Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.hibernate/hibernate-validator@4.2.0.CR1
Typemaven
Namespaceorg.hibernate
Namehibernate-validator
Version4.2.0.CR1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version6.2.0.Final
Latest_non_vulnerable_version7.0.0.CR1
Affected_by_vulnerabilities
0
url VCID-5e9m-sekg-73a5
vulnerability_id VCID-5e9m-sekg-73a5
summary ReflectionHelper (org.hibernate.validator.util.ReflectionHelper) in Hibernate Validator 4.1.0 before 4.2.1, 4.3.x before 4.3.2, and 5.x before 5.1.2 allows attackers to bypass Java Security Manager (JSM) restrictions and execute restricted reflection calls via a crafted application.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2014-1285.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1285.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2014-1286.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1286.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2014-1287.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1287.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2014-1288.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1288.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2015-0125.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0125.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2015-0720.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0720.html
6
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3558.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3558.json
7
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3558
reference_id
reference_type
scores
0
value 0.00532
scoring_system epss
scoring_elements 0.67288
published_at 2026-04-13T12:55:00Z
1
value 0.00532
scoring_system epss
scoring_elements 0.67213
published_at 2026-04-01T12:55:00Z
2
value 0.00532
scoring_system epss
scoring_elements 0.6725
published_at 2026-04-02T12:55:00Z
3
value 0.00532
scoring_system epss
scoring_elements 0.67274
published_at 2026-04-04T12:55:00Z
4
value 0.00532
scoring_system epss
scoring_elements 0.67251
published_at 2026-04-07T12:55:00Z
5
value 0.00532
scoring_system epss
scoring_elements 0.67303
published_at 2026-04-08T12:55:00Z
6
value 0.00532
scoring_system epss
scoring_elements 0.67316
published_at 2026-04-09T12:55:00Z
7
value 0.00532
scoring_system epss
scoring_elements 0.67336
published_at 2026-04-11T12:55:00Z
8
value 0.00532
scoring_system epss
scoring_elements 0.67323
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3558
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3558
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3558
9
reference_url https://github.com/hibernate/hibernate-validator
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/hibernate/hibernate-validator
10
reference_url https://github.com/hibernate/hibernate-validator/commit/2c95d4ea0ef20977be249e31a4a4f4f4f71c945d
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/hibernate/hibernate-validator/commit/2c95d4ea0ef20977be249e31a4a4f4f4f71c945d
11
reference_url https://github.com/hibernate/hibernate-validator/commit/67fdff14831c035c25e098fe14bd86523d17f726
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/hibernate/hibernate-validator/commit/67fdff14831c035c25e098fe14bd86523d17f726
12
reference_url https://github.com/hibernate/hibernate-validator/commit/7e7131939a4361a7cad3e77ab89a8462132c561c
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/hibernate/hibernate-validator/commit/7e7131939a4361a7cad3e77ab89a8462132c561c
13
reference_url https://github.com/hibernate/hibernate-validator/commit/c489416f699a46859c134796b3ccfea41ef3ce52
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/hibernate/hibernate-validator/commit/c489416f699a46859c134796b3ccfea41ef3ce52
14
reference_url https://github.com/hibernate/hibernate-validator/commit/c9525ca544b1281e2b7c7347e86e87c86dc1dc6e
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/hibernate/hibernate-validator/commit/c9525ca544b1281e2b7c7347e86e87c86dc1dc6e
15
reference_url https://github.com/hibernate/hibernate-validator/commit/e8c42b689df8c6752d635d02c6518da3fece3870
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/hibernate/hibernate-validator/commit/e8c42b689df8c6752d635d02c6518da3fece3870
16
reference_url https://github.com/hibernate/hibernate-validator/commit/f97c2021a03c825abdeca1692f5be51e77e76a8f
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/hibernate/hibernate-validator/commit/f97c2021a03c825abdeca1692f5be51e77e76a8f
17
reference_url https://github.com/hibernate/hibernate-validator/commit/fd4eaed7fb930db6a5e4c03742b4b3adcfecc90e
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/hibernate/hibernate-validator/commit/fd4eaed7fb930db6a5e4c03742b4b3adcfecc90e
18
reference_url https://github.com/victims/victims-cve-db/blob/master/database/java/2014/3558.yaml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/victims/victims-cve-db/blob/master/database/java/2014/3558.yaml
19
reference_url https://hibernate.atlassian.net/browse/HV-912
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://hibernate.atlassian.net/browse/HV-912
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-3558
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-3558
21
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1120495
reference_id 1120495
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1120495
22
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762690
reference_id 762690
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762690
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:hibernate_validator:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:hibernate_validator:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:hibernate_validator:*:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:hibernate_validator:4.1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:hibernate_validator:4.1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:hibernate_validator:4.1.0:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:hibernate_validator:4.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:hibernate_validator:4.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:hibernate_validator:4.2.0:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:hibernate_validator:4.2.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:hibernate_validator:4.2.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:hibernate_validator:4.2.0:beta1:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:hibernate_validator:4.2.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:hibernate_validator:4.2.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:hibernate_validator:4.2.0:beta2:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:hibernate_validator:4.2.0:cr1:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:hibernate_validator:4.2.0:cr1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:hibernate_validator:4.2.0:cr1:*:*:*:*:*:*
29
reference_url https://bugzilla.redhat.com/CVE-2014-3558
reference_id CVE-2014-3558
reference_type
scores
url https://bugzilla.redhat.com/CVE-2014-3558
30
reference_url https://github.com/advisories/GHSA-845h-985r-jrqh
reference_id GHSA-845h-985r-jrqh
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-845h-985r-jrqh
31
reference_url https://access.redhat.com/errata/RHSA-2014:1285
reference_id RHSA-2014:1285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1285
32
reference_url https://access.redhat.com/errata/RHSA-2014:1286
reference_id RHSA-2014:1286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1286
33
reference_url https://access.redhat.com/errata/RHSA-2014:1287
reference_id RHSA-2014:1287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1287
34
reference_url https://access.redhat.com/errata/RHSA-2014:1288
reference_id RHSA-2014:1288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1288
35
reference_url https://access.redhat.com/errata/RHSA-2015:0125
reference_id RHSA-2015:0125
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0125
36
reference_url https://access.redhat.com/errata/RHSA-2015:0234
reference_id RHSA-2015:0234
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0234
37
reference_url https://access.redhat.com/errata/RHSA-2015:0235
reference_id RHSA-2015:0235
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0235
38
reference_url https://access.redhat.com/errata/RHSA-2015:0720
reference_id RHSA-2015:0720
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0720
fixed_packages
0
url pkg:maven/org.hibernate/hibernate-validator@4.2.1
purl pkg:maven/org.hibernate/hibernate-validator@4.2.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.hibernate/hibernate-validator@4.2.1
1
url pkg:maven/org.hibernate/hibernate-validator@4.3.2
purl pkg:maven/org.hibernate/hibernate-validator@4.3.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.hibernate/hibernate-validator@4.3.2
2
url pkg:maven/org.hibernate/hibernate-validator@4.3.2.Final
purl pkg:maven/org.hibernate/hibernate-validator@4.3.2.Final
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gghq-w7r9-57hs
1
vulnerability VCID-gvv3-4r9v-7kau
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.hibernate/hibernate-validator@4.3.2.Final
3
url pkg:maven/org.hibernate/hibernate-validator@5.1.2
purl pkg:maven/org.hibernate/hibernate-validator@5.1.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.hibernate/hibernate-validator@5.1.2
4
url pkg:maven/org.hibernate/hibernate-validator@5.2.1.Final
purl pkg:maven/org.hibernate/hibernate-validator@5.2.1.Final
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gghq-w7r9-57hs
1
vulnerability VCID-gvv3-4r9v-7kau
2
vulnerability VCID-pd7m-bhqf-kkge
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.hibernate/hibernate-validator@5.2.1.Final
aliases CVE-2014-3558, GHSA-845h-985r-jrqh
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5e9m-sekg-73a5
1
url VCID-gghq-w7r9-57hs
vulnerability_id VCID-gghq-w7r9-57hs
summary 
hibernate-validator Cross-site Scripting vulnerability
A flaw was found in hibernate-validator's 'isValid' method in the org.hibernate.validator.internal.constraintvalidators.hv.SafeHtmlValidator class, which can be bypassed by omitting the tag ending in a less-than character. Browsers may render an invalid html, allowing HTML injection or Cross-Site-Scripting (XSS) attacks.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1932.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1932.json
1
reference_url https://access.redhat.com/security/cve/CVE-2023-1932
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-07T14:09:13Z/
url https://access.redhat.com/security/cve/CVE-2023-1932
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-1932
reference_id
reference_type
scores
0
value 0.00846
scoring_system epss
scoring_elements 0.7486
published_at 2026-04-16T12:55:00Z
1
value 0.00846
scoring_system epss
scoring_elements 0.74783
published_at 2026-04-02T12:55:00Z
2
value 0.00846
scoring_system epss
scoring_elements 0.74811
published_at 2026-04-04T12:55:00Z
3
value 0.00846
scoring_system epss
scoring_elements 0.74784
published_at 2026-04-07T12:55:00Z
4
value 0.00846
scoring_system epss
scoring_elements 0.74817
published_at 2026-04-08T12:55:00Z
5
value 0.00846
scoring_system epss
scoring_elements 0.74831
published_at 2026-04-09T12:55:00Z
6
value 0.00846
scoring_system epss
scoring_elements 0.74855
published_at 2026-04-11T12:55:00Z
7
value 0.00846
scoring_system epss
scoring_elements 0.74834
published_at 2026-04-12T12:55:00Z
8
value 0.00846
scoring_system epss
scoring_elements 0.74824
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-1932
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1809444
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-07T14:09:13Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=1809444
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1932
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1932
5
reference_url https://github.com/hibernate/hibernate-validator
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/hibernate/hibernate-validator
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-1932
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-1932
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063540
reference_id 1063540
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063540
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:amq_broker:7
reference_id cpe:/a:redhat:amq_broker:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:amq_broker:7
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:a_mq_clients:2
reference_id cpe:/a:redhat:a_mq_clients:2
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:a_mq_clients:2
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:amq_online:1
reference_id cpe:/a:redhat:amq_online:1
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:amq_online:1
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:amq_streams:1
reference_id cpe:/a:redhat:amq_streams:1
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:amq_streams:1
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:cryostat:2
reference_id cpe:/a:redhat:cryostat:2
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:cryostat:2
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_grid:7
reference_id cpe:/a:redhat:jboss_data_grid:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_grid:7
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_grid:8
reference_id cpe:/a:redhat:jboss_data_grid:8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_grid:8
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_virtualization:6
reference_id cpe:/a:redhat:jboss_data_virtualization:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_virtualization:6
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_developer_studio:12.
reference_id cpe:/a:redhat:jboss_developer_studio:12.
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_developer_studio:12.
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:5
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:5
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:5
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:6
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:6
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform_cd
reference_id cpe:/a:redhat:jboss_enterprise_application_platform_cd
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform_cd
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_bpms_platform:6
reference_id cpe:/a:redhat:jboss_enterprise_bpms_platform:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_bpms_platform:6
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_bpms_platform:7
reference_id cpe:/a:redhat:jboss_enterprise_bpms_platform:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_bpms_platform:7
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_brms_platform:5
reference_id cpe:/a:redhat:jboss_enterprise_brms_platform:5
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_brms_platform:5
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_brms_platform:7
reference_id cpe:/a:redhat:jboss_enterprise_brms_platform:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_brms_platform:7
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_soa_platform:5
reference_id cpe:/a:redhat:jboss_enterprise_soa_platform:5
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_soa_platform:5
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_fuse:6
reference_id cpe:/a:redhat:jboss_fuse:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_fuse:6
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_fuse:7
reference_id cpe:/a:redhat:jboss_fuse:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_fuse:7
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_fuse_service_works:6
reference_id cpe:/a:redhat:jboss_fuse_service_works:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_fuse_service_works:6
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_operations_network:3
reference_id cpe:/a:redhat:jboss_operations_network:3
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_operations_network:3
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_application_runtimes:1.0
reference_id cpe:/a:redhat:openshift_application_runtimes:1.0
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_application_runtimes:1.0
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:10
reference_id cpe:/a:redhat:openstack:10
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:10
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:13
reference_id cpe:/a:redhat:openstack:13
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:13
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7
reference_id cpe:/a:redhat:red_hat_single_sign_on:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:satellite:6
reference_id cpe:/a:redhat:satellite:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:satellite:6
35
reference_url https://github.com/advisories/GHSA-x83m-pf6f-pf9g
reference_id GHSA-x83m-pf6f-pf9g
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x83m-pf6f-pf9g
fixed_packages
0
url pkg:maven/org.hibernate/hibernate-validator@6.2.0.Final
purl pkg:maven/org.hibernate/hibernate-validator@6.2.0.Final
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.hibernate/hibernate-validator@6.2.0.Final
aliases CVE-2023-1932, GHSA-x83m-pf6f-pf9g
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gghq-w7r9-57hs
2
url VCID-gvv3-4r9v-7kau
vulnerability_id VCID-gvv3-4r9v-7kau
summary 
Hibernate Validator may interpolate user-supplied input in a constraint violation message with Expression Language
Hibernate Validator before 6.2.0 and 7.0.0, by default and depending how it is used, may interpolate user-supplied input in a constraint violation message with Expression Language. This could allow an attacker to access sensitive information or execute arbitrary Java code. Hibernate Validator as of 6.2.0 and 7.0.0 no longer interpolates custom constraint violation messages with Expression Language and strongly recommends not allowing user-supplied input in constraint violation messages. CVE-2020-5245 and CVE-2025-4428 are examples of related, downstream vulnerabilities involving Expression Language intepolation of user-supplied data.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-35036.json
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-35036.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-35036
reference_id
reference_type
scores
0
value 0.01693
scoring_system epss
scoring_elements 0.8229
published_at 2026-04-16T12:55:00Z
1
value 0.01693
scoring_system epss
scoring_elements 0.82253
published_at 2026-04-13T12:55:00Z
2
value 0.01693
scoring_system epss
scoring_elements 0.82259
published_at 2026-04-12T12:55:00Z
3
value 0.01693
scoring_system epss
scoring_elements 0.82196
published_at 2026-04-02T12:55:00Z
4
value 0.01693
scoring_system epss
scoring_elements 0.82266
published_at 2026-04-11T12:55:00Z
5
value 0.01693
scoring_system epss
scoring_elements 0.82246
published_at 2026-04-09T12:55:00Z
6
value 0.01693
scoring_system epss
scoring_elements 0.82239
published_at 2026-04-08T12:55:00Z
7
value 0.01693
scoring_system epss
scoring_elements 0.82212
published_at 2026-04-07T12:55:00Z
8
value 0.01693
scoring_system epss
scoring_elements 0.82217
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-35036
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-35036
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-35036
3
reference_url https://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/#section-hibernateconstraintvalidatorcontext
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:41:11Z/
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:00:12Z/
url https://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/#section-hibernateconstraintvalidatorcontext
4
reference_url https://github.com/hibernate/hibernate-validator
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/hibernate/hibernate-validator
5
reference_url https://github.com/hibernate/hibernate-validator/commit/05f795bb7cf18856004f40e5042709e550ed0d6e
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:00:12Z/
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:41:11Z/
url https://github.com/hibernate/hibernate-validator/commit/05f795bb7cf18856004f40e5042709e550ed0d6e
6
reference_url https://github.com/hibernate/hibernate-validator/commit/254858d9dcc4e7cd775d1b0f47f482218077c5e1
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:41:11Z/
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:00:12Z/
url https://github.com/hibernate/hibernate-validator/commit/254858d9dcc4e7cd775d1b0f47f482218077c5e1
7
reference_url https://github.com/hibernate/hibernate-validator/commit/d2db40b9e7d22c7a0b44d7665242dfc7b4d14d78
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:00:12Z/
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:41:11Z/
url https://github.com/hibernate/hibernate-validator/commit/d2db40b9e7d22c7a0b44d7665242dfc7b4d14d78
8
reference_url https://github.com/hibernate/hibernate-validator/commit/e076293b0ee1bfa97b6e67d05ad9eee1ad77e893
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:00:12Z/
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:41:11Z/
url https://github.com/hibernate/hibernate-validator/commit/e076293b0ee1bfa97b6e67d05ad9eee1ad77e893
9
reference_url https://github.com/hibernate/hibernate-validator/compare/6.1.7.Final...6.2.0.Final
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:00:12Z/
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:41:11Z/
url https://github.com/hibernate/hibernate-validator/compare/6.1.7.Final...6.2.0.Final
10
reference_url https://github.com/hibernate/hibernate-validator/pull/1138
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:00:12Z/
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:41:11Z/
url https://github.com/hibernate/hibernate-validator/pull/1138
11
reference_url https://hibernate.atlassian.net/browse/HV-1816
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:00:12Z/
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:41:11Z/
url https://hibernate.atlassian.net/browse/HV-1816
12
reference_url https://hibernate.org/validator/documentation/migration-guide/#6-2-0-cr1
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:41:11Z/
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:00:12Z/
url https://hibernate.org/validator/documentation/migration-guide/#6-2-0-cr1
13
reference_url https://in.relation.to/2021/01/06/hibernate-validator-700-62-final-released/#expression-language
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:41:11Z/
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:00:12Z/
url https://in.relation.to/2021/01/06/hibernate-validator-700-62-final-released/#expression-language
14
reference_url https://labs.watchtowr.com/expression-payloads-meet-mayhem-cve-2025-4427-and-cve-2025-4428
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://labs.watchtowr.com/expression-payloads-meet-mayhem-cve-2025-4427-and-cve-2025-4428
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-35036
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-35036
16
reference_url https://www.cve.org/CVERecord?id=CVE-2020-5245
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:41:11Z/
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:00:12Z/
url https://www.cve.org/CVERecord?id=CVE-2020-5245
17
reference_url https://www.cve.org/CVERecord?id=CVE-2025-4428
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:00:12Z/
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:41:11Z/
url https://www.cve.org/CVERecord?id=CVE-2025-4428
18
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107517
reference_id 1107517
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107517
19
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107518
reference_id 1107518
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107518
20
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2370118
reference_id 2370118
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2370118
21
reference_url https://labs.watchtowr.com/expression-payloads-meet-mayhem-cve-2025-4427-and-cve-2025-4428/
reference_id expression-payloads-meet-mayhem-cve-2025-4427-and-cve-2025-4428
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:41:11Z/
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:00:12Z/
url https://labs.watchtowr.com/expression-payloads-meet-mayhem-cve-2025-4427-and-cve-2025-4428/
22
reference_url https://github.com/advisories/GHSA-7v6m-28jr-rg84
reference_id GHSA-7v6m-28jr-rg84
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7v6m-28jr-rg84
23
reference_url https://access.redhat.com/errata/RHSA-2025:10931
reference_id RHSA-2025:10931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10931
fixed_packages
0
url pkg:maven/org.hibernate/hibernate-validator@6.2.0.CR1
purl pkg:maven/org.hibernate/hibernate-validator@6.2.0.CR1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gghq-w7r9-57hs
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.hibernate/hibernate-validator@6.2.0.CR1
1
url pkg:maven/org.hibernate/hibernate-validator@7.0.0.CR1
purl pkg:maven/org.hibernate/hibernate-validator@7.0.0.CR1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.hibernate/hibernate-validator@7.0.0.CR1
aliases CVE-2025-35036, GHSA-7v6m-28jr-rg84
risk_score 3.3
exploitability 0.5
weighted_severity 6.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gvv3-4r9v-7kau
Fixing_vulnerabilities
Risk_score3.3
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.hibernate/hibernate-validator@4.2.0.CR1