Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/eap7-wildfly@7.0.9-4.GA_redhat_3.1.ep7?arch=el7
Typerpm
Namespaceredhat
Nameeap7-wildfly
Version7.0.9-4.GA_redhat_3.1.ep7
Qualifiers
arch el7
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-1ppw-bka2-qbdy
vulnerability_id VCID-1ppw-bka2-qbdy
summary jboss: unsafe chown of server.log in jboss init script allows privilege escalation (Incomplete fix for CVE-2016-8656)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12189.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12189.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-12189
reference_id
reference_type
scores
0
value 0.00049
scoring_system epss
scoring_elements 0.15641
published_at 2026-06-04T12:55:00Z
1
value 0.00049
scoring_system epss
scoring_elements 0.15721
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-12189
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1499631
reference_id 1499631
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1499631
fixed_packages
aliases CVE-2017-12189
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1ppw-bka2-qbdy
1
url VCID-k2d4-d6dd-wkb9
vulnerability_id VCID-k2d4-d6dd-wkb9
summary EAP-7: Wrong privileges on multiple property files
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12167.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12167.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-12167
reference_id
reference_type
scores
0
value 0.00051
scoring_system epss
scoring_elements 0.16411
published_at 2026-06-04T12:55:00Z
1
value 0.00051
scoring_system epss
scoring_elements 0.16493
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-12167
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1491612
reference_id 1491612
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1491612
fixed_packages
aliases CVE-2017-12167
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k2d4-d6dd-wkb9
2
url VCID-kbwr-xd1h-sbbs
vulnerability_id VCID-kbwr-xd1h-sbbs
summary 
Inconsistent Interpretation of HTTP Requests in Red Hat JBoss EAP
Red Hat JBoss EAP version 3.0.7.Final until 3.0.25.Final, 3.5.0.CR1, and 4.0.0.Beta1 is vulnerable to a server-side cache poisoning or CORS requests in the JAX-RS component resulting in a moderate impact.
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:0002
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0002
1
reference_url https://access.redhat.com/errata/RHSA-2018:0003
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0003
2
reference_url https://access.redhat.com/errata/RHSA-2018:0004
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0004
3
reference_url https://access.redhat.com/errata/RHSA-2018:0005
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0005
4
reference_url https://access.redhat.com/errata/RHSA-2018:0478
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0478
5
reference_url https://access.redhat.com/errata/RHSA-2018:0479
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0479
6
reference_url https://access.redhat.com/errata/RHSA-2018:0480
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0480
7
reference_url https://access.redhat.com/errata/RHSA-2018:0481
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0481
8
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7561.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7561.json
9
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7561
reference_id
reference_type
scores
0
value 0.01074
scoring_system epss
scoring_elements 0.78138
published_at 2026-06-05T12:55:00Z
1
value 0.01074
scoring_system epss
scoring_elements 0.78112
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7561
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7561
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7561
11
reference_url https://github.com/resteasy/Resteasy
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/resteasy/Resteasy
12
reference_url https://issues.jboss.org/browse/RESTEASY-1704
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://issues.jboss.org/browse/RESTEASY-1704
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1483823
reference_id 1483823
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1483823
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873392
reference_id 873392
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873392
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908836
reference_id 908836
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908836
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7561
reference_id CVE-2017-7561
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-7561
17
reference_url https://github.com/advisories/GHSA-57q5-x8jf-g7h8
reference_id GHSA-57q5-x8jf-g7h8
reference_type
scores
url https://github.com/advisories/GHSA-57q5-x8jf-g7h8
fixed_packages
aliases CVE-2017-7561, GHSA-57q5-x8jf-g7h8
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kbwr-xd1h-sbbs
3
url VCID-pj5d-vfar-q7ac
vulnerability_id VCID-pj5d-vfar-q7ac
summary 
Uncontrolled Resource Consumption
RESTEasy enables `GZIPInterceptor`, which allows remote attackers to cause a denial of service via unspecified vectors.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6346.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6346.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6346
reference_id
reference_type
scores
0
value 0.01184
scoring_system epss
scoring_elements 0.79142
published_at 2026-06-05T12:55:00Z
1
value 0.01184
scoring_system epss
scoring_elements 0.79116
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6346
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1372120
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1372120
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6346
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6346
4
reference_url https://github.com/resteasy/Resteasy
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/resteasy/Resteasy
5
reference_url https://github.com/resteasy/resteasy/pull/1303
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/resteasy/resteasy/pull/1303
6
reference_url https://issues.jboss.org/browse/JBEAP-11180
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://issues.jboss.org/browse/JBEAP-11180
7
reference_url http://www.securityfocus.com/bid/92744
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/92744
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=837170
reference_id 837170
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=837170
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-6346
reference_id CVE-2016-6346
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-6346
10
reference_url https://access.redhat.com/errata/RHSA-2017:0517
reference_id RHSA-2017:0517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0517
11
reference_url https://access.redhat.com/errata/RHSA-2017:0826
reference_id RHSA-2017:0826
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0826
12
reference_url https://access.redhat.com/errata/RHSA-2017:0827
reference_id RHSA-2017:0827
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0827
13
reference_url https://access.redhat.com/errata/RHSA-2017:0828
reference_id RHSA-2017:0828
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0828
14
reference_url https://access.redhat.com/errata/RHSA-2017:0829
reference_id RHSA-2017:0829
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0829
15
reference_url https://usn.ubuntu.com/7630-1/
reference_id USN-7630-1
reference_type
scores
url https://usn.ubuntu.com/7630-1/
fixed_packages
aliases CVE-2016-6346, GHSA-wxvr-vqfp-9cqw
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pj5d-vfar-q7ac
4
url VCID-pkzf-4u9a-c3hq
vulnerability_id VCID-pkzf-4u9a-c3hq
summary 
Inconsistent Interpretation of HTTP Requests (HTTP Request Smuggling)
Invalid characters are allowed in query strings and path parameters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack, or obtain sensitive information from requests other than their own.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7559.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7559.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7559
reference_id
reference_type
scores
0
value 0.01128
scoring_system epss
scoring_elements 0.78671
published_at 2026-06-05T12:55:00Z
1
value 0.01128
scoring_system epss
scoring_elements 0.78644
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7559
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7559
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7559
3
reference_url https://github.com/undertow-io/undertow
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/undertow-io/undertow
4
reference_url https://issues.jboss.org/browse/UNDERTOW-1251
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://issues.jboss.org/browse/UNDERTOW-1251
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1481665
reference_id 1481665
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1481665
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885576
reference_id 885576
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885576
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7559
reference_id CVE-2017-7559
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-7559
8
reference_url https://github.com/advisories/GHSA-rj76-h87p-r3wf
reference_id GHSA-rj76-h87p-r3wf
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rj76-h87p-r3wf
fixed_packages
aliases CVE-2017-7559, GHSA-rj76-h87p-r3wf
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pkzf-4u9a-c3hq
5
url VCID-vwcx-hrtg-pygs
vulnerability_id VCID-vwcx-hrtg-pygs
summary 
Inconsistent Interpretation of HTTP Requests (HTTP Request Smuggling)
It was discovered that Undertow processes http request headers with unusual whitespaces which can cause possible http request smuggling.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12165.json
reference_id
reference_type
scores
0
value 2.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12165.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-12165
reference_id
reference_type
scores
0
value 0.01096
scoring_system epss
scoring_elements 0.78369
published_at 2026-06-05T12:55:00Z
1
value 0.01096
scoring_system epss
scoring_elements 0.78343
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-12165
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12165
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12165
3
reference_url https://github.com/undertow-io/undertow
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/undertow-io/undertow
4
reference_url https://github.com/undertow-io/undertow/commit/1e72647818c9fb31b693a953b1ae595a6c82eb7f
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/undertow-io/undertow/commit/1e72647818c9fb31b693a953b1ae595a6c82eb7f
5
reference_url https://github.com/undertow-io/undertow/commit/5b008b7ac312c6cdb76679ff58c43620bb79d44f
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/undertow-io/undertow/commit/5b008b7ac312c6cdb76679ff58c43620bb79d44f
6
reference_url https://github.com/undertow-io/undertow/commit/691440ee58259fba76711b60d56dde6679808bdc
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/undertow-io/undertow/commit/691440ee58259fba76711b60d56dde6679808bdc
7
reference_url https://issues.redhat.com/browse/UNDERTOW-1251
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://issues.redhat.com/browse/UNDERTOW-1251
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1490301
reference_id 1490301
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1490301
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885338
reference_id 885338
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885338
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-12165
reference_id CVE-2017-12165
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-12165
11
reference_url https://github.com/advisories/GHSA-5gg7-5wv8-4gcj
reference_id GHSA-5gg7-5wv8-4gcj
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5gg7-5wv8-4gcj
fixed_packages
aliases CVE-2017-12165, GHSA-5gg7-5wv8-4gcj
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vwcx-hrtg-pygs
6
url VCID-zseq-ezs2-wbhu
vulnerability_id VCID-zseq-ezs2-wbhu
summary Remote code execution is possible in Apache Solr.
references
0
reference_url http://mail-archives.us.apache.org/mod_mbox/www-announce/201710.mbox/%3CCAOOKt51UO_6Vy%3Dj8W%3Dx1pMbLW9VJfZyFWz7pAnXJC_OAdSZubA%40mail.gmail.com%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://mail-archives.us.apache.org/mod_mbox/www-announce/201710.mbox/%3CCAOOKt51UO_6Vy%3Dj8W%3Dx1pMbLW9VJfZyFWz7pAnXJC_OAdSZubA%40mail.gmail.com%3E
1
reference_url http://openwall.com/lists/oss-security/2017/10/13/1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2017/10/13/1
2
reference_url https://access.redhat.com/errata/RHSA-2017:3123
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3123
3
reference_url https://access.redhat.com/errata/RHSA-2017:3124
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3124
4
reference_url https://access.redhat.com/errata/RHSA-2017:3244
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3244
5
reference_url https://access.redhat.com/errata/RHSA-2017:3451
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3451
6
reference_url https://access.redhat.com/errata/RHSA-2017:3452
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3452
7
reference_url https://access.redhat.com/errata/RHSA-2018:0002
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0002
8
reference_url https://access.redhat.com/errata/RHSA-2018:0003
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0003
9
reference_url https://access.redhat.com/errata/RHSA-2018:0004
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0004
10
reference_url https://access.redhat.com/errata/RHSA-2018:0005
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0005
11
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12629.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12629.json
12
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-12629
reference_id
reference_type
scores
0
value 0.93891
scoring_system epss
scoring_elements 0.99884
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-12629
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12629
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12629
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3163
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3163
15
reference_url https://github.com/advisories/GHSA-mh7g-99w9-xpjm
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-mh7g-99w9-xpjm
16
reference_url https://github.com/apache/lucene
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/lucene
17
reference_url https://github.com/apache/lucene-solr/commit/3bba91131b5257e64b9d0a2193e1e32a145b2a2
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/lucene-solr/commit/3bba91131b5257e64b9d0a2193e1e32a145b2a2
18
reference_url https://github.com/apache/lucene-solr/commit/926cc4d65b6d2cc40ff07f76d50ddeda947e3cc
reference_id
reference_type
scores
url https://github.com/apache/lucene-solr/commit/926cc4d65b6d2cc40ff07f76d50ddeda947e3cc
19
reference_url https://github.com/apache/lucene-solr/commit/d28baa3fc5566b47f1ca7cc2ba1aba658dc634a
reference_id
reference_type
scores
url https://github.com/apache/lucene-solr/commit/d28baa3fc5566b47f1ca7cc2ba1aba658dc634a
20
reference_url https://github.com/apache/lucene-solr/commit/d8000beebfb13ba0b6e754f84c760e11592d8d1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/lucene-solr/commit/d8000beebfb13ba0b6e754f84c760e11592d8d1
21
reference_url https://github.com/apache/lucene-solr/commit/f9fd6e9e26224f26f1542224ce187e04c27b268
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/lucene-solr/commit/f9fd6e9e26224f26f1542224ce187e04c27b268
22
reference_url https://github.com/AsyncHttpClient/async-http-client/issues/1455
reference_id
reference_type
scores
url https://github.com/AsyncHttpClient/async-http-client/issues/1455
23
reference_url https://issues.apache.org/jira/browse/SOLR-11477
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/SOLR-11477
24
reference_url https://lists.apache.org/thread.html/r140128dc6bb4f4e0b6a39e962c7ca25a8cbc8e48ed766176c931fccc@%3Cusers.solr.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r140128dc6bb4f4e0b6a39e962c7ca25a8cbc8e48ed766176c931fccc@%3Cusers.solr.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/r26c996b068ef6c5e89aa59acb769025cfd343a08e63fbe9e7f3f720f@%3Coak-issues.jackrabbit.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r26c996b068ef6c5e89aa59acb769025cfd343a08e63fbe9e7f3f720f@%3Coak-issues.jackrabbit.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/r3da74965aba2b5f5744b7289ad447306eeb2940c872801819faa9314@%3Cusers.solr.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3da74965aba2b5f5744b7289ad447306eeb2940c872801819faa9314@%3Cusers.solr.apache.org%3E
27
reference_url https://lists.apache.org/thread.html/r95df34bb158375948da82b4dfe9a1b5d528572d586584162f8f5aeef@%3Cusers.solr.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r95df34bb158375948da82b4dfe9a1b5d528572d586584162f8f5aeef@%3Cusers.solr.apache.org%3E
28
reference_url https://lists.debian.org/debian-lts-announce/2018/01/msg00028.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/01/msg00028.html
29
reference_url https://s.apache.org/FJDl
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://s.apache.org/FJDl
30
reference_url https://twitter.com/ApacheSolr/status/918731485611401216
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://twitter.com/ApacheSolr/status/918731485611401216
31
reference_url https://twitter.com/joshbressers/status/919258716297420802
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://twitter.com/joshbressers/status/919258716297420802
32
reference_url https://twitter.com/searchtools_avi/status/918904813613543424
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://twitter.com/searchtools_avi/status/918904813613543424
33
reference_url https://usn.ubuntu.com/4259-1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4259-1
34
reference_url https://www.debian.org/security/2018/dsa-4124
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2018/dsa-4124
35
reference_url https://www.exploit-db.com/exploits/43009
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/43009
36
reference_url https://www.exploit-db.com/exploits/43009/
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/43009/
37
reference_url http://www.securityfocus.com/bid/101261
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/101261
38
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1501529
reference_id 1501529
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1501529
39
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/xml/webapps/43009.txt
reference_id CVE-2017-12629
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/xml/webapps/43009.txt
40
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-12629
reference_id CVE-2017-12629
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-12629
41
reference_url http://www.cvedetails.com/cve/CVE-2017-12629/
reference_id CVE-2017-12629
reference_type
scores
url http://www.cvedetails.com/cve/CVE-2017-12629/
42
reference_url https://access.redhat.com/errata/RHSA-2020:2561
reference_id RHSA-2020:2561
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2561
43
reference_url https://access.redhat.com/errata/RHSA-2023:1334
reference_id RHSA-2023:1334
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1334
44
reference_url https://usn.ubuntu.com/4259-1/
reference_id USN-4259-1
reference_type
scores
url https://usn.ubuntu.com/4259-1/
fixed_packages
aliases CVE-2017-12629, GHSA-mh7g-99w9-xpjm
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zseq-ezs2-wbhu
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly@7.0.9-4.GA_redhat_3.1.ep7%3Farch=el7