Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:maven/org.jgroups/jgroups@3.3.2.Final

Type maven

Namespace org.jgroups

Name jgroups

Version 3.3.2.Final

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 4.0

Latest_non_vulnerable_version 4.0

Affected_by_vulnerabilities

url VCID-s3zg-vjk7-kkdg

vulnerability_id VCID-s3zg-vjk7-kkdg

summary

Authentication via cached credentials
The `DiagnosticsHandler` in this package allows remote attackers to obtain sensitive information (diagnostic information) and execute arbitrary code by reusing valid credentials.

references

reference_url

http://rhn.redhat.com/errata/RHSA-2013-1207.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2013-1207.html

reference_url

http://rhn.redhat.com/errata/RHSA-2013-1208.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2013-1208.html

reference_url

http://rhn.redhat.com/errata/RHSA-2013-1209.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2013-1209.html

reference_url

http://rhn.redhat.com/errata/RHSA-2013-1437.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2013-1437.html

reference_url

http://rhn.redhat.com/errata/RHSA-2013-1771.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2013-1771.html

reference_url

http://rhn.redhat.com/errata/RHSA-2014-0029.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2014-0029.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4112.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4112.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-4112

reference_id

reference_type

scores

value	0.01302
scoring_system	epss
scoring_elements	0.80087
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-4112

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=983489

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=983489

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2013-4112

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2013-4112

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=717031
reference_id	717031
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=717031

reference_url	https://bugzilla.redhat.com/CVE-2013-4112
reference_id	CVE-2013-4112
reference_type
scores
url	https://bugzilla.redhat.com/CVE-2013-4112

reference_url	https://access.redhat.com/errata/RHSA-2013:1207
reference_id	RHSA-2013:1207
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1207

reference_url	https://access.redhat.com/errata/RHSA-2013:1208
reference_id	RHSA-2013:1208
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1208

reference_url	https://access.redhat.com/errata/RHSA-2013:1209
reference_id	RHSA-2013:1209
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1209

reference_url	https://access.redhat.com/errata/RHSA-2013:1437
reference_id	RHSA-2013:1437
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1437

reference_url	https://access.redhat.com/errata/RHSA-2013:1771
reference_id	RHSA-2013:1771
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1771

reference_url	https://access.redhat.com/errata/RHSA-2014:0029
reference_id	RHSA-2014:0029
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0029

fixed_packages

url pkg:maven/org.jgroups/jgroups@3.3.3.Final

purl pkg:maven/org.jgroups/jgroups@3.3.3.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-uwtw-5dcf-ufbm

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jgroups/jgroups@3.3.3.Final

aliases CVE-2013-4112, GHSA-cc62-496p-hrr7

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s3zg-vjk7-kkdg

url VCID-uwtw-5dcf-ufbm

vulnerability_id VCID-uwtw-5dcf-ufbm

summary

Authorization bypass in JGroups
JGroups does not require the proper headers for the ENCRYPT and AUTH protocols from nodes joining the cluster, which allows remote attackers to bypass security restrictions and send and receive messages within the cluster via unspecified vectors.

references

reference_url

http://rhn.redhat.com/errata/RHSA-2016-1435.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2016-1435.html

reference_url

http://rhn.redhat.com/errata/RHSA-2016-1439.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2016-1439.html

reference_url

http://rhn.redhat.com/errata/RHSA-2016-2035.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2016-2035.html

reference_url

https://access.redhat.com/errata/RHSA-2016:1345

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2016:1345

reference_url

https://access.redhat.com/errata/RHSA-2016:1346

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2016:1346

reference_url

https://access.redhat.com/errata/RHSA-2016:1347

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2016:1347

reference_url

https://access.redhat.com/errata/RHSA-2016:1374

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2016:1374

reference_url

https://access.redhat.com/errata/RHSA-2016:1376

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2016:1376

reference_url

https://access.redhat.com/errata/RHSA-2016:1389

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2016:1389

reference_url

https://access.redhat.com/errata/RHSA-2016:1432

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2016:1432

reference_url

https://access.redhat.com/errata/RHSA-2016:1433

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2016:1433

reference_url

https://access.redhat.com/errata/RHSA-2016:1434

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2016:1434

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2141.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2141.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2141

reference_id

reference_type

scores

value	0.02326
scoring_system	epss
scoring_elements	0.85111
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2141

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1313589
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1313589

reference_url

https://github.com/belaban/JGroups

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/belaban/JGroups

reference_url	https://github.com/belaban/JGroups/commit/38a882331035ffed205d15a5c92b471fd09659c
reference_id
reference_type
scores
url	https://github.com/belaban/JGroups/commit/38a882331035ffed205d15a5c92b471fd09659c

reference_url	https://github.com/belaban/JGroups/commit/c3ad22234ef84d06d04d908b3c94c0d11df8afd
reference_id
reference_type
scores
url	https://github.com/belaban/JGroups/commit/c3ad22234ef84d06d04d908b3c94c0d11df8afd

reference_url

https://github.com/belaban/JGroups/commit/eeaf5241cce464ef21a2dfc4938729ade9ebef36

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/belaban/JGroups/commit/eeaf5241cce464ef21a2dfc4938729ade9ebef36

reference_url	https://github.com/belaban/JGroups/commit/fba182c14075789e1d2c976d50d9018c671ad0b
reference_id
reference_type
scores
url	https://github.com/belaban/JGroups/commit/fba182c14075789e1d2c976d50d9018c671ad0b

reference_url

https://issues.jboss.org/browse/JGRP-2021

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://issues.jboss.org/browse/JGRP-2021

reference_url

https://issues.redhat.com/browse/JGRP-2055

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://issues.redhat.com/browse/JGRP-2055

reference_url

https://issues.redhat.com/browse/JGRP-2074

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://issues.redhat.com/browse/JGRP-2074

reference_url

https://lists.apache.org/thread.html/ra18cac97416abc2958db0b107877c31da28d884fa6e70fd89c87384a@%3Cdev.geode.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/ra18cac97416abc2958db0b107877c31da28d884fa6e70fd89c87384a@%3Cdev.geode.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rb37cc937d4fc026fb56de4b4ec0d054aa4083c1a4edd0d8360c068a0@%3Cdev.geode.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rb37cc937d4fc026fb56de4b4ec0d054aa4083c1a4edd0d8360c068a0@%3Cdev.geode.apache.org%3E

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2141

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2141

reference_url

https://rhn.redhat.com/errata/RHSA-2016-1328.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://rhn.redhat.com/errata/RHSA-2016-1328.html

reference_url

https://rhn.redhat.com/errata/RHSA-2016-1329.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://rhn.redhat.com/errata/RHSA-2016-1329.html

reference_url

https://rhn.redhat.com/errata/RHSA-2016-1330.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://rhn.redhat.com/errata/RHSA-2016-1330.html

reference_url

https://rhn.redhat.com/errata/RHSA-2016-1331.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://rhn.redhat.com/errata/RHSA-2016-1331.html

reference_url

https://rhn.redhat.com/errata/RHSA-2016-1332.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://rhn.redhat.com/errata/RHSA-2016-1332.html

reference_url

https://rhn.redhat.com/errata/RHSA-2016-1333.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://rhn.redhat.com/errata/RHSA-2016-1333.html

reference_url

https://rhn.redhat.com/errata/RHSA-2016-1334.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://rhn.redhat.com/errata/RHSA-2016-1334.html

reference_url

https://web.archive.org/web/20161013163606/http://www.securityfocus.com/bid/91481

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20161013163606/http://www.securityfocus.com/bid/91481

reference_url

https://web.archive.org/web/20201207092245/http://www.securitytracker.com/id/1036165

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20201207092245/http://www.securitytracker.com/id/1036165

reference_url

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867493
reference_id	867493
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867493

reference_url	https://access.redhat.com/errata/RHSA-2016:1328
reference_id	RHSA-2016:1328
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1328

reference_url	https://access.redhat.com/errata/RHSA-2016:1329
reference_id	RHSA-2016:1329
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1329

reference_url	https://access.redhat.com/errata/RHSA-2016:1330
reference_id	RHSA-2016:1330
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1330

reference_url	https://access.redhat.com/errata/RHSA-2016:1331
reference_id	RHSA-2016:1331
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1331

reference_url	https://access.redhat.com/errata/RHSA-2016:1332
reference_id	RHSA-2016:1332
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1332

reference_url	https://access.redhat.com/errata/RHSA-2016:1333
reference_id	RHSA-2016:1333
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1333

reference_url	https://access.redhat.com/errata/RHSA-2016:1334
reference_id	RHSA-2016:1334
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1334

reference_url	https://access.redhat.com/errata/RHSA-2016:1435
reference_id	RHSA-2016:1435
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1435

reference_url	https://access.redhat.com/errata/RHSA-2016:1439
reference_id	RHSA-2016:1439
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1439

reference_url	https://access.redhat.com/errata/RHSA-2016:2035
reference_id	RHSA-2016:2035
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2035

fixed_packages

url	pkg:maven/org.jgroups/jgroups@4.0.0.Final
purl	pkg:maven/org.jgroups/jgroups@4.0.0.Final
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.jgroups/jgroups@4.0.0.Final

url pkg:maven/org.jgroups/jgroups@3.6.10.Final

purl pkg:maven/org.jgroups/jgroups@3.6.10.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-uwtw-5dcf-ufbm

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jgroups/jgroups@3.6.10.Final

url	pkg:maven/org.jgroups/jgroups@4.0
purl	pkg:maven/org.jgroups/jgroups@4.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.jgroups/jgroups@4.0

aliases CVE-2016-2141, GHSA-rc7h-x6cq-988q

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uwtw-5dcf-ufbm

Fixing_vulnerabilities

Risk_score 3.1

Resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jgroups/jgroups@3.3.2.Final

Package Instance