Django REST framework
Api Root
Package List
Package Instance
Format
json
api
admin
Package Instance
Lookup for vulnerable packages by Package URL.
Purl
pkg:maven/org.springframework.security/spring-security-core@4.2.3.RELEASE
Type
maven
Namespace
org.springframework.security
Name
spring-security-core
Version
4.2.3.RELEASE
Qualifiers
Subpath
Is_vulnerable
true
Next_non_vulnerable_version
4.2.4
Latest_non_vulnerable_version
6.5.4
Affected_by_vulnerabilities
0
url
VCID-mqcm-hd3y-cka5
vulnerability_id
VCID-mqcm-hd3y-cka5
summary
references
0
reference_url
https://access.redhat.com/errata/RHSA-2018:2405
reference_id
reference_type
scores
url
https://access.redhat.com/errata/RHSA-2018:2405
1
reference_url
https://api.first.org/data/v1/epss?cve=CVE-2018-1199
reference_id
reference_type
scores
0
value
0.00846
scoring_system
epss
scoring_elements
0.75134
published_at
2026-05-30T12:55:00Z
url
https://api.first.org/data/v1/epss?cve=CVE-2018-1199
2
reference_url
https://github.com/spring-projects/spring-framework/commit/554662ebab87af97ba25d0c9f5449c7acda8df9c
reference_id
reference_type
scores
url
https://github.com/spring-projects/spring-framework/commit/554662ebab87af97ba25d0c9f5449c7acda8df9c
3
reference_url
https://github.com/spring-projects/spring-framework/commit/73a81f98d40eb6f5faa91aceb868db53fae2a94b
reference_id
reference_type
scores
url
https://github.com/spring-projects/spring-framework/commit/73a81f98d40eb6f5faa91aceb868db53fae2a94b
4
reference_url
https://github.com/spring-projects/spring-framework/commit/e6e6b8f4adcad99d133de97fcfac5ae5dd14153c
reference_id
reference_type
scores
url
https://github.com/spring-projects/spring-framework/commit/e6e6b8f4adcad99d133de97fcfac5ae5dd14153c
5
reference_url
https://github.com/spring-projects/spring-security/commit/0eef5b4b425ab42b9fa0fde1a3f36a37b92558f
reference_id
reference_type
scores
url
https://github.com/spring-projects/spring-security/commit/0eef5b4b425ab42b9fa0fde1a3f36a37b92558f
6
reference_url
https://github.com/spring-projects/spring-security/commit/65da28e4bf62f58fb130ba727cbbd621b44a36d
reference_id
reference_type
scores
url
https://github.com/spring-projects/spring-security/commit/65da28e4bf62f58fb130ba727cbbd621b44a36d
7
reference_url
https://github.com/spring-projects/spring-security/commit/cb8041ba67635edafcc934498ef82707157fd22
reference_id
reference_type
scores
url
https://github.com/spring-projects/spring-security/commit/cb8041ba67635edafcc934498ef82707157fd22
8
reference_url
https://lists.apache.org/thread.html/4ed49b103f64a0cecb38064f26cbf1389afc12124653da2d35166dbe@%3Cissues.activemq.apache.org%3E
reference_id
reference_type
scores
url
https://lists.apache.org/thread.html/4ed49b103f64a0cecb38064f26cbf1389afc12124653da2d35166dbe@%3Cissues.activemq.apache.org%3E
9
reference_url
https://lists.apache.org/thread.html/ab825fcade0b49becfa30235b3d54f4a51bb74ea96b6c9adb5d1378c@%3Cissues.activemq.apache.org%3E
reference_id
reference_type
scores
url
https://lists.apache.org/thread.html/ab825fcade0b49becfa30235b3d54f4a51bb74ea96b6c9adb5d1378c@%3Cissues.activemq.apache.org%3E
10
reference_url
https://lists.apache.org/thread.html/dcf8599b80e43a6b60482607adb76c64672772dc2d9209ae2170f369@%3Cissues.activemq.apache.org%3E
reference_id
reference_type
scores
url
https://lists.apache.org/thread.html/dcf8599b80e43a6b60482607adb76c64672772dc2d9209ae2170f369@%3Cissues.activemq.apache.org%3E
11
reference_url
https://www.oracle.com/security-alerts/cpujul2020.html
reference_id
reference_type
scores
url
https://www.oracle.com/security-alerts/cpujul2020.html
12
reference_url
https://nvd.nist.gov/vuln/detail/CVE-2018-1199
reference_id
CVE-2018-1199
reference_type
scores
url
https://nvd.nist.gov/vuln/detail/CVE-2018-1199
13
reference_url
https://pivotal.io/security/cve-2018-1199
reference_id
CVE-2018-1199
reference_type
scores
url
https://pivotal.io/security/cve-2018-1199
14
reference_url
https://github.com/advisories/GHSA-v596-fwhq-8x48
reference_id
GHSA-v596-fwhq-8x48
reference_type
scores
0
value
MODERATE
scoring_system
cvssv3.1_qr
scoring_elements
url
https://github.com/advisories/GHSA-v596-fwhq-8x48
fixed_packages
0
url
pkg:maven/org.springframework.security/spring-security-core@4.2.4
purl
pkg:maven/org.springframework.security/spring-security-core@4.2.4
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-core@4.2.4
1
url
pkg:maven/org.springframework.security/spring-security-core@4.2.4.RELEASE
purl
pkg:maven/org.springframework.security/spring-security-core@4.2.4.RELEASE
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-core@4.2.4.RELEASE
2
url
pkg:maven/org.springframework.security/spring-security-core@5.0.1
purl
pkg:maven/org.springframework.security/spring-security-core@5.0.1
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-core@5.0.1
3
url
pkg:maven/org.springframework.security/spring-security-core@5.0.1.RELEASE
purl
pkg:maven/org.springframework.security/spring-security-core@5.0.1.RELEASE
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-core@5.0.1.RELEASE
aliases
CVE-2018-1199, GHSA-v596-fwhq-8x48
risk_score
null
exploitability
null
weighted_severity
null
resource_url
http://public2.vulnerablecode.io/vulnerabilities/VCID-mqcm-hd3y-cka5
Fixing_vulnerabilities
0
url
VCID-yv65-r27g-qkdv
vulnerability_id
VCID-yv65-r27g-qkdv
summary
references
0
reference_url
https://api.first.org/data/v1/epss?cve=CVE-2017-4995
reference_id
reference_type
scores
0
value
0.00826
scoring_system
epss
scoring_elements
0.74778
published_at
2026-05-30T12:55:00Z
url
https://api.first.org/data/v1/epss?cve=CVE-2017-4995
1
reference_url
https://github.com/FasterXML/jackson-databind/commit/60d459cedcf079c6106ae7da2ac562bc32dcabe1
reference_id
reference_type
scores
url
https://github.com/FasterXML/jackson-databind/commit/60d459cedcf079c6106ae7da2ac562bc32dcabe1
2
reference_url
https://github.com/FasterXML/jackson-databind/commit/6ce32ffd18facac6abdbbf559c817b47fcb622c
reference_id
reference_type
scores
url
https://github.com/FasterXML/jackson-databind/commit/6ce32ffd18facac6abdbbf559c817b47fcb622c
3
reference_url
https://github.com/FasterXML/jackson-databind/issues/1599
reference_id
reference_type
scores
url
https://github.com/FasterXML/jackson-databind/issues/1599
4
reference_url
https://github.com/spring-projects/spring-security/commit/5dee8534cd1b92952d10cc56335b5d5856f48f3b
reference_id
reference_type
scores
url
https://github.com/spring-projects/spring-security/commit/5dee8534cd1b92952d10cc56335b5d5856f48f3b
5
reference_url
https://github.com/spring-projects/spring-security/commit/947d11f433b78294942cb5ea56e8aa5c3a0ca43
reference_id
reference_type
scores
url
https://github.com/spring-projects/spring-security/commit/947d11f433b78294942cb5ea56e8aa5c3a0ca43
6
reference_url
https://github.com/spring-projects/spring-security/issues/4370
reference_id
reference_type
scores
url
https://github.com/spring-projects/spring-security/issues/4370
7
reference_url
https://lists.apache.org/thread.html/4641ed8616ccc2c1fbddac2c3dc9900c96387bc226eaf0232d61909b@%3Ccommits.cassandra.apache.org%3E
reference_id
reference_type
scores
url
https://lists.apache.org/thread.html/4641ed8616ccc2c1fbddac2c3dc9900c96387bc226eaf0232d61909b@%3Ccommits.cassandra.apache.org%3E
8
reference_url
https://lists.apache.org/thread.html/r42ac3e39e6265db12d9fc6ae1cd4b5fea7aed9830dc6f6d58228fed7@%3Ccommits.cassandra.apache.org%3E
reference_id
reference_type
scores
url
https://lists.apache.org/thread.html/r42ac3e39e6265db12d9fc6ae1cd4b5fea7aed9830dc6f6d58228fed7@%3Ccommits.cassandra.apache.org%3E
9
reference_url
https://lists.apache.org/thread.html/rf7f87810c38dc9abf9f93989f76008f504cbf7c1a355214640b2d04c@%3Ccommits.cassandra.apache.org%3E
reference_id
reference_type
scores
url
https://lists.apache.org/thread.html/rf7f87810c38dc9abf9f93989f76008f504cbf7c1a355214640b2d04c@%3Ccommits.cassandra.apache.org%3E
10
reference_url
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-4995
reference_id
reference_type
scores
url
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-4995
11
reference_url
https://nvd.nist.gov/vuln/detail/CVE-2017-4995
reference_id
CVE-2017-4995
reference_type
scores
url
https://nvd.nist.gov/vuln/detail/CVE-2017-4995
12
reference_url
https://pivotal.io/security/cve-2017-4995
reference_id
CVE-2017-4995
reference_type
scores
url
https://pivotal.io/security/cve-2017-4995
13
reference_url
https://github.com/advisories/GHSA-vhrg-v3cv-p247
reference_id
GHSA-vhrg-v3cv-p247
reference_type
scores
0
value
HIGH
scoring_system
cvssv3.1_qr
scoring_elements
url
https://github.com/advisories/GHSA-vhrg-v3cv-p247
fixed_packages
0
url
pkg:maven/org.springframework.security/spring-security-core@4.2.3
purl
pkg:maven/org.springframework.security/spring-security-core@4.2.3
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-core@4.2.3
1
url
pkg:maven/org.springframework.security/spring-security-core@4.2.3.RELEASE
purl
pkg:maven/org.springframework.security/spring-security-core@4.2.3.RELEASE
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-mqcm-hd3y-cka5
resource_url
http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-core@4.2.3.RELEASE
2
url
pkg:maven/org.springframework.security/spring-security-core@5.0.0.M2
purl
pkg:maven/org.springframework.security/spring-security-core@5.0.0.M2
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-core@5.0.0.M2
aliases
CVE-2017-4995, GHSA-vhrg-v3cv-p247
risk_score
null
exploitability
null
weighted_severity
null
resource_url
http://public2.vulnerablecode.io/vulnerabilities/VCID-yv65-r27g-qkdv
Risk_score
null
Resource_url
http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-core@4.2.3.RELEASE
×
Create
None
×
Edit
None