Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.cxf/cxf@3.4.5
Typemaven
Namespaceorg.apache.cxf
Namecxf
Version3.4.5
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version3.4.10
Latest_non_vulnerable_version3.5.5
Affected_by_vulnerabilities
0
url VCID-xzs8-rbhd-mkbp
vulnerability_id VCID-xzs8-rbhd-mkbp
summary 
Apache CXF vulnerable to Exposure of Sensitive Information
A vulnerability in Apache CXF before versions 3.5.5 and 3.4.10 allows an attacker to perform a remote directory listing or code exfiltration. The vulnerability only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, and so the vulnerability can only arise if the CXF service is misconfigured.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46363.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46363.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-46363
reference_id
reference_type
scores
0
value 0.00089
scoring_system epss
scoring_elements 0.25411
published_at 2026-04-02T12:55:00Z
1
value 0.00139
scoring_system epss
scoring_elements 0.34031
published_at 2026-04-12T12:55:00Z
2
value 0.00139
scoring_system epss
scoring_elements 0.34074
published_at 2026-04-11T12:55:00Z
3
value 0.00139
scoring_system epss
scoring_elements 0.34002
published_at 2026-04-07T12:55:00Z
4
value 0.00139
scoring_system epss
scoring_elements 0.34008
published_at 2026-04-13T12:55:00Z
5
value 0.00139
scoring_system epss
scoring_elements 0.34076
published_at 2026-04-09T12:55:00Z
6
value 0.00139
scoring_system epss
scoring_elements 0.34142
published_at 2026-04-04T12:55:00Z
7
value 0.00139
scoring_system epss
scoring_elements 0.34045
published_at 2026-04-08T12:55:00Z
8
value 0.00148
scoring_system epss
scoring_elements 0.35319
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-46363
2
reference_url https://github.com/apache/cxf
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/cxf
3
reference_url https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T02:50:18Z/
url https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-46363
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-46363
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2155681
reference_id 2155681
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2155681
6
reference_url https://github.com/advisories/GHSA-3w37-5p3p-jv92
reference_id GHSA-3w37-5p3p-jv92
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3w37-5p3p-jv92
7
reference_url https://access.redhat.com/errata/RHSA-2023:0483
reference_id RHSA-2023:0483
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0483
8
reference_url https://access.redhat.com/errata/RHSA-2023:0544
reference_id RHSA-2023:0544
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0544
9
reference_url https://access.redhat.com/errata/RHSA-2023:0556
reference_id RHSA-2023:0556
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0556
10
reference_url https://access.redhat.com/errata/RHSA-2023:3641
reference_id RHSA-2023:3641
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3641
11
reference_url https://access.redhat.com/errata/RHSA-2025:1746
reference_id RHSA-2025:1746
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1746
12
reference_url https://access.redhat.com/errata/RHSA-2025:1747
reference_id RHSA-2025:1747
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1747
fixed_packages
0
url pkg:maven/org.apache.cxf/cxf@3.4.10
purl pkg:maven/org.apache.cxf/cxf@3.4.10
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf@3.4.10
1
url pkg:maven/org.apache.cxf/cxf@3.5.5
purl pkg:maven/org.apache.cxf/cxf@3.5.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf@3.5.5
aliases CVE-2022-46363, GHSA-3w37-5p3p-jv92
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xzs8-rbhd-mkbp
1
url VCID-y8up-mkx2-abcn
vulnerability_id VCID-y8up-mkx2-abcn
summary 
Apache CXF Server-Side Request Forgery vulnerability
A SSRF vulnerability in parsing the href attribute of XOP:Include in MTOM requests in versions of Apache CXF before 3.5.5 and 3.4.10 allows an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46364.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46364.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-46364
reference_id
reference_type
scores
0
value 0.00118
scoring_system epss
scoring_elements 0.30863
published_at 2026-04-02T12:55:00Z
1
value 0.00118
scoring_system epss
scoring_elements 0.3082
published_at 2026-04-09T12:55:00Z
2
value 0.00118
scoring_system epss
scoring_elements 0.30788
published_at 2026-04-08T12:55:00Z
3
value 0.00118
scoring_system epss
scoring_elements 0.30729
published_at 2026-04-07T12:55:00Z
4
value 0.00118
scoring_system epss
scoring_elements 0.30909
published_at 2026-04-04T12:55:00Z
5
value 0.00135
scoring_system epss
scoring_elements 0.33218
published_at 2026-04-16T12:55:00Z
6
value 0.00135
scoring_system epss
scoring_elements 0.33241
published_at 2026-04-11T12:55:00Z
7
value 0.00135
scoring_system epss
scoring_elements 0.33201
published_at 2026-04-12T12:55:00Z
8
value 0.00135
scoring_system epss
scoring_elements 0.33177
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-46364
2
reference_url https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1&modificationDate=1670944472739&api=v2
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-22T02:48:12Z/
url https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1&modificationDate=1670944472739&api=v2
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-46364
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-46364
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2155682
reference_id 2155682
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2155682
5
reference_url https://github.com/advisories/GHSA-x3x3-qwjq-8gj4
reference_id GHSA-x3x3-qwjq-8gj4
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x3x3-qwjq-8gj4
6
reference_url https://access.redhat.com/errata/RHSA-2023:0163
reference_id RHSA-2023:0163
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0163
7
reference_url https://access.redhat.com/errata/RHSA-2023:0164
reference_id RHSA-2023:0164
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0164
8
reference_url https://access.redhat.com/errata/RHSA-2023:0483
reference_id RHSA-2023:0483
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0483
9
reference_url https://access.redhat.com/errata/RHSA-2023:0544
reference_id RHSA-2023:0544
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0544
10
reference_url https://access.redhat.com/errata/RHSA-2023:0556
reference_id RHSA-2023:0556
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0556
11
reference_url https://access.redhat.com/errata/RHSA-2023:1285
reference_id RHSA-2023:1285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1285
12
reference_url https://access.redhat.com/errata/RHSA-2023:1286
reference_id RHSA-2023:1286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1286
13
reference_url https://access.redhat.com/errata/RHSA-2023:2041
reference_id RHSA-2023:2041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2041
14
reference_url https://access.redhat.com/errata/RHSA-2023:3641
reference_id RHSA-2023:3641
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3641
fixed_packages
0
url pkg:maven/org.apache.cxf/cxf@3.4.10
purl pkg:maven/org.apache.cxf/cxf@3.4.10
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf@3.4.10
1
url pkg:maven/org.apache.cxf/cxf@3.5.5
purl pkg:maven/org.apache.cxf/cxf@3.5.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf@3.5.5
aliases CVE-2022-46364, GHSA-x3x3-qwjq-8gj4
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y8up-mkx2-abcn
Fixing_vulnerabilities
0
url VCID-46y3-rx34-pyc6
vulnerability_id VCID-46y3-rx34-pyc6
summary 
Exposure of Sensitive Information to an Unauthorized Actor
All versions of Apache Santuario - XML Security for Java is vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an attacker to abuse an XPath Transform to extract any local .xml files in a RetrievalMethod element.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-40690.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-40690.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-40690
reference_id
reference_type
scores
0
value 0.00278
scoring_system epss
scoring_elements 0.5131
published_at 2026-04-16T12:55:00Z
1
value 0.00278
scoring_system epss
scoring_elements 0.51271
published_at 2026-04-13T12:55:00Z
2
value 0.00278
scoring_system epss
scoring_elements 0.51284
published_at 2026-04-12T12:55:00Z
3
value 0.00278
scoring_system epss
scoring_elements 0.51306
published_at 2026-04-11T12:55:00Z
4
value 0.00278
scoring_system epss
scoring_elements 0.51173
published_at 2026-04-01T12:55:00Z
5
value 0.00278
scoring_system epss
scoring_elements 0.51262
published_at 2026-04-09T12:55:00Z
6
value 0.00278
scoring_system epss
scoring_elements 0.51265
published_at 2026-04-08T12:55:00Z
7
value 0.00278
scoring_system epss
scoring_elements 0.5121
published_at 2026-04-07T12:55:00Z
8
value 0.00278
scoring_system epss
scoring_elements 0.51251
published_at 2026-04-04T12:55:00Z
9
value 0.00278
scoring_system epss
scoring_elements 0.51225
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-40690
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40690
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40690
3
reference_url https://issues.apache.org/jira/browse/CXF-8613
reference_id
reference_type
scores
url https://issues.apache.org/jira/browse/CXF-8613
4
reference_url https://lists.apache.org/thread.html/r3b3f5ba9b0de8c9c125077b71af06026d344a709a8ba67db81ee9faa@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3b3f5ba9b0de8c9c125077b71af06026d344a709a8ba67db81ee9faa@%3Ccommits.tomee.apache.org%3E
5
reference_url https://lists.apache.org/thread.html/r401ecb7274794f040cd757b259ebe3e8c463ae74f7961209ccad3c59@%3Cissues.cxf.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r401ecb7274794f040cd757b259ebe3e8c463ae74f7961209ccad3c59@%3Cissues.cxf.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/r8848751b6a5dd78cc9e99d627e74fecfaffdfa1bb615dce827aad633%40%3Cdev.santuario.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r8848751b6a5dd78cc9e99d627e74fecfaffdfa1bb615dce827aad633%40%3Cdev.santuario.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/r8a5c0ce9014bd07303aec1e5eed55951704878016465d3dae00e0c28@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r8a5c0ce9014bd07303aec1e5eed55951704878016465d3dae00e0c28@%3Ccommits.tomee.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/r9c100d53c84d54cf71975e3f0cfcc2856a8846554a04c99390156ce4@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9c100d53c84d54cf71975e3f0cfcc2856a8846554a04c99390156ce4@%3Ccommits.tomee.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/raf352f95c19c0c4051af3180752cb69acbea88d0d066ab176c6170e8@%3Cuser.poi.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/raf352f95c19c0c4051af3180752cb69acbea88d0d066ab176c6170e8@%3Cuser.poi.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/rbbbac0759b12472abd0c278d32b5e0867bb21934df8e14e5e641597c@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rbbbac0759b12472abd0c278d32b5e0867bb21934df8e14e5e641597c@%3Ccommits.tomee.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/rbdac116aef912b563da54f4c152222c0754e32fb2f785519ac5e059f@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rbdac116aef912b563da54f4c152222c0754e32fb2f785519ac5e059f@%3Ccommits.tomee.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/re294cfc61f509512874ea514d8d64fd276253d54ac378ffa7a4880c8@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/re294cfc61f509512874ea514d8d64fd276253d54ac378ffa7a4880c8@%3Ccommits.tomee.apache.org%3E
13
reference_url https://lists.debian.org/debian-lts-announce/2021/09/msg00015.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/09/msg00015.html
14
reference_url https://security.netapp.com/advisory/ntap-20230818-0002
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20230818-0002
15
reference_url https://security.netapp.com/advisory/ntap-20230818-0002/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20230818-0002/
16
reference_url https://www.debian.org/security/2021/dsa-5010
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-5010
17
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2022.html
18
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2022.html
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2011190
reference_id 2011190
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2011190
20
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=994569
reference_id 994569
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=994569
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-40690
reference_id CVE-2021-40690
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-40690
22
reference_url https://github.com/advisories/GHSA-j8wc-gxx9-82hx
reference_id GHSA-j8wc-gxx9-82hx
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-j8wc-gxx9-82hx
23
reference_url https://access.redhat.com/errata/RHSA-2021:4679
reference_id RHSA-2021:4679
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4679
24
reference_url https://access.redhat.com/errata/RHSA-2021:5149
reference_id RHSA-2021:5149
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5149
25
reference_url https://access.redhat.com/errata/RHSA-2021:5150
reference_id RHSA-2021:5150
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5150
26
reference_url https://access.redhat.com/errata/RHSA-2021:5151
reference_id RHSA-2021:5151
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5151
27
reference_url https://access.redhat.com/errata/RHSA-2021:5154
reference_id RHSA-2021:5154
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5154
28
reference_url https://access.redhat.com/errata/RHSA-2021:5170
reference_id RHSA-2021:5170
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5170
29
reference_url https://access.redhat.com/errata/RHSA-2022:0146
reference_id RHSA-2022:0146
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0146
30
reference_url https://access.redhat.com/errata/RHSA-2022:0151
reference_id RHSA-2022:0151
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0151
31
reference_url https://access.redhat.com/errata/RHSA-2022:0152
reference_id RHSA-2022:0152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0152
32
reference_url https://access.redhat.com/errata/RHSA-2022:0155
reference_id RHSA-2022:0155
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0155
33
reference_url https://access.redhat.com/errata/RHSA-2022:0164
reference_id RHSA-2022:0164
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0164
34
reference_url https://access.redhat.com/errata/RHSA-2022:0501
reference_id RHSA-2022:0501
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0501
35
reference_url https://access.redhat.com/errata/RHSA-2022:1013
reference_id RHSA-2022:1013
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1013
36
reference_url https://access.redhat.com/errata/RHSA-2022:5532
reference_id RHSA-2022:5532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5532
37
reference_url https://access.redhat.com/errata/RHSA-2022:6407
reference_id RHSA-2022:6407
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6407
38
reference_url https://usn.ubuntu.com/5525-1/
reference_id USN-5525-1
reference_type
scores
url https://usn.ubuntu.com/5525-1/
fixed_packages
0
url pkg:maven/org.apache.cxf/cxf@3.4.5
purl pkg:maven/org.apache.cxf/cxf@3.4.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-xzs8-rbhd-mkbp
1
vulnerability VCID-y8up-mkx2-abcn
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf@3.4.5
aliases CVE-2021-40690, GHSA-j8wc-gxx9-82hx
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-46y3-rx34-pyc6
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf@3.4.5