Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.wildfly.core/wildfly-server@3.1.0.Final
Typemaven
Namespaceorg.wildfly.core
Namewildfly-server
Version3.1.0.Final
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version16.0.1.Final
Latest_non_vulnerable_version28.0.0.Beta2
Affected_by_vulnerabilities
0
url VCID-f4hk-8zp4-9fd3
vulnerability_id VCID-f4hk-8zp4-9fd3
summary WildFly Core before version 6.0.0.Alpha3 does not properly validate file paths in .war archives, allowing for the extraction of crafted .war archives to overwrite arbitrary files. This is an instance of the 'Zip Slip' vulnerability.
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:2276
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2276
1
reference_url https://access.redhat.com/errata/RHSA-2018:2277
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2277
2
reference_url https://access.redhat.com/errata/RHSA-2018:2279
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2279
3
reference_url https://access.redhat.com/errata/RHSA-2018:2423
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2423
4
reference_url https://access.redhat.com/errata/RHSA-2018:2424
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2424
5
reference_url https://access.redhat.com/errata/RHSA-2018:2425
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2425
6
reference_url https://access.redhat.com/errata/RHSA-2018:2428
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2428
7
reference_url https://access.redhat.com/errata/RHSA-2018:2643
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2643
8
reference_url https://access.redhat.com/errata/RHSA-2019:0877
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:0877
9
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10862.json
reference_id
reference_type
scores
0
value 7.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10862.json
10
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-10862
reference_id
reference_type
scores
0
value 0.00297
scoring_system epss
scoring_elements 0.53171
published_at 2026-04-16T12:55:00Z
1
value 0.00297
scoring_system epss
scoring_elements 0.531
published_at 2026-04-04T12:55:00Z
2
value 0.00297
scoring_system epss
scoring_elements 0.53069
published_at 2026-04-07T12:55:00Z
3
value 0.00297
scoring_system epss
scoring_elements 0.53119
published_at 2026-04-08T12:55:00Z
4
value 0.00297
scoring_system epss
scoring_elements 0.53114
published_at 2026-04-09T12:55:00Z
5
value 0.00297
scoring_system epss
scoring_elements 0.53164
published_at 2026-04-11T12:55:00Z
6
value 0.00297
scoring_system epss
scoring_elements 0.53148
published_at 2026-04-12T12:55:00Z
7
value 0.00297
scoring_system epss
scoring_elements 0.53132
published_at 2026-04-13T12:55:00Z
8
value 0.00297
scoring_system epss
scoring_elements 0.53048
published_at 2026-04-01T12:55:00Z
9
value 0.00297
scoring_system epss
scoring_elements 0.53076
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-10862
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10862
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10862
12
reference_url https://github.com/wildfly/wildfly-core/commit/40996ae6d5d3b6c1602a15f96b86a8d8a39b53eb
reference_id
reference_type
scores
url https://github.com/wildfly/wildfly-core/commit/40996ae6d5d3b6c1602a15f96b86a8d8a39b53eb
13
reference_url https://snyk.io/research/zip-slip-vulnerability
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://snyk.io/research/zip-slip-vulnerability
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1593527
reference_id 1593527
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1593527
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-10862
reference_id CVE-2018-10862
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-10862
16
reference_url https://github.com/advisories/GHSA-w8r2-5j8x-x8j6
reference_id GHSA-w8r2-5j8x-x8j6
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w8r2-5j8x-x8j6
17
reference_url https://access.redhat.com/errata/RHSA-2020:2321
reference_id RHSA-2020:2321
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2321
18
reference_url https://access.redhat.com/errata/RHSA-2020:2562
reference_id RHSA-2020:2562
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2562
fixed_packages
0
url pkg:maven/org.wildfly.core/wildfly-server@6.0.0.Alpha3
purl pkg:maven/org.wildfly.core/wildfly-server@6.0.0.Alpha3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ppap-96ds-9ygc
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.wildfly.core/wildfly-server@6.0.0.Alpha3
aliases CVE-2018-10862, GHSA-w8r2-5j8x-x8j6
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f4hk-8zp4-9fd3
1
url VCID-ppap-96ds-9ygc
vulnerability_id VCID-ppap-96ds-9ygc
summary 
wildfly-core allows user with access to management interface to access vault expression, retrieve item from vault
A flaw was found in wildfly-core in all versions. If a vault expression is in the form of a single attribute that contains multiple expressions, a user who was granted access to the management interface can potentially access a vault expression they should not be able to access and possibly retrieve the item which was stored in the vault. The highest threat from this vulnerability is data confidentiality and integrity.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3644.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3644.json
1
reference_url https://access.redhat.com/security/cve/CVE-2021-3644
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2021-3644
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3644
reference_id
reference_type
scores
0
value 0.0044
scoring_system epss
scoring_elements 0.63234
published_at 2026-04-16T12:55:00Z
1
value 0.0044
scoring_system epss
scoring_elements 0.63216
published_at 2026-04-08T12:55:00Z
2
value 0.0044
scoring_system epss
scoring_elements 0.63164
published_at 2026-04-07T12:55:00Z
3
value 0.0044
scoring_system epss
scoring_elements 0.63199
published_at 2026-04-04T12:55:00Z
4
value 0.0044
scoring_system epss
scoring_elements 0.63169
published_at 2026-04-02T12:55:00Z
5
value 0.0044
scoring_system epss
scoring_elements 0.63198
published_at 2026-04-13T12:55:00Z
6
value 0.0044
scoring_system epss
scoring_elements 0.6325
published_at 2026-04-11T12:55:00Z
7
value 0.0044
scoring_system epss
scoring_elements 0.63109
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3644
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1976052
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1976052
4
reference_url https://github.com/wildfly/wildfly-core
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/wildfly/wildfly-core
5
reference_url https://github.com/wildfly/wildfly-core/commit/06dd9884f6ba50470b1fb5a35198a8784f037714
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/wildfly/wildfly-core/commit/06dd9884f6ba50470b1fb5a35198a8784f037714
6
reference_url https://github.com/wildfly/wildfly-core/commit/6d8db43cd43b5994b7a14003db978064e086090b
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/wildfly/wildfly-core/commit/6d8db43cd43b5994b7a14003db978064e086090b
7
reference_url https://github.com/wildfly/wildfly-core/pull/4668
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/wildfly/wildfly-core/pull/4668
8
reference_url https://issues.redhat.com/browse/WFCORE-5511
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://issues.redhat.com/browse/WFCORE-5511
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3644
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-3644
10
reference_url https://github.com/advisories/GHSA-w88m-2936-rmxr
reference_id GHSA-w88m-2936-rmxr
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w88m-2936-rmxr
11
reference_url https://access.redhat.com/errata/RHSA-2021:3466
reference_id RHSA-2021:3466
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3466
12
reference_url https://access.redhat.com/errata/RHSA-2021:3467
reference_id RHSA-2021:3467
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3467
13
reference_url https://access.redhat.com/errata/RHSA-2021:3468
reference_id RHSA-2021:3468
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3468
14
reference_url https://access.redhat.com/errata/RHSA-2021:3471
reference_id RHSA-2021:3471
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3471
15
reference_url https://access.redhat.com/errata/RHSA-2021:3516
reference_id RHSA-2021:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3516
16
reference_url https://access.redhat.com/errata/RHSA-2021:3534
reference_id RHSA-2021:3534
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3534
17
reference_url https://access.redhat.com/errata/RHSA-2021:3656
reference_id RHSA-2021:3656
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3656
18
reference_url https://access.redhat.com/errata/RHSA-2021:3658
reference_id RHSA-2021:3658
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3658
19
reference_url https://access.redhat.com/errata/RHSA-2021:3660
reference_id RHSA-2021:3660
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3660
20
reference_url https://access.redhat.com/errata/RHSA-2022:5532
reference_id RHSA-2022:5532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5532
21
reference_url https://access.redhat.com/errata/RHSA-2022:5903
reference_id RHSA-2022:5903
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5903
fixed_packages
0
url pkg:maven/org.wildfly.core/wildfly-server@16.0.1.Final
purl pkg:maven/org.wildfly.core/wildfly-server@16.0.1.Final
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.wildfly.core/wildfly-server@16.0.1.Final
1
url pkg:maven/org.wildfly.core/wildfly-server@17.0.0.Beta3
purl pkg:maven/org.wildfly.core/wildfly-server@17.0.0.Beta3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.wildfly.core/wildfly-server@17.0.0.Beta3
aliases CVE-2021-3644, GHSA-w88m-2936-rmxr
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ppap-96ds-9ygc
Fixing_vulnerabilities
Risk_score3.4
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.wildfly.core/wildfly-server@3.1.0.Final