Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:maven/org.springframework.security/spring-security-core@4.1.4.RELEASE

Type maven

Namespace org.springframework.security

Name spring-security-core

Version 4.1.4.RELEASE

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 4.1.5.RELEASE

Latest_non_vulnerable_version 7.0.5

Affected_by_vulnerabilities

url VCID-mqcm-hd3y-cka5

vulnerability_id VCID-mqcm-hd3y-cka5

summary

references

reference_url

https://access.redhat.com/errata/RHSA-2018:2405

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:2405

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-1199

reference_id

reference_type

scores

value	0.00846
scoring_system	epss
scoring_elements	0.75134
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-1199

reference_url

https://github.com/spring-projects/spring-framework/commit/554662ebab87af97ba25d0c9f5449c7acda8df9c

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/spring-projects/spring-framework/commit/554662ebab87af97ba25d0c9f5449c7acda8df9c

reference_url

https://github.com/spring-projects/spring-framework/commit/73a81f98d40eb6f5faa91aceb868db53fae2a94b

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/spring-projects/spring-framework/commit/73a81f98d40eb6f5faa91aceb868db53fae2a94b

reference_url

https://github.com/spring-projects/spring-framework/commit/e6e6b8f4adcad99d133de97fcfac5ae5dd14153c

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/spring-projects/spring-framework/commit/e6e6b8f4adcad99d133de97fcfac5ae5dd14153c

reference_url

https://github.com/spring-projects/spring-security/commit/0eef5b4b425ab42b9fa0fde1a3f36a37b92558f

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/spring-projects/spring-security/commit/0eef5b4b425ab42b9fa0fde1a3f36a37b92558f

reference_url

https://github.com/spring-projects/spring-security/commit/65da28e4bf62f58fb130ba727cbbd621b44a36d

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/spring-projects/spring-security/commit/65da28e4bf62f58fb130ba727cbbd621b44a36d

reference_url

https://github.com/spring-projects/spring-security/commit/cb8041ba67635edafcc934498ef82707157fd22

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/spring-projects/spring-security/commit/cb8041ba67635edafcc934498ef82707157fd22

reference_url

https://lists.apache.org/thread.html/4ed49b103f64a0cecb38064f26cbf1389afc12124653da2d35166dbe@%3Cissues.activemq.apache.org%3E

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/4ed49b103f64a0cecb38064f26cbf1389afc12124653da2d35166dbe@%3Cissues.activemq.apache.org%3E

reference_url

https://lists.apache.org/thread.html/ab825fcade0b49becfa30235b3d54f4a51bb74ea96b6c9adb5d1378c@%3Cissues.activemq.apache.org%3E

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/ab825fcade0b49becfa30235b3d54f4a51bb74ea96b6c9adb5d1378c@%3Cissues.activemq.apache.org%3E

reference_url

https://lists.apache.org/thread.html/dcf8599b80e43a6b60482607adb76c64672772dc2d9209ae2170f369@%3Cissues.activemq.apache.org%3E

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/dcf8599b80e43a6b60482607adb76c64672772dc2d9209ae2170f369@%3Cissues.activemq.apache.org%3E

reference_url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890001
reference_id	890001
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890001

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-1199

reference_id

CVE-2018-1199

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-1199

reference_url

https://pivotal.io/security/cve-2018-1199

reference_id

CVE-2018-1199

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://pivotal.io/security/cve-2018-1199

reference_url

https://github.com/advisories/GHSA-v596-fwhq-8x48

reference_id

GHSA-v596-fwhq-8x48

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-v596-fwhq-8x48

fixed_packages

url pkg:maven/org.springframework.security/spring-security-core@4.1.5

purl pkg:maven/org.springframework.security/spring-security-core@4.1.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jfxp-d5zq-3kez

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-core@4.1.5

url	pkg:maven/org.springframework.security/spring-security-core@4.1.5.RELEASE
purl	pkg:maven/org.springframework.security/spring-security-core@4.1.5.RELEASE
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-core@4.1.5.RELEASE

url	pkg:maven/org.springframework.security/spring-security-core@4.2.4
purl	pkg:maven/org.springframework.security/spring-security-core@4.2.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-core@4.2.4

url pkg:maven/org.springframework.security/spring-security-core@4.2.4.RELEASE

purl pkg:maven/org.springframework.security/spring-security-core@4.2.4.RELEASE

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-p649-29wu-syh9

vulnerability	VCID-rg5c-bu77-bkha

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-core@4.2.4.RELEASE

url	pkg:maven/org.springframework.security/spring-security-core@5.0.1
purl	pkg:maven/org.springframework.security/spring-security-core@5.0.1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-core@5.0.1

url pkg:maven/org.springframework.security/spring-security-core@5.0.1.RELEASE

purl pkg:maven/org.springframework.security/spring-security-core@5.0.1.RELEASE

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-rg5c-bu77-bkha

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-core@5.0.1.RELEASE

aliases CVE-2018-1199, GHSA-v596-fwhq-8x48

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mqcm-hd3y-cka5

Fixing_vulnerabilities

url VCID-z6n9-bp24-vkgh

vulnerability_id VCID-z6n9-bp24-vkgh

summary

references

reference_url

https://access.redhat.com/errata/RHSA-2017:1832

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2017:1832

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-9879

reference_id

reference_type

scores

value	0.00322
scoring_system	epss
scoring_elements	0.55525
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-9879

reference_url	https://github.com/spring-projects/spring-security/commit/666e356ebc479194ba51e43bb99fc42f849b6175
reference_id
reference_type
scores
url	https://github.com/spring-projects/spring-security/commit/666e356ebc479194ba51e43bb99fc42f849b6175

reference_url

http://www.securityfocus.com/bid/95142

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.securityfocus.com/bid/95142

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-9879

reference_id

CVE-2016-9879

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2016-9879

reference_url

https://pivotal.io/security/cve-2016-9879

reference_id

CVE-2016-9879

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://pivotal.io/security/cve-2016-9879

reference_url

https://github.com/advisories/GHSA-v35c-49j6-q8hq

reference_id

GHSA-v35c-49j6-q8hq

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-v35c-49j6-q8hq

fixed_packages

url pkg:maven/org.springframework.security/spring-security-core@3.2.10.RELEASE

purl pkg:maven/org.springframework.security/spring-security-core@3.2.10.RELEASE

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-z75k-8ntp-bqh9

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-core@3.2.10.RELEASE

url pkg:maven/org.springframework.security/spring-security-core@4.1.4.RELEASE

purl pkg:maven/org.springframework.security/spring-security-core@4.1.4.RELEASE

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-mqcm-hd3y-cka5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-core@4.1.4.RELEASE

url pkg:maven/org.springframework.security/spring-security-core@4.2.1.RELEASE

purl pkg:maven/org.springframework.security/spring-security-core@4.2.1.RELEASE

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-mqcm-hd3y-cka5

vulnerability	VCID-p649-29wu-syh9

vulnerability	VCID-rg5c-bu77-bkha

vulnerability	VCID-yv65-r27g-qkdv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-core@4.2.1.RELEASE

aliases CVE-2016-9879, GHSA-v35c-49j6-q8hq

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z6n9-bp24-vkgh

Risk_score 3.1

Resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-core@4.1.4.RELEASE

Package Instance