Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.avro/avro@1.11.4
Typemaven
Namespaceorg.apache.avro
Nameavro
Version1.11.4
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1.11.5
Latest_non_vulnerable_version1.12.1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-agjx-5whj-dyac
vulnerability_id VCID-agjx-5whj-dyac
summary 
Apache Avro Java SDK: Arbitrary Code Execution when reading Avro Data (Java SDK)
Schema parsing in the Java SDK of Apache Avro 1.11.3 and previous versions allows bad actors to execute arbitrary code.
Users are recommended to upgrade to version 1.11.4 or 1.12.0, which fix this issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47561.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47561.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-47561
reference_id
reference_type
scores
0
value 0.00747
scoring_system epss
scoring_elements 0.73128
published_at 2026-04-18T12:55:00Z
1
value 0.00747
scoring_system epss
scoring_elements 0.73118
published_at 2026-04-16T12:55:00Z
2
value 0.00747
scoring_system epss
scoring_elements 0.73032
published_at 2026-04-02T12:55:00Z
3
value 0.00747
scoring_system epss
scoring_elements 0.73052
published_at 2026-04-04T12:55:00Z
4
value 0.00747
scoring_system epss
scoring_elements 0.73075
published_at 2026-04-13T12:55:00Z
5
value 0.00747
scoring_system epss
scoring_elements 0.73081
published_at 2026-04-12T12:55:00Z
6
value 0.00747
scoring_system epss
scoring_elements 0.73102
published_at 2026-04-11T12:55:00Z
7
value 0.00747
scoring_system epss
scoring_elements 0.73027
published_at 2026-04-07T12:55:00Z
8
value 0.00747
scoring_system epss
scoring_elements 0.73077
published_at 2026-04-09T12:55:00Z
9
value 0.00747
scoring_system epss
scoring_elements 0.73064
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-47561
2
reference_url https://github.com/apache/avro
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/avro
3
reference_url https://github.com/apache/avro/commit/8f89868d29272e3afea2ff8de8c85cb81a57d900
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/avro/commit/8f89868d29272e3afea2ff8de8c85cb81a57d900
4
reference_url https://github.com/apache/avro/commit/f6b3bd7e50e6e09fedddb98c61558c022ba31285
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/avro/commit/f6b3bd7e50e6e09fedddb98c61558c022ba31285
5
reference_url https://github.com/apache/avro/pull/2934
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/avro/pull/2934
6
reference_url https://github.com/apache/avro/pull/2980
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/avro/pull/2980
7
reference_url https://issues.apache.org/jira/browse/AVRO-3985
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/AVRO-3985
8
reference_url https://lists.apache.org/thread/c2v7mhqnmq0jmbwxqq3r5jbj1xg43h5x
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
4
value CRITICAL
scoring_system generic_textual
scoring_elements
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T18:53:44Z/
url https://lists.apache.org/thread/c2v7mhqnmq0jmbwxqq3r5jbj1xg43h5x
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-47561
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-47561
10
reference_url https://security.netapp.com/advisory/ntap-20241011-0003
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20241011-0003
11
reference_url https://thehackernews.com/2024/10/critical-apache-avro-sdk-flaw-allows.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://thehackernews.com/2024/10/critical-apache-avro-sdk-flaw-allows.html
12
reference_url https://www.openwall.com/lists/oss-security/2024/10/03/1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.openwall.com/lists/oss-security/2024/10/03/1
13
reference_url http://www.openwall.com/lists/oss-security/2024/10/03/1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2024/10/03/1
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2316116
reference_id 2316116
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2316116
15
reference_url https://github.com/advisories/GHSA-r7pg-v2c8-mfg3
reference_id GHSA-r7pg-v2c8-mfg3
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r7pg-v2c8-mfg3
16
reference_url https://access.redhat.com/errata/RHSA-2024:7670
reference_id RHSA-2024:7670
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7670
17
reference_url https://access.redhat.com/errata/RHSA-2024:7676
reference_id RHSA-2024:7676
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7676
18
reference_url https://access.redhat.com/errata/RHSA-2024:7811
reference_id RHSA-2024:7811
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7811
19
reference_url https://access.redhat.com/errata/RHSA-2024:7812
reference_id RHSA-2024:7812
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7812
20
reference_url https://access.redhat.com/errata/RHSA-2024:7861
reference_id RHSA-2024:7861
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7861
21
reference_url https://access.redhat.com/errata/RHSA-2024:7972
reference_id RHSA-2024:7972
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7972
22
reference_url https://access.redhat.com/errata/RHSA-2024:8064
reference_id RHSA-2024:8064
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8064
23
reference_url https://access.redhat.com/errata/RHSA-2024:8093
reference_id RHSA-2024:8093
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8093
24
reference_url https://access.redhat.com/errata/RHSA-2024:8339
reference_id RHSA-2024:8339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8339
fixed_packages
0
url pkg:maven/org.apache.avro/avro@1.11.4
purl pkg:maven/org.apache.avro/avro@1.11.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.avro/avro@1.11.4
aliases CVE-2024-47561, GHSA-r7pg-v2c8-mfg3
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-agjx-5whj-dyac
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.avro/avro@1.11.4