Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.springframework/spring-oxm@3.2.9.RELEASE
Typemaven
Namespaceorg.springframework
Namespring-oxm
Version3.2.9.RELEASE
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version4.2.9.RELEASE
Latest_non_vulnerable_version5.2.9.RELEASE
Affected_by_vulnerabilities
0
url VCID-y3uz-etva-sufh
vulnerability_id VCID-y3uz-etva-sufh
summary 
Improper Input Validation in Spring Framework
In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5.0.18, 4.3.0 - 4.3.28, and older unsupported versions, the protections against RFD attacks from CVE-2015-5211 may be bypassed depending on the browser used through the use of a jsessionid path parameter.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-5421.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-5421.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-5421
reference_id
reference_type
scores
0
value 0.63828
scoring_system epss
scoring_elements 0.98431
published_at 2026-04-21T12:55:00Z
1
value 0.63828
scoring_system epss
scoring_elements 0.98432
published_at 2026-04-16T12:55:00Z
2
value 0.63828
scoring_system epss
scoring_elements 0.98427
published_at 2026-04-13T12:55:00Z
3
value 0.63828
scoring_system epss
scoring_elements 0.98424
published_at 2026-04-09T12:55:00Z
4
value 0.63828
scoring_system epss
scoring_elements 0.98423
published_at 2026-04-08T12:55:00Z
5
value 0.63828
scoring_system epss
scoring_elements 0.9842
published_at 2026-04-07T12:55:00Z
6
value 0.63828
scoring_system epss
scoring_elements 0.98417
published_at 2026-04-04T12:55:00Z
7
value 0.63828
scoring_system epss
scoring_elements 0.98414
published_at 2026-04-02T12:55:00Z
8
value 0.63828
scoring_system epss
scoring_elements 0.98412
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-5421
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5421
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5421
3
reference_url https://lists.apache.org/thread.html/r1c679c43fa4f7846d748a937955c7921436d1b315445978254442163@%3Ccommits.ambari.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r1c679c43fa4f7846d748a937955c7921436d1b315445978254442163@%3Ccommits.ambari.apache.org%3E
4
reference_url https://lists.apache.org/thread.html/r1eccdbd7986618a7319ee7a533bd9d9bf6e8678e59dd4cca9b5b2d7a@%3Cissues.ambari.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r1eccdbd7986618a7319ee7a533bd9d9bf6e8678e59dd4cca9b5b2d7a@%3Cissues.ambari.apache.org%3E
5
reference_url https://lists.apache.org/thread.html/r3589ed0d18edeb79028615080d5a0e8878856436bb91774a3196d9eb@%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3589ed0d18edeb79028615080d5a0e8878856436bb91774a3196d9eb@%3Ccommits.pulsar.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/r503e64b43a57fd68229cac4a869d1a9a2eac9e75f8719cad3a840211@%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r503e64b43a57fd68229cac4a869d1a9a2eac9e75f8719cad3a840211@%3Ccommits.pulsar.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/r5c95eff679dfc642e9e4ab5ac6d202248a59cb1e9457cfbe8b729ac5@%3Cissues.ambari.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r5c95eff679dfc642e9e4ab5ac6d202248a59cb1e9457cfbe8b729ac5@%3Cissues.ambari.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/r7e6a213eea7f04fc6d9e3bd6eb8d68c4df92a22e956e95cb2c482865@%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r7e6a213eea7f04fc6d9e3bd6eb8d68c4df92a22e956e95cb2c482865@%3Cissues.hive.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/r8b496b1743d128e6861ee0ed3c3c48cc56c505b38f84fa5baf7ae33a@%3Cdev.ambari.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r8b496b1743d128e6861ee0ed3c3c48cc56c505b38f84fa5baf7ae33a@%3Cdev.ambari.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r918caad55dcc640a16753b00d8d6acb90b4e36de4b6156d0867246ec@%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r918caad55dcc640a16753b00d8d6acb90b4e36de4b6156d0867246ec@%3Ccommits.pulsar.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/r9f13cccb214495e14648d2c9b8f2c6072fd5219e74502dd35ede81e1@%3Cdev.ambari.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9f13cccb214495e14648d2c9b8f2c6072fd5219e74502dd35ede81e1@%3Cdev.ambari.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/ra889d95141059c6cbe77dd80249bb488ae53b274b5f3abad09d9511d@%3Cuser.ignite.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ra889d95141059c6cbe77dd80249bb488ae53b274b5f3abad09d9511d@%3Cuser.ignite.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/raf7ca57033e537e4f9d7df7f192fa6968c1e49409b2348e08d807ccb@%3Cuser.ignite.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/raf7ca57033e537e4f9d7df7f192fa6968c1e49409b2348e08d807ccb@%3Cuser.ignite.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/rb18ed999153ef0f0cb7af03efe0046c42c7242fd77fbd884a75ecfdc@%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb18ed999153ef0f0cb7af03efe0046c42c7242fd77fbd884a75ecfdc@%3Ccommits.pulsar.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/rc9efaf6db98bee19db1bc911d0fa442287dac5cb229d4aaa08b6a13d@%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rc9efaf6db98bee19db1bc911d0fa442287dac5cb229d4aaa08b6a13d@%3Cissues.hive.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/rd462a8b0dfab4c15e67c0672cd3c211ecd0e4f018f824082ed54f665@%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rd462a8b0dfab4c15e67c0672cd3c211ecd0e4f018f824082ed54f665@%3Cissues.hive.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/re014a49d77f038ba70e5e9934d400af6653e8c9ac110d32b1254127e@%3Cdev.ranger.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/re014a49d77f038ba70e5e9934d400af6653e8c9ac110d32b1254127e@%3Cdev.ranger.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/rf00d8f4101a1c1ea4de6ea1e09ddf7472cfd306745c90d6da87ae074@%3Cdev.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf00d8f4101a1c1ea4de6ea1e09ddf7472cfd306745c90d6da87ae074@%3Cdev.hive.apache.org%3E
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-5421
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-5421
20
reference_url https://security.netapp.com/advisory/ntap-20210513-0009
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210513-0009
21
reference_url https://security.netapp.com/advisory/ntap-20210513-0009/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20210513-0009/
22
reference_url https://tanzu.vmware.com/security/cve-2020-5421
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tanzu.vmware.com/security/cve-2020-5421
23
reference_url https://www.oracle.com/security-alerts/cpuApr2021.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuApr2021.html
24
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2022.html
25
reference_url https://www.oracle.com/security-alerts/cpujan2021.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2021.html
26
reference_url https://www.oracle.com/security-alerts/cpujan2022.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2022.html
27
reference_url https://www.oracle.com//security-alerts/cpujul2021.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com//security-alerts/cpujul2021.html
28
reference_url https://www.oracle.com/security-alerts/cpuoct2021.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2021.html
29
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1881158
reference_id 1881158
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1881158
30
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973381
reference_id 973381
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973381
31
reference_url https://github.com/advisories/GHSA-rv39-3qh7-9v7w
reference_id GHSA-rv39-3qh7-9v7w
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rv39-3qh7-9v7w
fixed_packages
0
url pkg:maven/org.springframework/spring-oxm@4.2.9.RELEASE
purl pkg:maven/org.springframework/spring-oxm@4.2.9.RELEASE
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework/spring-oxm@4.2.9.RELEASE
1
url pkg:maven/org.springframework/spring-oxm@4.3.28.RELEASE
purl pkg:maven/org.springframework/spring-oxm@4.3.28.RELEASE
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework/spring-oxm@4.3.28.RELEASE
2
url pkg:maven/org.springframework/spring-oxm@4.3.29.RELEASE
purl pkg:maven/org.springframework/spring-oxm@4.3.29.RELEASE
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework/spring-oxm@4.3.29.RELEASE
3
url pkg:maven/org.springframework/spring-oxm@5.0.18.RELEASE
purl pkg:maven/org.springframework/spring-oxm@5.0.18.RELEASE
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework/spring-oxm@5.0.18.RELEASE
4
url pkg:maven/org.springframework/spring-oxm@5.0.19.RELEASE
purl pkg:maven/org.springframework/spring-oxm@5.0.19.RELEASE
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework/spring-oxm@5.0.19.RELEASE
5
url pkg:maven/org.springframework/spring-oxm@5.1.17.RELEASE
purl pkg:maven/org.springframework/spring-oxm@5.1.17.RELEASE
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework/spring-oxm@5.1.17.RELEASE
6
url pkg:maven/org.springframework/spring-oxm@5.1.18.RELEASE
purl pkg:maven/org.springframework/spring-oxm@5.1.18.RELEASE
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework/spring-oxm@5.1.18.RELEASE
7
url pkg:maven/org.springframework/spring-oxm@5.2.8.RELEASE
purl pkg:maven/org.springframework/spring-oxm@5.2.8.RELEASE
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework/spring-oxm@5.2.8.RELEASE
8
url pkg:maven/org.springframework/spring-oxm@5.2.9.RELEASE
purl pkg:maven/org.springframework/spring-oxm@5.2.9.RELEASE
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework/spring-oxm@5.2.9.RELEASE
aliases CVE-2020-5421, GHSA-rv39-3qh7-9v7w
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y3uz-etva-sufh
Fixing_vulnerabilities
0
url VCID-r384-aque-vqcw
vulnerability_id VCID-r384-aque-vqcw
summary When processing user provided XML documents, the Spring Framework 4.0.0 to 4.0.4, 3.0.0 to 3.2.8, and possibly earlier unsupported versions did not disable by default the resolution of URI references in a DTD declaration. This enabled an XXE attack.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0225.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0225.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0225
reference_id
reference_type
scores
0
value 0.00236
scoring_system epss
scoring_elements 0.46438
published_at 2026-04-01T12:55:00Z
1
value 0.00236
scoring_system epss
scoring_elements 0.46508
published_at 2026-04-21T12:55:00Z
2
value 0.00236
scoring_system epss
scoring_elements 0.46561
published_at 2026-04-18T12:55:00Z
3
value 0.00236
scoring_system epss
scoring_elements 0.46563
published_at 2026-04-16T12:55:00Z
4
value 0.00236
scoring_system epss
scoring_elements 0.46506
published_at 2026-04-13T12:55:00Z
5
value 0.00236
scoring_system epss
scoring_elements 0.46497
published_at 2026-04-12T12:55:00Z
6
value 0.00236
scoring_system epss
scoring_elements 0.46526
published_at 2026-04-11T12:55:00Z
7
value 0.00236
scoring_system epss
scoring_elements 0.46502
published_at 2026-04-09T12:55:00Z
8
value 0.00236
scoring_system epss
scoring_elements 0.46447
published_at 2026-04-07T12:55:00Z
9
value 0.00236
scoring_system epss
scoring_elements 0.46498
published_at 2026-04-04T12:55:00Z
10
value 0.00236
scoring_system epss
scoring_elements 0.46478
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0225
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0225
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0225
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0225
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0225
4
reference_url https://github.com/spring-projects/spring-framework/commit/44ee51a6c9c3734b3fcf9a20817117e86047d753
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/spring-projects/spring-framework/commit/44ee51a6c9c3734b3fcf9a20817117e86047d753
5
reference_url https://github.com/spring-projects/spring-framework/commit/8e096aeef55287dc829484996c9330cf755891a1
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/spring-projects/spring-framework/commit/8e096aeef55287dc829484996c9330cf755891a1
6
reference_url https://github.com/spring-projects/spring-framework/commit/c6503ebbf7c9e21ff022c58706dbac5417b2b5eb
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/spring-projects/spring-framework/commit/c6503ebbf7c9e21ff022c58706dbac5417b2b5eb
7
reference_url https://jira.spring.io/browse/SPR-11768
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://jira.spring.io/browse/SPR-11768
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1110110
reference_id 1110110
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1110110
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=753470
reference_id 753470
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=753470
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0225
reference_id CVE-2014-0225
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-0225
11
reference_url https://pivotal.io/security/cve-2014-0225
reference_id CVE-2014-0225
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://pivotal.io/security/cve-2014-0225
12
reference_url http://www.gopivotal.com/security/cve-2014-0225
reference_id CVE-2014-0225
reference_type
scores
url http://www.gopivotal.com/security/cve-2014-0225
13
reference_url https://github.com/advisories/GHSA-f93f-g33r-8pcp
reference_id GHSA-f93f-g33r-8pcp
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f93f-g33r-8pcp
14
reference_url https://access.redhat.com/errata/RHSA-2014:1351
reference_id RHSA-2014:1351
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1351
15
reference_url https://usn.ubuntu.com/USN-4774-1/
reference_id USN-USN-4774-1
reference_type
scores
url https://usn.ubuntu.com/USN-4774-1/
fixed_packages
0
url pkg:maven/org.springframework/spring-oxm@3.2.9.RELEASE
purl pkg:maven/org.springframework/spring-oxm@3.2.9.RELEASE
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-y3uz-etva-sufh
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework/spring-oxm@3.2.9.RELEASE
1
url pkg:maven/org.springframework/spring-oxm@4.0.5.RELEASE
purl pkg:maven/org.springframework/spring-oxm@4.0.5.RELEASE
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-y3uz-etva-sufh
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework/spring-oxm@4.0.5.RELEASE
aliases CVE-2014-0225, GHSA-f93f-g33r-8pcp
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r384-aque-vqcw
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.springframework/spring-oxm@3.2.9.RELEASE