Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.cxf/cxf@3.4.10
Typemaven
Namespaceorg.apache.cxf
Namecxf
Version3.4.10
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version3.4.10
Latest_non_vulnerable_version3.5.5
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-3884-4stp-e7fz
vulnerability_id VCID-3884-4stp-e7fz
summary CXF: directory listing / code exfiltration
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46363.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46363.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-46363
reference_id
reference_type
scores
0
value 0.00121
scoring_system epss
scoring_elements 0.30683
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-46363
2
reference_url https://github.com/apache/cxf
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/cxf
3
reference_url https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T02:50:18Z/
url https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-46363
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-46363
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2155681
reference_id 2155681
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2155681
6
reference_url https://github.com/advisories/GHSA-3w37-5p3p-jv92
reference_id GHSA-3w37-5p3p-jv92
reference_type
scores
url https://github.com/advisories/GHSA-3w37-5p3p-jv92
7
reference_url https://access.redhat.com/errata/RHSA-2023:0483
reference_id RHSA-2023:0483
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0483
8
reference_url https://access.redhat.com/errata/RHSA-2023:0544
reference_id RHSA-2023:0544
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0544
9
reference_url https://access.redhat.com/errata/RHSA-2023:0556
reference_id RHSA-2023:0556
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0556
10
reference_url https://access.redhat.com/errata/RHSA-2023:3641
reference_id RHSA-2023:3641
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3641
11
reference_url https://access.redhat.com/errata/RHSA-2025:1746
reference_id RHSA-2025:1746
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1746
12
reference_url https://access.redhat.com/errata/RHSA-2025:1747
reference_id RHSA-2025:1747
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1747
fixed_packages
0
url pkg:maven/org.apache.cxf/cxf@3.4.10
purl pkg:maven/org.apache.cxf/cxf@3.4.10
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf@3.4.10
1
url pkg:maven/org.apache.cxf/cxf@3.5.5
purl pkg:maven/org.apache.cxf/cxf@3.5.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf@3.5.5
aliases CVE-2022-46363, GHSA-3w37-5p3p-jv92
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3884-4stp-e7fz
1
url VCID-yzgu-3jyh-cfeg
vulnerability_id VCID-yzgu-3jyh-cfeg
summary CXF: SSRF Vulnerability
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46364.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46364.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-46364
reference_id
reference_type
scores
0
value 0.0009
scoring_system epss
scoring_elements 0.25548
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-46364
2
reference_url https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1&modificationDate=1670944472739&api=v2
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-22T02:48:12Z/
url https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1&modificationDate=1670944472739&api=v2
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-46364
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-46364
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2155682
reference_id 2155682
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2155682
5
reference_url https://github.com/advisories/GHSA-x3x3-qwjq-8gj4
reference_id GHSA-x3x3-qwjq-8gj4
reference_type
scores
url https://github.com/advisories/GHSA-x3x3-qwjq-8gj4
6
reference_url https://access.redhat.com/errata/RHSA-2023:0163
reference_id RHSA-2023:0163
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0163
7
reference_url https://access.redhat.com/errata/RHSA-2023:0164
reference_id RHSA-2023:0164
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0164
8
reference_url https://access.redhat.com/errata/RHSA-2023:0483
reference_id RHSA-2023:0483
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0483
9
reference_url https://access.redhat.com/errata/RHSA-2023:0544
reference_id RHSA-2023:0544
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0544
10
reference_url https://access.redhat.com/errata/RHSA-2023:0556
reference_id RHSA-2023:0556
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0556
11
reference_url https://access.redhat.com/errata/RHSA-2023:1285
reference_id RHSA-2023:1285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1285
12
reference_url https://access.redhat.com/errata/RHSA-2023:1286
reference_id RHSA-2023:1286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1286
13
reference_url https://access.redhat.com/errata/RHSA-2023:2041
reference_id RHSA-2023:2041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2041
14
reference_url https://access.redhat.com/errata/RHSA-2023:3641
reference_id RHSA-2023:3641
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3641
fixed_packages
0
url pkg:maven/org.apache.cxf/cxf@3.4.10
purl pkg:maven/org.apache.cxf/cxf@3.4.10
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf@3.4.10
1
url pkg:maven/org.apache.cxf/cxf@3.5.5
purl pkg:maven/org.apache.cxf/cxf@3.5.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf@3.5.5
aliases CVE-2022-46364, GHSA-x3x3-qwjq-8gj4
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yzgu-3jyh-cfeg
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf@3.4.10