Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:maven/org.jboss.resteasy/resteasy-core@5.0.6.Final

Type maven

Namespace org.jboss.resteasy

Name resteasy-core

Version 5.0.6.Final

Qualifiers

Subpath

Is_vulnerable false

Next_non_vulnerable_version 6.2.3.Final

Latest_non_vulnerable_version 6.2.3.Final

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-ka7b-vp4z-d7bu

vulnerability_id VCID-ka7b-vp4z-d7bu

summary

Insecure Temporary File in RESTEasy
In RESTEasy the insecure File.createTempFile() is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0482.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0482.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-0482

reference_id

reference_type

scores

value	0.0005
scoring_system	epss
scoring_elements	0.16037
published_at	2026-06-05T12:55:00Z

value	0.0005
scoring_system	epss
scoring_elements	0.15953
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-0482

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0482
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0482

reference_url

https://github.com/orgs/resteasy/discussions/3415

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/orgs/resteasy/discussions/3415

reference_url

https://github.com/orgs/resteasy/discussions/3504

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/orgs/resteasy/discussions/3504

reference_url

https://github.com/orgs/resteasy/discussions/3506

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/orgs/resteasy/discussions/3506

reference_url

https://github.com/resteasy/resteasy

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/resteasy/resteasy

reference_url

https://github.com/resteasy/Resteasy

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/resteasy/Resteasy

reference_url

https://github.com/resteasy/resteasy/pull/3409

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/resteasy/resteasy/pull/3409

reference_url

https://github.com/resteasy/resteasy/pull/3409/commits/807d7456f2137cde8ef7c316707211bf4e542d56

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:02:39Z/

url

https://github.com/resteasy/resteasy/pull/3409/commits/807d7456f2137cde8ef7c316707211bf4e542d56

reference_url

https://github.com/resteasy/resteasy/pull/3410

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/resteasy/resteasy/pull/3410

reference_url

https://github.com/resteasy/resteasy/pull/3412

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/resteasy/resteasy/pull/3412

reference_url

https://github.com/resteasy/resteasy/pull/3413

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/resteasy/resteasy/pull/3413

reference_url

https://github.com/resteasy/resteasy/pull/3423

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/resteasy/resteasy/pull/3423

reference_url

https://github.com/resteasy/resteasy/security/advisories/GHSA-2c6g-pfx3-w7h8

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/resteasy/resteasy/security/advisories/GHSA-2c6g-pfx3-w7h8

reference_url

https://issues.redhat.com/browse/RESTEASY-3286

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://issues.redhat.com/browse/RESTEASY-3286

reference_url

https://security.netapp.com/advisory/ntap-20230427-0001

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20230427-0001

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031728
reference_id	1031728
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031728

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031729
reference_id	1031729
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031729

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2166004

reference_id

2166004

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=2166004

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-0482

reference_id

CVE-2023-0482

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-0482

reference_url	https://github.com/advisories/GHSA-jrmh-v64j-mjm9
reference_id	GHSA-jrmh-v64j-mjm9
reference_type
scores
url	https://github.com/advisories/GHSA-jrmh-v64j-mjm9

reference_url

https://security.netapp.com/advisory/ntap-20230427-0001/

reference_id

ntap-20230427-0001

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:02:39Z/

url

https://security.netapp.com/advisory/ntap-20230427-0001/

reference_url	https://access.redhat.com/errata/RHSA-2023:2705
reference_id	RHSA-2023:2705
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2705

reference_url	https://access.redhat.com/errata/RHSA-2023:2706
reference_id	RHSA-2023:2706
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2706

reference_url	https://access.redhat.com/errata/RHSA-2023:2707
reference_id	RHSA-2023:2707
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2707

reference_url	https://access.redhat.com/errata/RHSA-2023:2710
reference_id	RHSA-2023:2710
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2710

reference_url	https://access.redhat.com/errata/RHSA-2023:2713
reference_id	RHSA-2023:2713
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2713

reference_url	https://access.redhat.com/errata/RHSA-2023:3185
reference_id	RHSA-2023:3185
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3185

reference_url	https://access.redhat.com/errata/RHSA-2023:4983
reference_id	RHSA-2023:4983
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4983

reference_url	https://access.redhat.com/errata/RHSA-2023:5165
reference_id	RHSA-2023:5165
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5165

reference_url	https://access.redhat.com/errata/RHSA-2023:6305
reference_id	RHSA-2023:6305
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6305

reference_url	https://usn.ubuntu.com/7351-1/
reference_id	USN-7351-1
reference_type
scores
url	https://usn.ubuntu.com/7351-1/

reference_url	https://usn.ubuntu.com/7630-1/
reference_id	USN-7630-1
reference_type
scores
url	https://usn.ubuntu.com/7630-1/

fixed_packages

url	pkg:maven/org.jboss.resteasy/resteasy-core@3.15.5.Final
purl	pkg:maven/org.jboss.resteasy/resteasy-core@3.15.5.Final
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.resteasy/resteasy-core@3.15.5.Final

url	pkg:maven/org.jboss.resteasy/resteasy-core@4.7.8.Final
purl	pkg:maven/org.jboss.resteasy/resteasy-core@4.7.8.Final
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.resteasy/resteasy-core@4.7.8.Final

url	pkg:maven/org.jboss.resteasy/resteasy-core@5.0.6.Final
purl	pkg:maven/org.jboss.resteasy/resteasy-core@5.0.6.Final
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.resteasy/resteasy-core@5.0.6.Final

url	pkg:maven/org.jboss.resteasy/resteasy-core@6.2.3.Final
purl	pkg:maven/org.jboss.resteasy/resteasy-core@6.2.3.Final
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.resteasy/resteasy-core@6.2.3.Final

aliases CVE-2023-0482, GHSA-2c6g-pfx3-w7h8, GHSA-jrmh-v64j-mjm9

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ka7b-vp4z-d7bu

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.resteasy/resteasy-core@5.0.6.Final

Package Instance