Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/io.undertow/undertow-core@1
Typemaven
Namespaceio.undertow
Nameundertow-core
Version1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.3.20.Final
Latest_non_vulnerable_version2.4.0.Beta1
Affected_by_vulnerabilities
0
url VCID-ay2f-3xcv-dqdc
vulnerability_id VCID-ay2f-3xcv-dqdc
summary 
Improper Neutralization of CRLF Sequences in HTTP Headers
CRLF injection vulnerability in the Undertow web server allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-1838.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1838.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2016-1839.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1839.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2016-1840.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1840.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2016-1841.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1841.html
4
reference_url https://access.redhat.com/errata/RHSA-2017:3454
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3454
5
reference_url https://access.redhat.com/errata/RHSA-2017:3455
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3455
6
reference_url https://access.redhat.com/errata/RHSA-2017:3456
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3456
7
reference_url https://access.redhat.com/errata/RHSA-2017:3458
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3458
8
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4993.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4993.json
9
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-4993
reference_id
reference_type
scores
0
value 0.01476
scoring_system epss
scoring_elements 0.81
published_at 2026-04-21T12:55:00Z
1
value 0.01476
scoring_system epss
scoring_elements 0.80913
published_at 2026-04-02T12:55:00Z
2
value 0.01476
scoring_system epss
scoring_elements 0.80935
published_at 2026-04-04T12:55:00Z
3
value 0.01476
scoring_system epss
scoring_elements 0.80932
published_at 2026-04-07T12:55:00Z
4
value 0.01476
scoring_system epss
scoring_elements 0.8096
published_at 2026-04-08T12:55:00Z
5
value 0.01476
scoring_system epss
scoring_elements 0.80967
published_at 2026-04-09T12:55:00Z
6
value 0.01476
scoring_system epss
scoring_elements 0.80984
published_at 2026-04-11T12:55:00Z
7
value 0.01476
scoring_system epss
scoring_elements 0.8097
published_at 2026-04-12T12:55:00Z
8
value 0.01476
scoring_system epss
scoring_elements 0.80962
published_at 2026-04-13T12:55:00Z
9
value 0.01476
scoring_system epss
scoring_elements 0.80999
published_at 2026-04-16T12:55:00Z
10
value 0.01476
scoring_system epss
scoring_elements 0.80904
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-4993
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1344321
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1344321
11
reference_url https://github.com/undertow-io/undertow/commit/834496fb74ddda2af197940c70d08bab419fdf12
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/undertow-io/undertow/commit/834496fb74ddda2af197940c70d08bab419fdf12
12
reference_url https://issues.redhat.com/browse/UNDERTOW-827
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://issues.redhat.com/browse/UNDERTOW-827
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-4993
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-4993
14
reference_url https://access.redhat.com/security/cve/CVE-2016-4993
reference_id CVE-2016-4993
reference_type
scores
url https://access.redhat.com/security/cve/CVE-2016-4993
15
reference_url https://github.com/advisories/GHSA-qcqr-hcjq-whfq
reference_id GHSA-qcqr-hcjq-whfq
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qcqr-hcjq-whfq
16
reference_url https://access.redhat.com/errata/RHSA-2016:1838
reference_id RHSA-2016:1838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1838
17
reference_url https://access.redhat.com/errata/RHSA-2016:1839
reference_id RHSA-2016:1839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1839
18
reference_url https://access.redhat.com/errata/RHSA-2016:1840
reference_id RHSA-2016:1840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1840
19
reference_url https://access.redhat.com/errata/RHSA-2016:1841
reference_id RHSA-2016:1841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1841
fixed_packages
0
url pkg:maven/io.undertow/undertow-core@1.3.5.Final
purl pkg:maven/io.undertow/undertow-core@1.3.5.Final
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ff-vn3t-vyhy
1
vulnerability VCID-1vrj-chs2-d3ab
2
vulnerability VCID-1w4t-um5v-jkfv
3
vulnerability VCID-2cv5-9v62-kfbm
4
vulnerability VCID-2e2u-nvuu-kfbs
5
vulnerability VCID-2ez8-r9wv-53du
6
vulnerability VCID-5585-a76n-zubf
7
vulnerability VCID-62gn-nwup-8uat
8
vulnerability VCID-73st-24ck-uydb
9
vulnerability VCID-77xn-dtdn-hfa2
10
vulnerability VCID-7ec2-9kmy-77eh
11
vulnerability VCID-7yc7-e35f-8uhj
12
vulnerability VCID-93ut-2de3-ckc5
13
vulnerability VCID-9zut-79gt-1bgy
14
vulnerability VCID-bhrz-ea7j-k3bh
15
vulnerability VCID-bm42-byxp-2kb5
16
vulnerability VCID-bpuw-kn4r-6kau
17
vulnerability VCID-cf5j-2dz8-7bbu
18
vulnerability VCID-dvxb-wu3m-xuaz
19
vulnerability VCID-gsr8-1dea-effx
20
vulnerability VCID-k6c9-mckm-cyhy
21
vulnerability VCID-ns3p-22xg-q3bz
22
vulnerability VCID-p9y4-yce4-zqbk
23
vulnerability VCID-rqvc-k1jm-9kg9
24
vulnerability VCID-scjb-1mwk-rfdd
25
vulnerability VCID-sxup-wzjc-tue1
26
vulnerability VCID-urxh-sp91-kuet
27
vulnerability VCID-usz2-tufg-k7gz
28
vulnerability VCID-xftw-raz7-b7e1
29
vulnerability VCID-xme8-usmd-vqg3
30
vulnerability VCID-y5s2-w88t-8uhx
31
vulnerability VCID-ygp7-kj2w-syat
32
vulnerability VCID-yn69-8upm-7yc2
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/io.undertow/undertow-core@1.3.5.Final
1
url pkg:maven/io.undertow/undertow-core@1.4.0
purl pkg:maven/io.undertow/undertow-core@1.4.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2e2u-nvuu-kfbs
1
vulnerability VCID-77xn-dtdn-hfa2
2
vulnerability VCID-y5s2-w88t-8uhx
3
vulnerability VCID-ygp7-kj2w-syat
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/io.undertow/undertow-core@1.4.0
2
url pkg:maven/io.undertow/undertow-core@2.0.1
purl pkg:maven/io.undertow/undertow-core@2.0.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/io.undertow/undertow-core@2.0.1
3
url pkg:maven/io.undertow/undertow-core@2.0.1.Final
purl pkg:maven/io.undertow/undertow-core@2.0.1.Final
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ff-vn3t-vyhy
1
vulnerability VCID-1vrj-chs2-d3ab
2
vulnerability VCID-2cv5-9v62-kfbm
3
vulnerability VCID-2ez8-r9wv-53du
4
vulnerability VCID-4v1f-kt5y-w7d1
5
vulnerability VCID-5585-a76n-zubf
6
vulnerability VCID-62gn-nwup-8uat
7
vulnerability VCID-73st-24ck-uydb
8
vulnerability VCID-7ec2-9kmy-77eh
9
vulnerability VCID-7yc7-e35f-8uhj
10
vulnerability VCID-93ut-2de3-ckc5
11
vulnerability VCID-bhrz-ea7j-k3bh
12
vulnerability VCID-bm42-byxp-2kb5
13
vulnerability VCID-bpuw-kn4r-6kau
14
vulnerability VCID-cf5j-2dz8-7bbu
15
vulnerability VCID-dvxb-wu3m-xuaz
16
vulnerability VCID-gsr8-1dea-effx
17
vulnerability VCID-k6c9-mckm-cyhy
18
vulnerability VCID-ns3p-22xg-q3bz
19
vulnerability VCID-p9y4-yce4-zqbk
20
vulnerability VCID-rqvc-k1jm-9kg9
21
vulnerability VCID-scjb-1mwk-rfdd
22
vulnerability VCID-sxup-wzjc-tue1
23
vulnerability VCID-urxh-sp91-kuet
24
vulnerability VCID-usz2-tufg-k7gz
25
vulnerability VCID-xftw-raz7-b7e1
26
vulnerability VCID-xme8-usmd-vqg3
27
vulnerability VCID-yn69-8upm-7yc2
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/io.undertow/undertow-core@2.0.1.Final
aliases CVE-2016-4993, GHSA-qcqr-hcjq-whfq
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ay2f-3xcv-dqdc
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/io.undertow/undertow-core@1