Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:maven/org.jboss.resteasy/resteasy-core@4.3.1.Final

Type maven

Namespace org.jboss.resteasy

Name resteasy-core

Version 4.3.1.Final

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 4.7.8.Final

Latest_non_vulnerable_version 6.2.3.Final

Affected_by_vulnerabilities

url VCID-2jdr-zvyh-vbdq

vulnerability_id VCID-2jdr-zvyh-vbdq

summary

Cross-site Scripting
A reflected Cross-Site Scripting (XSS) flaw was found in RESTEasy. It does not properly handle URL encoding when calling `@javax.ws.rs.PathParam` without any `@Produces` MediaType. This flaw allows an attacker to launch a reflected XSS attack. The highest threat from this vulnerability is to data confidentiality and integrity.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20293.json

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20293.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-20293

reference_id

reference_type

scores

value	0.00113
scoring_system	epss
scoring_elements	0.29481
published_at	2026-06-04T12:55:00Z

value	0.00113
scoring_system	epss
scoring_elements	0.29511
published_at	2026-06-06T12:55:00Z

value	0.00113
scoring_system	epss
scoring_elements	0.29549
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-20293

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1942819

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1942819

reference_url

https://security.netapp.com/advisory/ntap-20210727-0005

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20210727-0005

reference_url	https://security.netapp.com/advisory/ntap-20210727-0005/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20210727-0005/

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-20293

reference_id

CVE-2021-20293

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-20293

reference_url

https://github.com/advisories/GHSA-5h26-c766-g93v

reference_id

GHSA-5h26-c766-g93v

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-5h26-c766-g93v

reference_url	https://access.redhat.com/errata/RHSA-2021:4100
reference_id	RHSA-2021:4100
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4100

reference_url	https://access.redhat.com/errata/RHSA-2022:1029
reference_id	RHSA-2022:1029
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1029

fixed_packages

url pkg:maven/org.jboss.resteasy/resteasy-core@4.6.1.Alpha1

purl pkg:maven/org.jboss.resteasy/resteasy-core@4.6.1.Alpha1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-df6d-zkkc-nug5

vulnerability	VCID-ka7b-vp4z-d7bu

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.resteasy/resteasy-core@4.6.1.Alpha1

url	pkg:maven/org.jboss.resteasy/resteasy-core@4.6.1
purl	pkg:maven/org.jboss.resteasy/resteasy-core@4.6.1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.resteasy/resteasy-core@4.6.1

aliases CVE-2021-20293, GHSA-5h26-c766-g93v

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2jdr-zvyh-vbdq

url VCID-3kmc-qxkn-xuhg

vulnerability_id VCID-3kmc-qxkn-xuhg

summary

Uncontrolled Resource Consumption
A vulnerability was found in RESTEasy, where RootNode incorrectly caches routes. This issue results in hash flooding, leading to slower requests with higher CPU time spent searching and adding the entry. This flaw allows an attacker to cause a denial of service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14326.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14326.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-14326

reference_id

reference_type

scores

value	0.00384
scoring_system	epss
scoring_elements	0.60056
published_at	2026-06-06T12:55:00Z

value	0.00384
scoring_system	epss
scoring_elements	0.60006
published_at	2026-06-04T12:55:00Z

value	0.00384
scoring_system	epss
scoring_elements	0.60053
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-14326

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1855826

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1855826

reference_url

https://github.com/resteasy/Resteasy

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/resteasy/Resteasy

reference_url

https://github.com/resteasy/Resteasy/pull/2471

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/resteasy/Resteasy/pull/2471

reference_url

https://security.netapp.com/advisory/ntap-20210713-0001

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20210713-0001

reference_url	https://security.netapp.com/advisory/ntap-20210713-0001/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20210713-0001/

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-14326

reference_id

CVE-2020-14326

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-14326

reference_url

https://github.com/advisories/GHSA-37g7-8vjj-pjpj

reference_id

GHSA-37g7-8vjj-pjpj

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-37g7-8vjj-pjpj

reference_url	https://access.redhat.com/errata/RHSA-2020:3248
reference_id	RHSA-2020:3248
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3248

reference_url	https://access.redhat.com/errata/RHSA-2020:5568
reference_id	RHSA-2020:5568
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5568

reference_url	https://access.redhat.com/errata/RHSA-2021:4767
reference_id	RHSA-2021:4767
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4767

reference_url	https://access.redhat.com/errata/RHSA-2021:4918
reference_id	RHSA-2021:4918
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4918

fixed_packages

url pkg:maven/org.jboss.resteasy/resteasy-core@4.5.6.Final

purl pkg:maven/org.jboss.resteasy/resteasy-core@4.5.6.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2jdr-zvyh-vbdq

vulnerability	VCID-df6d-zkkc-nug5

vulnerability	VCID-ka7b-vp4z-d7bu

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.resteasy/resteasy-core@4.5.6.Final

aliases CVE-2020-14326, GHSA-37g7-8vjj-pjpj

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3kmc-qxkn-xuhg

url VCID-hajw-3aw9-tkff

vulnerability_id VCID-hajw-3aw9-tkff

summary

Cross-site Scripting
A cross-site scripting (XSS) flaw was found in RESTEasy where it does not properly handle URL encoding when the `RESTEASY003870` exception occurs. An attacker could use this flaw to launch a reflected XSS attack.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10688.json

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10688.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-10688

reference_id

reference_type

scores

value	0.00344
scoring_system	epss
scoring_elements	0.57292
published_at	2026-06-06T12:55:00Z

value	0.00344
scoring_system	epss
scoring_elements	0.57285
published_at	2026-06-05T12:55:00Z

value	0.00344
scoring_system	epss
scoring_elements	0.57233
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-10688

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1814974

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1814974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10688
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10688

reference_url

https://github.com/quarkusio/quarkus/issues/7248

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/quarkusio/quarkus/issues/7248

reference_url

https://issues.redhat.com/browse/RESTEASY-2519

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://issues.redhat.com/browse/RESTEASY-2519

reference_url

https://security.netapp.com/advisory/ntap-20210706-0008

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20210706-0008

reference_url	https://security.netapp.com/advisory/ntap-20210706-0008/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20210706-0008/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015001
reference_id	1015001
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015001

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970328
reference_id	970328
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970328

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-10688

reference_id

CVE-2020-10688

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-10688

reference_url

https://github.com/advisories/GHSA-29qj-rvv6-qrmv

reference_id

GHSA-29qj-rvv6-qrmv

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-29qj-rvv6-qrmv

reference_url	https://access.redhat.com/errata/RHSA-2020:2333
reference_id	RHSA-2020:2333
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2333

reference_url	https://access.redhat.com/errata/RHSA-2020:2511
reference_id	RHSA-2020:2511
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2511

reference_url	https://access.redhat.com/errata/RHSA-2020:2512
reference_id	RHSA-2020:2512
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2512

reference_url	https://access.redhat.com/errata/RHSA-2020:2513
reference_id	RHSA-2020:2513
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2513

reference_url	https://access.redhat.com/errata/RHSA-2020:2515
reference_id	RHSA-2020:2515
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2515

reference_url	https://access.redhat.com/errata/RHSA-2020:2905
reference_id	RHSA-2020:2905
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2905

reference_url	https://access.redhat.com/errata/RHSA-2020:3806
reference_id	RHSA-2020:3806
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3806

reference_url	https://access.redhat.com/errata/RHSA-2021:3140
reference_id	RHSA-2021:3140
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3140

reference_url	https://usn.ubuntu.com/7351-1/
reference_id	USN-7351-1
reference_type
scores
url	https://usn.ubuntu.com/7351-1/

reference_url	https://usn.ubuntu.com/7630-1/
reference_id	USN-7630-1
reference_type
scores
url	https://usn.ubuntu.com/7630-1/

fixed_packages

url pkg:maven/org.jboss.resteasy/resteasy-core@4.5.3.Final

purl pkg:maven/org.jboss.resteasy/resteasy-core@4.5.3.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2jdr-zvyh-vbdq

vulnerability	VCID-3kmc-qxkn-xuhg

vulnerability	VCID-df6d-zkkc-nug5

vulnerability	VCID-ka7b-vp4z-d7bu

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.resteasy/resteasy-core@4.5.3.Final

aliases CVE-2020-10688, GHSA-29qj-rvv6-qrmv

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hajw-3aw9-tkff

url VCID-ka7b-vp4z-d7bu

vulnerability_id VCID-ka7b-vp4z-d7bu

summary

Insecure Temporary File in RESTEasy
In RESTEasy the insecure File.createTempFile() is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0482.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0482.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-0482

reference_id

reference_type

scores

value	0.0005
scoring_system	epss
scoring_elements	0.16028
published_at	2026-06-06T12:55:00Z

value	0.0005
scoring_system	epss
scoring_elements	0.16037
published_at	2026-06-05T12:55:00Z

value	0.0005
scoring_system	epss
scoring_elements	0.15953
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-0482

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0482
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0482

reference_url

https://github.com/orgs/resteasy/discussions/3415

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/orgs/resteasy/discussions/3415

reference_url

https://github.com/orgs/resteasy/discussions/3504

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/orgs/resteasy/discussions/3504

reference_url

https://github.com/orgs/resteasy/discussions/3506

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/orgs/resteasy/discussions/3506

reference_url

https://github.com/resteasy/resteasy

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/resteasy/resteasy

reference_url

https://github.com/resteasy/Resteasy

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/resteasy/Resteasy

reference_url

https://github.com/resteasy/resteasy/pull/3409

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/resteasy/resteasy/pull/3409

reference_url

https://github.com/resteasy/resteasy/pull/3409/commits/807d7456f2137cde8ef7c316707211bf4e542d56

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:02:39Z/

url

https://github.com/resteasy/resteasy/pull/3409/commits/807d7456f2137cde8ef7c316707211bf4e542d56

reference_url

https://github.com/resteasy/resteasy/pull/3410

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/resteasy/resteasy/pull/3410

reference_url

https://github.com/resteasy/resteasy/pull/3412

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/resteasy/resteasy/pull/3412

reference_url

https://github.com/resteasy/resteasy/pull/3413

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/resteasy/resteasy/pull/3413

reference_url

https://github.com/resteasy/resteasy/pull/3423

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/resteasy/resteasy/pull/3423

reference_url

https://github.com/resteasy/resteasy/security/advisories/GHSA-2c6g-pfx3-w7h8

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/resteasy/resteasy/security/advisories/GHSA-2c6g-pfx3-w7h8

reference_url

https://issues.redhat.com/browse/RESTEASY-3286

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://issues.redhat.com/browse/RESTEASY-3286

reference_url

https://security.netapp.com/advisory/ntap-20230427-0001

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20230427-0001

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031728
reference_id	1031728
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031728

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031729
reference_id	1031729
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031729

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2166004

reference_id

2166004

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=2166004

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-0482

reference_id

CVE-2023-0482

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-0482

reference_url

https://github.com/advisories/GHSA-jrmh-v64j-mjm9

reference_id

GHSA-jrmh-v64j-mjm9

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-jrmh-v64j-mjm9

reference_url

https://security.netapp.com/advisory/ntap-20230427-0001/

reference_id

ntap-20230427-0001

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:02:39Z/

url

https://security.netapp.com/advisory/ntap-20230427-0001/

reference_url	https://access.redhat.com/errata/RHSA-2023:2705
reference_id	RHSA-2023:2705
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2705

reference_url	https://access.redhat.com/errata/RHSA-2023:2706
reference_id	RHSA-2023:2706
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2706

reference_url	https://access.redhat.com/errata/RHSA-2023:2707
reference_id	RHSA-2023:2707
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2707

reference_url	https://access.redhat.com/errata/RHSA-2023:2710
reference_id	RHSA-2023:2710
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2710

reference_url	https://access.redhat.com/errata/RHSA-2023:2713
reference_id	RHSA-2023:2713
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2713

reference_url	https://access.redhat.com/errata/RHSA-2023:3185
reference_id	RHSA-2023:3185
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3185

reference_url	https://access.redhat.com/errata/RHSA-2023:4983
reference_id	RHSA-2023:4983
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4983

reference_url	https://access.redhat.com/errata/RHSA-2023:5165
reference_id	RHSA-2023:5165
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5165

reference_url	https://access.redhat.com/errata/RHSA-2023:6305
reference_id	RHSA-2023:6305
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6305

reference_url	https://usn.ubuntu.com/7351-1/
reference_id	USN-7351-1
reference_type
scores
url	https://usn.ubuntu.com/7351-1/

reference_url	https://usn.ubuntu.com/7630-1/
reference_id	USN-7630-1
reference_type
scores
url	https://usn.ubuntu.com/7630-1/

fixed_packages

url	pkg:maven/org.jboss.resteasy/resteasy-core@4.7.8.Final
purl	pkg:maven/org.jboss.resteasy/resteasy-core@4.7.8.Final
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.resteasy/resteasy-core@4.7.8.Final

url	pkg:maven/org.jboss.resteasy/resteasy-core@5.0.6.Final
purl	pkg:maven/org.jboss.resteasy/resteasy-core@5.0.6.Final
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.resteasy/resteasy-core@5.0.6.Final

url	pkg:maven/org.jboss.resteasy/resteasy-core@6.2.3.Final
purl	pkg:maven/org.jboss.resteasy/resteasy-core@6.2.3.Final
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.resteasy/resteasy-core@6.2.3.Final

aliases CVE-2023-0482, GHSA-2c6g-pfx3-w7h8, GHSA-jrmh-v64j-mjm9

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ka7b-vp4z-d7bu

Fixing_vulnerabilities

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.resteasy/resteasy-core@4.3.1.Final

Package Instance