Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/eap7-jboss-metadata@13.4.0-1.Final_redhat_00001.1?arch=el7eap

Type rpm

Namespace redhat

Name eap7-jboss-metadata

Version 13.4.0-1.Final_redhat_00001.1

Qualifiers

arch	el7eap

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-87j6-anzh-2uf1

vulnerability_id

VCID-87j6-anzh-2uf1

summary

Unproper laxist permissions on the temporary files used by MIME4J TempFileStorageProvider may lead to information disclosure to other local users. This issue affects Apache James MIME4J version 0.8.8 and prior versions.

We recommend users to upgrade to MIME4j version 0.8.9 or later.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-45787.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-45787.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-45787

reference_id

reference_type

scores

value	9e-05
scoring_system	epss
scoring_elements	0.00926
published_at	2026-06-12T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.0093
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-45787

reference_url

https://github.com/apache/james-mime4j

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/james-mime4j

reference_url

https://github.com/apache/james-mime4j/blob/master/CHANGELOG.md#089---2022-12-30

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/james-mime4j/blob/master/CHANGELOG.md#089---2022-12-30

reference_url

https://github.com/apache/james-mime4j/commit/021eb79ba312fe5a7f99fa867ee5350aa5533069

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/james-mime4j/commit/021eb79ba312fe5a7f99fa867ee5350aa5533069

reference_url

https://issues.apache.org/jira/browse/MIME4J-322

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://issues.apache.org/jira/browse/MIME4J-322

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-45787

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-45787

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2158916
reference_id	2158916
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2158916

reference_url

https://lists.apache.org/thread/26s8p9stl1z261c4qw15bsq03tt7t0rj

reference_id

26s8p9stl1z261c4qw15bsq03tt7t0rj

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-09T19:31:06Z/

url

https://lists.apache.org/thread/26s8p9stl1z261c4qw15bsq03tt7t0rj

reference_url

https://github.com/advisories/GHSA-q84x-3476-8ff2

reference_id

GHSA-q84x-3476-8ff2

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-q84x-3476-8ff2

reference_url	https://access.redhat.com/errata/RHSA-2023:1512
reference_id	RHSA-2023:1512
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1512

reference_url	https://access.redhat.com/errata/RHSA-2023:1513
reference_id	RHSA-2023:1513
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1513

reference_url	https://access.redhat.com/errata/RHSA-2023:1514
reference_id	RHSA-2023:1514
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1514

reference_url	https://access.redhat.com/errata/RHSA-2023:1516
reference_id	RHSA-2023:1516
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1516

reference_url	https://access.redhat.com/errata/RHSA-2023:2705
reference_id	RHSA-2023:2705
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2705

reference_url	https://access.redhat.com/errata/RHSA-2023:2706
reference_id	RHSA-2023:2706
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2706

reference_url	https://access.redhat.com/errata/RHSA-2023:2707
reference_id	RHSA-2023:2707
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2707

reference_url	https://access.redhat.com/errata/RHSA-2023:2710
reference_id	RHSA-2023:2710
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2710

reference_url	https://access.redhat.com/errata/RHSA-2023:2713
reference_id	RHSA-2023:2713
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2713

reference_url	https://access.redhat.com/errata/RHSA-2023:3809
reference_id	RHSA-2023:3809
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3809

reference_url	https://access.redhat.com/errata/RHSA-2023:3815
reference_id	RHSA-2023:3815
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3815

fixed_packages

aliases

CVE-2022-45787, GHSA-q84x-3476-8ff2

risk_score

3.1

exploitability

0.5

weighted_severity

6.2

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-87j6-anzh-2uf1

url

VCID-wdvr-ddjy-27as

vulnerability_id

VCID-wdvr-ddjy-27as

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41853.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41853.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-41853

reference_id

reference_type

scores

value	0.70144
scoring_system	epss
scoring_elements	0.98699
published_at	2026-06-11T12:55:00Z

value	0.70144
scoring_system	epss
scoring_elements	0.98703
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-41853

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41853
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41853

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://sourceforge.net/projects/hsqldb

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://sourceforge.net/projects/hsqldb

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023573
reference_id	1023573
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023573

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2136141
reference_id	2136141
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2136141

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-41853

reference_id

CVE-2022-41853

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-41853

reference_url

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50212#c7

reference_id

detail?id=50212#c7

reference_type

scores

value	8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-21T13:37:02Z/

url

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50212#c7

reference_url

https://www.debian.org/security/2023/dsa-5313

reference_id

dsa-5313

reference_type

scores

value	8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-21T13:37:02Z/

url

https://www.debian.org/security/2023/dsa-5313

reference_url

https://github.com/advisories/GHSA-77xx-rxvh-q682

reference_id

GHSA-77xx-rxvh-q682

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-77xx-rxvh-q682

reference_url

https://lists.debian.org/debian-lts-announce/2022/12/msg00020.html

reference_id

msg00020.html

reference_type

scores

value	8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-21T13:37:02Z/

url

https://lists.debian.org/debian-lts-announce/2022/12/msg00020.html

reference_url	https://access.redhat.com/errata/RHSA-2022:8559
reference_id	RHSA-2022:8559
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8559

reference_url	https://access.redhat.com/errata/RHSA-2022:8560
reference_id	RHSA-2022:8560
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8560

reference_url	https://access.redhat.com/errata/RHSA-2022:8652
reference_id	RHSA-2022:8652
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8652

reference_url	https://access.redhat.com/errata/RHSA-2023:1512
reference_id	RHSA-2023:1512
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1512

reference_url	https://access.redhat.com/errata/RHSA-2023:1513
reference_id	RHSA-2023:1513
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1513

reference_url	https://access.redhat.com/errata/RHSA-2023:1514
reference_id	RHSA-2023:1514
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1514

reference_url	https://access.redhat.com/errata/RHSA-2023:1516
reference_id	RHSA-2023:1516
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1516

reference_url	https://access.redhat.com/errata/RHSA-2023:2100
reference_id	RHSA-2023:2100
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2100

reference_url	https://access.redhat.com/errata/RHSA-2024:10207
reference_id	RHSA-2024:10207
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:10207

reference_url	https://access.redhat.com/errata/RHSA-2024:10208
reference_id	RHSA-2024:10208
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:10208

reference_url

http://hsqldb.org/doc/2.0/guide/sqlroutines-chapt.html#src_jrt_access_control

reference_id

sqlroutines-chapt.html#src_jrt_access_control

reference_type

scores

value	8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-21T13:37:02Z/

url

http://hsqldb.org/doc/2.0/guide/sqlroutines-chapt.html#src_jrt_access_control

fixed_packages

aliases

CVE-2022-41853, GHSA-77xx-rxvh-q682

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-wdvr-ddjy-27as

Fixing_vulnerabilities

Risk_score 4.5

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-metadata@13.4.0-1.Final_redhat_00001.1%3Farch=el7eap

Package Instance