T12:55:00Z
6
value 0.02072
scoring_system epss
scoring_elements 0.83953
published_at 2026-04-12T12:55:00Z
7
value 0.02128
scoring_system epss
scoring_elements 0.84126
published_at 2026-04-04T12:55:00Z
8
value 0.02128
scoring_system epss
scoring_elements 0.84109
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-30123
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30122
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30122
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30123
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30123
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44570
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44570
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44571
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44571
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44572
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44572
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27530
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27530
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27539
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27539
9
reference_url https://discuss.rubyonrails.org/t/cve-2022-30123-possible-shell-escape-sequence-injection-vulnerability-in-rack/80728
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://discuss.rubyonrails.org/t/cve-2022-30123-possible-shell-escape-sequence-injection-vulnerability-in-rack/80728
10
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
11
reference_url https://github.com/rack/rack
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/rack/rack
12
reference_url https://github.com/rack/rack/commit/b426cc224908ec6ed6eb8729325392b048215d88
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/rack/rack/commit/b426cc224908ec6ed6eb8729325392b048215d88
13
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2022-30123.yml
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2022-30123.yml
14
reference_url https://groups.google.com/g/ruby-security-ann/c/LWB10kWzag8
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3
scoring_elements
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://groups.google.com/g/ruby-security-ann/c/LWB10kWzag8
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-30123
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-30123
16
reference_url https://security.netapp.com/advisory/ntap-20231208-0011
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20231208-0011
17
reference_url https://security.netapp.com/advisory/ntap-20231208-0011/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20231208-0011/
18
reference_url https://www.debian.org/security/2023/dsa-5530
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2023/dsa-5530
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2099524
reference_id 2099524
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2099524
20
reference_url https://github.com/advisories/GHSA-wq4h-7r42-5hrr
reference_id GHSA-wq4h-7r42-5hrr
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wq4h-7r42-5hrr
21
reference_url https://security.gentoo.org/glsa/202310-18
reference_id GLSA-202310-18
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202310-18
22
reference_url https://access.redhat.com/errata/RHSA-2022:7343
reference_id RHSA-2022:7343
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7343
23
reference_url https://access.redhat.com/errata/RHSA-2023:0632
reference_id RHSA-2023:0632
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0632
24
reference_url https://access.redhat.com/errata/RHSA-2023:1486
reference_id RHSA-2023:1486
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1486
25
reference_url https://usn.ubuntu.com/5896-1/
reference_id USN-5896-1
reference_type
scores
url https://usn.ubuntu.com/5896-1/
26
reference_url https://usn.ubuntu.com/7036-1/
reference_id USN-7036-1
reference_type
scores
url https://usn.ubuntu.com/7036-1/
27
reference_url https://usn.ubuntu.com/USN-5253-1/
reference_id USN-USN-5253-1
reference_type
scores
url https://usn.ubuntu.com/USN-5253-1/
fixed_packages
0
url pkg:gem/rack@2.2.3.1
purl pkg:gem/rack@2.2.3.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ja-djzb-2bbw
1
vulnerability VCID-6c1k-vgv4-93ad
2
vulnerability VCID-7p12-ejdu-uqgy
3
vulnerability VCID-7wvj-9h3p-23am
4
vulnerability VCID-7zgg-tvu3-r7gt
5
vulnerability VCID-9rpp-9xss-duf6
6
vulnerability VCID-arac-j5h5-zkcu
7
vulnerability VCID-azu5-jcmd-3ufx
8
vulnerability VCID-c21j-snf1-d3cb
9
vulnerability VCID-c5sc-7qnn-mkb9
10
vulnerability VCID-d58r-22kr-9bct
11
vulnerability VCID-fpg2-nhey-rkcc
12
vulnerability VCID-gdhf-e8q1-kbat
13
vulnerability VCID-gtzk-m9rm-57hw
14
vulnerability VCID-npag-sz7d-v7b6
15
vulnerability VCID-s971-gkdg-jkhc
16
vulnerability VCID-skxv-7he3-xqgc
17
vulnerability VCID-vkrw-y1j6-6fe7
18
vulnerability VCID-w732-52bx-2qf8
19
vulnerability VCID-wt7k-s1yd-nke6
20
vulnerability VCID-xazq-qrm1-9ff6
21
vulnerability VCID-xkah-9nv9-wufd
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/rack@2.2.3.1
aliases CVE-2022-30123, GHSA-wq4h-7r42-5hrr, GMS-2022-1644
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-udc4-7jnt-y3fu
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:gem/rack@2.2.3.0