Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/jboss-as-jmx@7.4.2-3.Final_redhat_2.1.ep6?arch=el7

Type rpm

Namespace redhat

Name jboss-as-jmx

Version 7.4.2-3.Final_redhat_2.1.ep6

Qualifiers

arch	el7

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-tbp1-77hh-rffk

vulnerability_id

VCID-tbp1-77hh-rffk

summary

Uncontrolled Resource Consumption
`XMLscanner.java` allows remote attackers to cause a denial of service via vectors related to XML attribute names.

references

reference_url

http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html

reference_url

http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html

reference_url

http://marc.info/?l=bugtraq&m=138674031212883&w=2

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://marc.info/?l=bugtraq&m=138674031212883&w=2

reference_url

http://marc.info/?l=bugtraq&m=138674073720143&w=2

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://marc.info/?l=bugtraq&m=138674073720143&w=2

reference_url

http://rhn.redhat.com/errata/RHSA-2013-1059.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2013-1059.html

reference_url

http://rhn.redhat.com/errata/RHSA-2013-1060.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2013-1060.html

reference_url

http://rhn.redhat.com/errata/RHSA-2013-1081.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2013-1081.html

reference_url

http://rhn.redhat.com/errata/RHSA-2013-1440.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2013-1440.html

reference_url

http://rhn.redhat.com/errata/RHSA-2013-1447.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2013-1447.html

reference_url

http://rhn.redhat.com/errata/RHSA-2013-1451.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2013-1451.html

reference_url

http://rhn.redhat.com/errata/RHSA-2013-1505.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2013-1505.html

reference_url

http://rhn.redhat.com/errata/RHSA-2014-1818.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2014-1818.html

reference_url

http://rhn.redhat.com/errata/RHSA-2014-1821.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2014-1821.html

reference_url

http://rhn.redhat.com/errata/RHSA-2014-1822.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2014-1822.html

reference_url

http://rhn.redhat.com/errata/RHSA-2014-1823.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2014-1823.html

reference_url

http://rhn.redhat.com/errata/RHSA-2015-0675.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2015-0675.html

reference_url

http://rhn.redhat.com/errata/RHSA-2015-0720.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2015-0720.html

reference_url

http://rhn.redhat.com/errata/RHSA-2015-0765.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2015-0765.html

reference_url

http://rhn.redhat.com/errata/RHSA-2015-0773.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2015-0773.html

reference_url

https://access.redhat.com/errata/RHSA-2014:0414

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2014:0414

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4002.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4002.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-4002

reference_id

reference_type

scores

value	0.08028
scoring_system	epss
scoring_elements	0.92258
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-4002

reference_url

http://security.gentoo.org/glsa/glsa-201406-32.xml

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://security.gentoo.org/glsa/glsa-201406-32.xml

reference_url

https://exchange.xforce.ibmcloud.com/vulnerabilities/85260

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://exchange.xforce.ibmcloud.com/vulnerabilities/85260

reference_url

https://github.com/apache/xerces2-j

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/xerces2-j

reference_url

https://github.com/apache/xerces2-j/commit/266e837852e0f0e3c8c1ad572b6fc4dbb4ded17

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/xerces2-j/commit/266e837852e0f0e3c8c1ad572b6fc4dbb4ded17

reference_url	https://github.com/apache/xerces2-j/commit/628cbc7142ef9acfb61b8e571aab63504235849
reference_id
reference_type
scores
url	https://github.com/apache/xerces2-j/commit/628cbc7142ef9acfb61b8e571aab63504235849

reference_url

https://issues.apache.org/jira/browse/XERCESJ-1679

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://issues.apache.org/jira/browse/XERCESJ-1679

reference_url

https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73@%3Cj-users.xerces.apache.org%3E

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73@%3Cj-users.xerces.apache.org%3E

reference_url

https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2013-4002

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2013-4002

reference_url

http://support.apple.com/kb/HT5982

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://support.apple.com/kb/HT5982

reference_url	http://svn.apache.org/viewvc?view=revision&revision=1499506
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc?view=revision&revision=1499506

reference_url

http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=965250&r2=1499506&view=patch

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=965250&r2=1499506&view=patch

reference_url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_url

https://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html

reference_url

http://www-01.ibm.com/support/docview.wss?uid=swg1IC98015

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www-01.ibm.com/support/docview.wss?uid=swg1IC98015

reference_url

http://www-01.ibm.com/support/docview.wss?uid=swg21644197

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www-01.ibm.com/support/docview.wss?uid=swg21644197

reference_url

http://www-01.ibm.com/support/docview.wss?uid=swg21653371

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www-01.ibm.com/support/docview.wss?uid=swg21653371

reference_url

http://www-01.ibm.com/support/docview.wss?uid=swg21657539

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www-01.ibm.com/support/docview.wss?uid=swg21657539

reference_url

http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html

reference_url

http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_filenet_content_manager_and_ibm_content_foundation_xml_4j_denial_of_service_attack_cve_2013_4002

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_filenet_content_manager_and_ibm_content_foundation_xml_4j_denial_of_service_attack_cve_2013_4002

reference_url

http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013

reference_url

http://www.ibm.com/support/docview.wss?uid=swg21648172

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.ibm.com/support/docview.wss?uid=swg21648172

reference_url

http://www.ubuntu.com/usn/USN-2033-1

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.ubuntu.com/usn/USN-2033-1

reference_url

http://www.ubuntu.com/usn/USN-2089-1

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.ubuntu.com/usn/USN-2089-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1019176
reference_id	1019176
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1019176

reference_url	https://bugzilla.redhat.com/CVE-2013-4002
reference_id	CVE-2013-4002
reference_type
scores
url	https://bugzilla.redhat.com/CVE-2013-4002

reference_url	https://security.gentoo.org/glsa/201406-32
reference_id	GLSA-201406-32
reference_type
scores
url	https://security.gentoo.org/glsa/201406-32

reference_url	https://access.redhat.com/errata/RHSA-2013:1059
reference_id	RHSA-2013:1059
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1059

reference_url	https://access.redhat.com/errata/RHSA-2013:1060
reference_id	RHSA-2013:1060
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1060

reference_url	https://access.redhat.com/errata/RHSA-2013:1081
reference_id	RHSA-2013:1081
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1081

reference_url	https://access.redhat.com/errata/RHSA-2013:1440
reference_id	RHSA-2013:1440
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1440

reference_url	https://access.redhat.com/errata/RHSA-2013:1447
reference_id	RHSA-2013:1447
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1447

reference_url	https://access.redhat.com/errata/RHSA-2013:1451
reference_id	RHSA-2013:1451
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1451

reference_url	https://access.redhat.com/errata/RHSA-2013:1505
reference_id	RHSA-2013:1505
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1505

reference_url	https://access.redhat.com/errata/RHSA-2014:1319
reference_id	RHSA-2014:1319
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1319

reference_url	https://access.redhat.com/errata/RHSA-2014:1818
reference_id	RHSA-2014:1818
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1818

reference_url	https://access.redhat.com/errata/RHSA-2014:1821
reference_id	RHSA-2014:1821
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1821

reference_url	https://access.redhat.com/errata/RHSA-2014:1822
reference_id	RHSA-2014:1822
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1822

reference_url	https://access.redhat.com/errata/RHSA-2014:1823
reference_id	RHSA-2014:1823
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1823

reference_url	https://access.redhat.com/errata/RHSA-2015:0234
reference_id	RHSA-2015:0234
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:0234

reference_url	https://access.redhat.com/errata/RHSA-2015:0235
reference_id	RHSA-2015:0235
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:0235

reference_url	https://access.redhat.com/errata/RHSA-2015:0269
reference_id	RHSA-2015:0269
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:0269

reference_url	https://access.redhat.com/errata/RHSA-2015:0675
reference_id	RHSA-2015:0675
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:0675

reference_url	https://access.redhat.com/errata/RHSA-2015:0720
reference_id	RHSA-2015:0720
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:0720

reference_url	https://access.redhat.com/errata/RHSA-2015:0765
reference_id	RHSA-2015:0765
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:0765

reference_url	https://access.redhat.com/errata/RHSA-2015:0773
reference_id	RHSA-2015:0773
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:0773

fixed_packages

aliases

CVE-2013-4002, GHSA-7j4h-8wpf-rqfh

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-tbp1-77hh-rffk

Fixing_vulnerabilities

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jboss-as-jmx@7.4.2-3.Final_redhat_2.1.ep6%3Farch=el7

Package Instance