Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.springframework/spring-oxm@3.1.0.RELEASE
Typemaven
Namespaceorg.springframework
Namespring-oxm
Version3.1.0.RELEASE
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version4.2.9.RELEASE
Latest_non_vulnerable_version5.2.9.RELEASE
Affected_by_vulnerabilities
0
url VCID-asmf-3c71-gqcb
vulnerability_id VCID-asmf-3c71-gqcb
summary The JavaScriptUtils.javaScriptEscape method in web/util/JavaScriptUtils.java in Spring MVC in Spring Framework before 3.2.2 does not properly escape certain characters, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a (1) line separator or (2) paragraph separator Unicode character or (3) left or (4) right angle bracket.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6430.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6430.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-6430
reference_id
reference_type
scores
0
value 0.00315
scoring_system epss
scoring_elements 0.54513
published_at 2026-04-01T12:55:00Z
1
value 0.00315
scoring_system epss
scoring_elements 0.54616
published_at 2026-04-21T12:55:00Z
2
value 0.00315
scoring_system epss
scoring_elements 0.54637
published_at 2026-04-18T12:55:00Z
3
value 0.00315
scoring_system epss
scoring_elements 0.54635
published_at 2026-04-16T12:55:00Z
4
value 0.00315
scoring_system epss
scoring_elements 0.54597
published_at 2026-04-13T12:55:00Z
5
value 0.00315
scoring_system epss
scoring_elements 0.54619
published_at 2026-04-12T12:55:00Z
6
value 0.00315
scoring_system epss
scoring_elements 0.54636
published_at 2026-04-11T12:55:00Z
7
value 0.00315
scoring_system epss
scoring_elements 0.54623
published_at 2026-04-09T12:55:00Z
8
value 0.00315
scoring_system epss
scoring_elements 0.54628
published_at 2026-04-08T12:55:00Z
9
value 0.00315
scoring_system epss
scoring_elements 0.54577
published_at 2026-04-07T12:55:00Z
10
value 0.00315
scoring_system epss
scoring_elements 0.54607
published_at 2026-04-04T12:55:00Z
11
value 0.00315
scoring_system epss
scoring_elements 0.54583
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-6430
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6429
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6429
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6430
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6430
4
reference_url https://github.com/spring-projects/spring-framework
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/spring-projects/spring-framework
5
reference_url https://github.com/spring-projects/spring-framework/commit/7a7df6637478607bef0277bf52a4e0a03e20a248
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/spring-projects/spring-framework/commit/7a7df6637478607bef0277bf52a4e0a03e20a248
6
reference_url https://github.com/spring-projects/spring-framework/commit/9982b4c01a8c7be0961e58b58ed83731c40449ff
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/spring-projects/spring-framework/commit/9982b4c01a8c7be0961e58b58ed83731c40449ff
7
reference_url https://github.com/spring-projects/spring-framework/commit/f5c9fe69a444607af667911bd4c5074b5b073e7b
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/spring-projects/spring-framework/commit/f5c9fe69a444607af667911bd4c5074b5b073e7b
8
reference_url https://github.com/spring-projects/spring-framework/issues/14617
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/spring-projects/spring-framework/issues/14617
9
reference_url https://jira.spring.io/browse/SPR-9983?redirect=false
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://jira.spring.io/browse/SPR-9983?redirect=false
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1039783
reference_id 1039783
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1039783
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=735420
reference_id 735420
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=735420
12
reference_url https://bugzilla.redhat.com/CVE-2013-6430
reference_id CVE-2013-6430
reference_type
scores
url https://bugzilla.redhat.com/CVE-2013-6430
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-6430
reference_id CVE-2013-6430
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-6430
14
reference_url https://spring.io/security/cve-2013-6430
reference_id CVE-2013-6430
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://spring.io/security/cve-2013-6430
15
reference_url http://www.gopivotal.com/security/cve-2013-6430
reference_id CVE-2013-6430
reference_type
scores
url http://www.gopivotal.com/security/cve-2013-6430
16
reference_url https://github.com/advisories/GHSA-xjrf-8x4f-43h4
reference_id GHSA-xjrf-8x4f-43h4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xjrf-8x4f-43h4
17
reference_url https://access.redhat.com/errata/RHSA-2014:0400
reference_id RHSA-2014:0400
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0400
18
reference_url https://access.redhat.com/errata/RHSA-2014:0401
reference_id RHSA-2014:0401
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0401
fixed_packages
0
url pkg:maven/org.springframework/spring-oxm@3.2.2.RELEASE
purl pkg:maven/org.springframework/spring-oxm@3.2.2.RELEASE
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-e7xv-sdvz-g7e4
1
vulnerability VCID-eer8-apxc-2ue6
2
vulnerability VCID-r384-aque-vqcw
3
vulnerability VCID-y3uz-etva-sufh
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework/spring-oxm@3.2.2.RELEASE
aliases CVE-2013-6430, GHSA-xjrf-8x4f-43h4
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-asmf-3c71-gqcb
1
url VCID-e7xv-sdvz-g7e4
vulnerability_id VCID-e7xv-sdvz-g7e4
summary The Spring OXM wrapper in Spring Framework before 3.2.4 and 4.0.0.M1, when using the JAXB marshaller, does not disable entity resolution, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via an XML external entity declaration in conjunction with an entity reference in a (1) DOMSource, (2) StAXSource, (3) SAXSource, or (4) StreamSource, aka an XML External Entity (XXE) issue.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2014-0212.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0212.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2014-0245.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0245.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2014-0254.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0254.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2014-0400.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0400.html
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4152.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4152.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4152
reference_id
reference_type
scores
0
value 0.72323
scoring_system epss
scoring_elements 0.98758
published_at 2026-04-13T12:55:00Z
1
value 0.72323
scoring_system epss
scoring_elements 0.98761
published_at 2026-04-18T12:55:00Z
2
value 0.72323
scoring_system epss
scoring_elements 0.98746
published_at 2026-04-02T12:55:00Z
3
value 0.72323
scoring_system epss
scoring_elements 0.9875
published_at 2026-04-04T12:55:00Z
4
value 0.72323
scoring_system epss
scoring_elements 0.98753
published_at 2026-04-09T12:55:00Z
5
value 0.72323
scoring_system epss
scoring_elements 0.98754
published_at 2026-04-08T12:55:00Z
6
value 0.72323
scoring_system epss
scoring_elements 0.98756
published_at 2026-04-12T12:55:00Z
7
value 0.72323
scoring_system epss
scoring_elements 0.98762
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4152
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4152
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4152
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4152
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4152
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7315
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7315
9
reference_url http://seclists.org/bugtraq/2013/Aug/154
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/bugtraq/2013/Aug/154
10
reference_url http://seclists.org/fulldisclosure/2013/Nov/14
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2013/Nov/14
11
reference_url https://github.com/spring-projects/spring-framework/commit/434735fbf6e7f9051af2ef027657edb99120b173
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/spring-projects/spring-framework/commit/434735fbf6e7f9051af2ef027657edb99120b173
12
reference_url https://github.com/spring-projects/spring-framework/commit/7576274874deeccb6da6b09a8d5bd62e8b5538b7
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/spring-projects/spring-framework/commit/7576274874deeccb6da6b09a8d5bd62e8b5538b7
13
reference_url https://github.com/spring-projects/spring-framework/pull/317/files
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/spring-projects/spring-framework/pull/317/files
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4152
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4152
15
reference_url http://www.debian.org/security/2014/dsa-2842
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2014/dsa-2842
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1000186
reference_id 1000186
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1000186
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=720902
reference_id 720902
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=720902
18
reference_url http://www.gopivotal.com/security/cve-2013-4152
reference_id CVE-2013-4152
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.gopivotal.com/security/cve-2013-4152
19
reference_url https://github.com/advisories/GHSA-rp4p-g69r-438x
reference_id GHSA-rp4p-g69r-438x
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rp4p-g69r-438x
20
reference_url https://access.redhat.com/errata/RHSA-2014:0212
reference_id RHSA-2014:0212
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0212
21
reference_url https://access.redhat.com/errata/RHSA-2014:0245
reference_id RHSA-2014:0245
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0245
22
reference_url https://access.redhat.com/errata/RHSA-2014:0254
reference_id RHSA-2014:0254
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0254
23
reference_url https://access.redhat.com/errata/RHSA-2014:0400
reference_id RHSA-2014:0400
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0400
24
reference_url https://access.redhat.com/errata/RHSA-2014:0401
reference_id RHSA-2014:0401
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0401
fixed_packages
0
url pkg:maven/org.springframework/spring-oxm@3.2.4.RELEASE
purl pkg:maven/org.springframework/spring-oxm@3.2.4.RELEASE
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r384-aque-vqcw
1
vulnerability VCID-y3uz-etva-sufh
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework/spring-oxm@3.2.4.RELEASE
1
url pkg:maven/org.springframework/spring-oxm@4.0.1.RELEASE
purl pkg:maven/org.springframework/spring-oxm@4.0.1.RELEASE
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r384-aque-vqcw
1
vulnerability VCID-y3uz-etva-sufh
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework/spring-oxm@4.0.1.RELEASE
aliases CVE-2013-4152, GHSA-rp4p-g69r-438x
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e7xv-sdvz-g7e4
2
url VCID-eer8-apxc-2ue6
vulnerability_id VCID-eer8-apxc-2ue6
summary The Spring MVC in Spring Framework before 3.2.4 and 4.0.0.M1 through 4.0.0.M2 does not disable external entity resolution for the StAX XMLInputFactory, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML with JAXB, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152. NOTE: this issue was SPLIT from CVE-2013-4152 due to different affected versions.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-7315
reference_id
reference_type
scores
0
value 0.00243
scoring_system epss
scoring_elements 0.47624
published_at 2026-04-21T12:55:00Z
1
value 0.00243
scoring_system epss
scoring_elements 0.47553
published_at 2026-04-01T12:55:00Z
2
value 0.00243
scoring_system epss
scoring_elements 0.47592
published_at 2026-04-02T12:55:00Z
3
value 0.00243
scoring_system epss
scoring_elements 0.47613
published_at 2026-04-04T12:55:00Z
4
value 0.00243
scoring_system epss
scoring_elements 0.47562
published_at 2026-04-07T12:55:00Z
5
value 0.00243
scoring_system epss
scoring_elements 0.47616
published_at 2026-04-08T12:55:00Z
6
value 0.00243
scoring_system epss
scoring_elements 0.47612
published_at 2026-04-12T12:55:00Z
7
value 0.00243
scoring_system epss
scoring_elements 0.47636
published_at 2026-04-11T12:55:00Z
8
value 0.00243
scoring_system epss
scoring_elements 0.47621
published_at 2026-04-13T12:55:00Z
9
value 0.00243
scoring_system epss
scoring_elements 0.47679
published_at 2026-04-16T12:55:00Z
10
value 0.00243
scoring_system epss
scoring_elements 0.47671
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-7315
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7315
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7315
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4152
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4152
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7315
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7315
4
reference_url http://seclists.org/bugtraq/2013/Aug/154
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/bugtraq/2013/Aug/154
5
reference_url http://seclists.org/fulldisclosure/2013/Nov/14
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2013/Nov/14
6
reference_url https://github.com/spring-projects/spring-framework/commit/434735fbf6e7f9051af2ef027657edb99120b173
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/spring-projects/spring-framework/commit/434735fbf6e7f9051af2ef027657edb99120b173
7
reference_url https://github.com/spring-projects/spring-framework/commit/7576274874deeccb6da6b09a8d5bd62e8b5538b7
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/spring-projects/spring-framework/commit/7576274874deeccb6da6b09a8d5bd62e8b5538b7
8
reference_url https://github.com/spring-projects/spring-framework/issues/15432
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/spring-projects/spring-framework/issues/15432
9
reference_url https://jira.spring.io/browse/SPR-10806?redirect=false
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://jira.spring.io/browse/SPR-10806?redirect=false
10
reference_url http://www.debian.org/security/2014/dsa-2842
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2014/dsa-2842
11
reference_url http://www.securityfocus.com/bid/77998
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/77998
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=720902
reference_id 720902
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=720902
13
reference_url http://www.gopivotal.com/security/cve-2013-4152
reference_id CVE-2013-4152
reference_type
scores
url http://www.gopivotal.com/security/cve-2013-4152
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-7315
reference_id CVE-2013-7315
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-7315
15
reference_url https://github.com/advisories/GHSA-vp63-rrcm-9mph
reference_id GHSA-vp63-rrcm-9mph
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vp63-rrcm-9mph
fixed_packages
0
url pkg:maven/org.springframework/spring-oxm@3.2.4.RELEASE
purl pkg:maven/org.springframework/spring-oxm@3.2.4.RELEASE
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r384-aque-vqcw
1
vulnerability VCID-y3uz-etva-sufh
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework/spring-oxm@3.2.4.RELEASE
aliases CVE-2013-7315, GHSA-vp63-rrcm-9mph
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eer8-apxc-2ue6
3
url VCID-r384-aque-vqcw
vulnerability_id VCID-r384-aque-vqcw
summary When processing user provided XML documents, the Spring Framework 4.0.0 to 4.0.4, 3.0.0 to 3.2.8, and possibly earlier unsupported versions did not disable by default the resolution of URI references in a DTD declaration. This enabled an XXE attack.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0225.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0225.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0225
reference_id
reference_type
scores
0
value 0.00236
scoring_system epss
scoring_elements 0.46438
published_at 2026-04-01T12:55:00Z
1
value 0.00236
scoring_system epss
scoring_elements 0.46508
published_at 2026-04-21T12:55:00Z
2
value 0.00236
scoring_system epss
scoring_elements 0.46561
published_at 2026-04-18T12:55:00Z
3
value 0.00236
scoring_system epss
scoring_elements 0.46563
published_at 2026-04-16T12:55:00Z
4
value 0.00236
scoring_system epss
scoring_elements 0.46506
published_at 2026-04-13T12:55:00Z
5
value 0.00236
scoring_system epss
scoring_elements 0.46497
published_at 2026-04-12T12:55:00Z
6
value 0.00236
scoring_system epss
scoring_elements 0.46526
published_at 2026-04-11T12:55:00Z
7
value 0.00236
scoring_system epss
scoring_elements 0.46502
published_at 2026-04-09T12:55:00Z
8
value 0.00236
scoring_system epss
scoring_elements 0.46447
published_at 2026-04-07T12:55:00Z
9
value 0.00236
scoring_system epss
scoring_elements 0.46498
published_at 2026-04-04T12:55:00Z
10
value 0.00236
scoring_system epss
scoring_elements 0.46478
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0225
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0225
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0225
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0225
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0225
4
reference_url https://github.com/spring-projects/spring-framework/commit/44ee51a6c9c3734b3fcf9a20817117e86047d753
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/spring-projects/spring-framework/commit/44ee51a6c9c3734b3fcf9a20817117e86047d753
5
reference_url https://github.com/spring-projects/spring-framework/commit/8e096aeef55287dc829484996c9330cf755891a1
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/spring-projects/spring-framework/commit/8e096aeef55287dc829484996c9330cf755891a1
6
reference_url https://github.com/spring-projects/spring-framework/commit/c6503ebbf7c9e21ff022c58706dbac5417b2b5eb
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/spring-projects/spring-framework/commit/c6503ebbf7c9e21ff022c58706dbac5417b2b5eb
7
reference_url https://jira.spring.io/browse/SPR-11768
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://jira.spring.io/browse/SPR-11768
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1110110
reference_id 1110110
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1110110
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=753470
reference_id 753470
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=753470
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0225
reference_id CVE-2014-0225
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-0225
11
reference_url https://pivotal.io/security/cve-2014-0225
reference_id CVE-2014-0225
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://pivotal.io/security/cve-2014-0225
12
reference_url http://www.gopivotal.com/security/cve-2014-0225
reference_id CVE-2014-0225
reference_type
scores
url http://www.gopivotal.com/security/cve-2014-0225
13
reference_url https://github.com/advisories/GHSA-f93f-g33r-8pcp
reference_id GHSA-f93f-g33r-8pcp
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f93f-g33r-8pcp
14
reference_url https://access.redhat.com/errata/RHSA-2014:1351
reference_id RHSA-2014:1351
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1351
15
reference_url https://usn.ubuntu.com/USN-4774-1/
reference_id USN-USN-4774-1
reference_type
scores
url https://usn.ubuntu.com/USN-4774-1/
fixed_packages
0
url pkg:maven/org.springframework/spring-oxm@3.2.9.RELEASE
purl pkg:maven/org.springframework/spring-oxm@3.2.9.RELEASE
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-y3uz-etva-sufh
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework/spring-oxm@3.2.9.RELEASE
1
url pkg:maven/org.springframework/spring-oxm@4.0.5.RELEASE
purl pkg:maven/org.springframework/spring-oxm@4.0.5.RELEASE
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-y3uz-etva-sufh
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework/spring-oxm@4.0.5.RELEASE
aliases CVE-2014-0225, GHSA-f93f-g33r-8pcp
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r384-aque-vqcw
4
url VCID-y3uz-etva-sufh
vulnerability_id VCID-y3uz-etva-sufh
summary 
Improper Input Validation in Spring Framework
In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5.0.18, 4.3.0 - 4.3.28, and older unsupported versions, the protections against RFD attacks from CVE-2015-5211 may be bypassed depending on the browser used through the use of a jsessionid path parameter.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-5421.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-5421.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-5421
reference_id
reference_type
scores
0
value 0.63828
scoring_system epss
scoring_elements 0.98431
published_at 2026-04-21T12:55:00Z
1
value 0.63828
scoring_system epss
scoring_elements 0.98432
published_at 2026-04-16T12:55:00Z
2
value 0.63828
scoring_system epss
scoring_elements 0.98427
published_at 2026-04-13T12:55:00Z
3
value 0.63828
scoring_system epss
scoring_elements 0.98424
published_at 2026-04-09T12:55:00Z
4
value 0.63828
scoring_system epss
scoring_elements 0.98423
published_at 2026-04-08T12:55:00Z
5
value 0.63828
scoring_system epss
scoring_elements 0.9842
published_at 2026-04-07T12:55:00Z
6
value 0.63828
scoring_system epss
scoring_elements 0.98417
published_at 2026-04-04T12:55:00Z
7
value 0.63828
scoring_system epss
scoring_elements 0.98414
published_at 2026-04-02T12:55:00Z
8
value 0.63828
scoring_system epss
scoring_elements 0.98412
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-5421
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5421
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5421
3
reference_url https://lists.apache.org/thread.html/r1c679c43fa4f7846d748a937955c7921436d1b315445978254442163@%3Ccommits.ambari.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r1c679c43fa4f7846d748a937955c7921436d1b315445978254442163@%3Ccommits.ambari.apache.org%3E
4
reference_url https://lists.apache.org/thread.html/r1eccdbd7986618a7319ee7a533bd9d9bf6e8678e59dd4cca9b5b2d7a@%3Cissues.ambari.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r1eccdbd7986618a7319ee7a533bd9d9bf6e8678e59dd4cca9b5b2d7a@%3Cissues.ambari.apache.org%3E
5
reference_url https://lists.apache.org/thread.html/r3589ed0d18edeb79028615080d5a0e8878856436bb91774a3196d9eb@%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3589ed0d18edeb79028615080d5a0e8878856436bb91774a3196d9eb@%3Ccommits.pulsar.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/r503e64b43a57fd68229cac4a869d1a9a2eac9e75f8719cad3a840211@%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r503e64b43a57fd68229cac4a869d1a9a2eac9e75f8719cad3a840211@%3Ccommits.pulsar.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/r5c95eff679dfc642e9e4ab5ac6d202248a59cb1e9457cfbe8b729ac5@%3Cissues.ambari.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r5c95eff679dfc642e9e4ab5ac6d202248a59cb1e9457cfbe8b729ac5@%3Cissues.ambari.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/r7e6a213eea7f04fc6d9e3bd6eb8d68c4df92a22e956e95cb2c482865@%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r7e6a213eea7f04fc6d9e3bd6eb8d68c4df92a22e956e95cb2c482865@%3Cissues.hive.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/r8b496b1743d128e6861ee0ed3c3c48cc56c505b38f84fa5baf7ae33a@%3Cdev.ambari.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r8b496b1743d128e6861ee0ed3c3c48cc56c505b38f84fa5baf7ae33a@%3Cdev.ambari.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r918caad55dcc640a16753b00d8d6acb90b4e36de4b6156d0867246ec@%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r918caad55dcc640a16753b00d8d6acb90b4e36de4b6156d0867246ec@%3Ccommits.pulsar.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/r9f13cccb214495e14648d2c9b8f2c6072fd5219e74502dd35ede81e1@%3Cdev.ambari.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9f13cccb214495e14648d2c9b8f2c6072fd5219e74502dd35ede81e1@%3Cdev.ambari.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/ra889d95141059c6cbe77dd80249bb488ae53b274b5f3abad09d9511d@%3Cuser.ignite.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ra889d95141059c6cbe77dd80249bb488ae53b274b5f3abad09d9511d@%3Cuser.ignite.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/raf7ca57033e537e4f9d7df7f192fa6968c1e49409b2348e08d807ccb@%3Cuser.ignite.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/raf7ca57033e537e4f9d7df7f192fa6968c1e49409b2348e08d807ccb@%3Cuser.ignite.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/rb18ed999153ef0f0cb7af03efe0046c42c7242fd77fbd884a75ecfdc@%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb18ed999153ef0f0cb7af03efe0046c42c7242fd77fbd884a75ecfdc@%3Ccommits.pulsar.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/rc9efaf6db98bee19db1bc911d0fa442287dac5cb229d4aaa08b6a13d@%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rc9efaf6db98bee19db1bc911d0fa442287dac5cb229d4aaa08b6a13d@%3Cissues.hive.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/rd462a8b0dfab4c15e67c0672cd3c211ecd0e4f018f824082ed54f665@%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rd462a8b0dfab4c15e67c0672cd3c211ecd0e4f018f824082ed54f665@%3Cissues.hive.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/re014a49d77f038ba70e5e9934d400af6653e8c9ac110d32b1254127e@%3Cdev.ranger.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/re014a49d77f038ba70e5e9934d400af6653e8c9ac110d32b1254127e@%3Cdev.ranger.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/rf00d8f4101a1c1ea4de6ea1e09ddf7472cfd306745c90d6da87ae074@%3Cdev.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf00d8f4101a1c1ea4de6ea1e09ddf7472cfd306745c90d6da87ae074@%3Cdev.hive.apache.org%3E
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-5421
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-5421
20
reference_url https://security.netapp.com/advisory/ntap-20210513-0009
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210513-0009
21
reference_url https://security.netapp.com/advisory/ntap-20210513-0009/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20210513-0009/
22
reference_url https://tanzu.vmware.com/security/cve-2020-5421
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tanzu.vmware.com/security/cve-2020-5421
23
reference_url https://www.oracle.com/security-alerts/cpuApr2021.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuApr2021.html
24
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2022.html
25
reference_url https://www.oracle.com/security-alerts/cpujan2021.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2021.html
26
reference_url https://www.oracle.com/security-alerts/cpujan2022.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2022.html
27
reference_url https://www.oracle.com//security-alerts/cpujul2021.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com//security-alerts/cpujul2021.html
28
reference_url https://www.oracle.com/security-alerts/cpuoct2021.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2021.html
29
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1881158
reference_id 1881158
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1881158
30
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973381
reference_id 973381
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973381
31
reference_url https://github.com/advisories/GHSA-rv39-3qh7-9v7w
reference_id GHSA-rv39-3qh7-9v7w
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rv39-3qh7-9v7w
fixed_packages
0
url pkg:maven/org.springframework/spring-oxm@4.2.9.RELEASE
purl pkg:maven/org.springframework/spring-oxm@4.2.9.RELEASE
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework/spring-oxm@4.2.9.RELEASE
1
url pkg:maven/org.springframework/spring-oxm@4.3.28.RELEASE
purl pkg:maven/org.springframework/spring-oxm@4.3.28.RELEASE
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework/spring-oxm@4.3.28.RELEASE
2
url pkg:maven/org.springframework/spring-oxm@4.3.29.RELEASE
purl pkg:maven/org.springframework/spring-oxm@4.3.29.RELEASE
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework/spring-oxm@4.3.29.RELEASE
3
url pkg:maven/org.springframework/spring-oxm@5.0.18.RELEASE
purl pkg:maven/org.springframework/spring-oxm@5.0.18.RELEASE
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework/spring-oxm@5.0.18.RELEASE
4
url pkg:maven/org.springframework/spring-oxm@5.0.19.RELEASE
purl pkg:maven/org.springframework/spring-oxm@5.0.19.RELEASE
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework/spring-oxm@5.0.19.RELEASE
5
url pkg:maven/org.springframework/spring-oxm@5.1.17.RELEASE
purl pkg:maven/org.springframework/spring-oxm@5.1.17.RELEASE
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework/spring-oxm@5.1.17.RELEASE
6
url pkg:maven/org.springframework/spring-oxm@5.1.18.RELEASE
purl pkg:maven/org.springframework/spring-oxm@5.1.18.RELEASE
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework/spring-oxm@5.1.18.RELEASE
7
url pkg:maven/org.springframework/spring-oxm@5.2.8.RELEASE
purl pkg:maven/org.springframework/spring-oxm@5.2.8.RELEASE
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework/spring-oxm@5.2.8.RELEASE
8
url pkg:maven/org.springframework/spring-oxm@5.2.9.RELEASE
purl pkg:maven/org.springframework/spring-oxm@5.2.9.RELEASE
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework/spring-oxm@5.2.9.RELEASE
aliases CVE-2020-5421, GHSA-rv39-3qh7-9v7w
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y3uz-etva-sufh
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.springframework/spring-oxm@3.1.0.RELEASE