Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.hibernate.validator/hibernate-validator@6.0.20.Final
Typemaven
Namespaceorg.hibernate.validator
Namehibernate-validator
Version6.0.20.Final
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version6.2.0.Final
Latest_non_vulnerable_version7.0.0.CR1
Affected_by_vulnerabilities
0
url VCID-31rj-auw9-f3en
vulnerability_id VCID-31rj-auw9-f3en
summary 
Hibernate Validator may interpolate user-supplied input in a constraint violation message with Expression Language
Hibernate Validator before 6.2.0 and 7.0.0, by default and depending how it is used, may interpolate user-supplied input in a constraint violation message with Expression Language. This could allow an attacker to access sensitive information or execute arbitrary Java code. Hibernate Validator as of 6.2.0 and 7.0.0 no longer interpolates custom constraint violation messages with Expression Language and strongly recommends not allowing user-supplied input in constraint violation messages. CVE-2020-5245 and CVE-2025-4428 are examples of related, downstream vulnerabilities involving Expression Language intepolation of user-supplied data.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-35036.json
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-35036.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-35036
reference_id
reference_type
scores
0
value 0.01693
scoring_system epss
scoring_elements 0.82621
published_at 2026-06-07T12:55:00Z
1
value 0.01693
scoring_system epss
scoring_elements 0.82623
published_at 2026-06-06T12:55:00Z
2
value 0.01693
scoring_system epss
scoring_elements 0.82625
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-35036
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-35036
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-35036
3
reference_url https://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/#section-hibernateconstraintvalidatorcontext
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:00:12Z/
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:41:11Z/
url https://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/#section-hibernateconstraintvalidatorcontext
4
reference_url https://github.com/hibernate/hibernate-validator
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/hibernate/hibernate-validator
5
reference_url https://github.com/hibernate/hibernate-validator/commit/05f795bb7cf18856004f40e5042709e550ed0d6e
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:41:11Z/
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:00:12Z/
url https://github.com/hibernate/hibernate-validator/commit/05f795bb7cf18856004f40e5042709e550ed0d6e
6
reference_url https://github.com/hibernate/hibernate-validator/commit/254858d9dcc4e7cd775d1b0f47f482218077c5e1
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:00:12Z/
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:41:11Z/
url https://github.com/hibernate/hibernate-validator/commit/254858d9dcc4e7cd775d1b0f47f482218077c5e1
7
reference_url https://github.com/hibernate/hibernate-validator/commit/d2db40b9e7d22c7a0b44d7665242dfc7b4d14d78
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:41:11Z/
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:00:12Z/
url https://github.com/hibernate/hibernate-validator/commit/d2db40b9e7d22c7a0b44d7665242dfc7b4d14d78
8
reference_url https://github.com/hibernate/hibernate-validator/commit/e076293b0ee1bfa97b6e67d05ad9eee1ad77e893
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:00:12Z/
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:41:11Z/
url https://github.com/hibernate/hibernate-validator/commit/e076293b0ee1bfa97b6e67d05ad9eee1ad77e893
9
reference_url https://github.com/hibernate/hibernate-validator/compare/6.1.7.Final...6.2.0.Final
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:41:11Z/
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:00:12Z/
url https://github.com/hibernate/hibernate-validator/compare/6.1.7.Final...6.2.0.Final
10
reference_url https://github.com/hibernate/hibernate-validator/pull/1138
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:00:12Z/
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:41:11Z/
url https://github.com/hibernate/hibernate-validator/pull/1138
11
reference_url https://hibernate.atlassian.net/browse/HV-1816
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:00:12Z/
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:41:11Z/
url https://hibernate.atlassian.net/browse/HV-1816
12
reference_url https://hibernate.org/validator/documentation/migration-guide/#6-2-0-cr1
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:41:11Z/
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:00:12Z/
url https://hibernate.org/validator/documentation/migration-guide/#6-2-0-cr1
13
reference_url https://in.relation.to/2021/01/06/hibernate-validator-700-62-final-released/#expression-language
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:41:11Z/
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:00:12Z/
url https://in.relation.to/2021/01/06/hibernate-validator-700-62-final-released/#expression-language
14
reference_url https://labs.watchtowr.com/expression-payloads-meet-mayhem-cve-2025-4427-and-cve-2025-4428
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://labs.watchtowr.com/expression-payloads-meet-mayhem-cve-2025-4427-and-cve-2025-4428
15
reference_url https://www.cve.org/CVERecord?id=CVE-2020-5245
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:41:11Z/
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:00:12Z/
url https://www.cve.org/CVERecord?id=CVE-2020-5245
16
reference_url https://www.cve.org/CVERecord?id=CVE-2025-4428
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:41:11Z/
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:00:12Z/
url https://www.cve.org/CVERecord?id=CVE-2025-4428
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107517
reference_id 1107517
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107517
18
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107518
reference_id 1107518
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107518
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2370118
reference_id 2370118
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2370118
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-35036
reference_id CVE-2025-35036
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-35036
21
reference_url https://labs.watchtowr.com/expression-payloads-meet-mayhem-cve-2025-4427-and-cve-2025-4428/
reference_id expression-payloads-meet-mayhem-cve-2025-4427-and-cve-2025-4428
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:00:12Z/
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:41:11Z/
url https://labs.watchtowr.com/expression-payloads-meet-mayhem-cve-2025-4427-and-cve-2025-4428/
22
reference_url https://github.com/advisories/GHSA-7v6m-28jr-rg84
reference_id GHSA-7v6m-28jr-rg84
reference_type
scores
url https://github.com/advisories/GHSA-7v6m-28jr-rg84
23
reference_url https://access.redhat.com/errata/RHSA-2025:10925
reference_id RHSA-2025:10925
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10925
24
reference_url https://access.redhat.com/errata/RHSA-2025:10931
reference_id RHSA-2025:10931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10931
fixed_packages
0
url pkg:maven/org.hibernate.validator/hibernate-validator@6.2.0.CR1
purl pkg:maven/org.hibernate.validator/hibernate-validator@6.2.0.CR1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ntaj-bwx1-yqfd
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.hibernate.validator/hibernate-validator@6.2.0.CR1
1
url pkg:maven/org.hibernate.validator/hibernate-validator@7.0.0.CR1
purl pkg:maven/org.hibernate.validator/hibernate-validator@7.0.0.CR1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.hibernate.validator/hibernate-validator@7.0.0.CR1
aliases CVE-2025-35036, GHSA-7v6m-28jr-rg84
risk_score 3.3
exploitability 0.5
weighted_severity 6.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-31rj-auw9-f3en
1
url VCID-ntaj-bwx1-yqfd
vulnerability_id VCID-ntaj-bwx1-yqfd
summary 
hibernate-validator Cross-site Scripting vulnerability
A flaw was found in hibernate-validator's 'isValid' method in the org.hibernate.validator.internal.constraintvalidators.hv.SafeHtmlValidator class, which can be bypassed by omitting the tag ending in a less-than character. Browsers may render an invalid html, allowing HTML injection or Cross-Site-Scripting (XSS) attacks.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1932.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1932.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-1932
reference_id
reference_type
scores
0
value 0.00795
scoring_system epss
scoring_elements 0.74319
published_at 2026-06-04T12:55:00Z
1
value 0.00795
scoring_system epss
scoring_elements 0.74343
published_at 2026-06-07T12:55:00Z
2
value 0.00795
scoring_system epss
scoring_elements 0.74356
published_at 2026-06-06T12:55:00Z
3
value 0.00795
scoring_system epss
scoring_elements 0.74351
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-1932
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1809444
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-07T14:09:13Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=1809444
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1932
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1932
4
reference_url https://github.com/hibernate/hibernate-validator
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/hibernate/hibernate-validator
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063540
reference_id 1063540
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063540
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:amq_broker:7
reference_id cpe:/a:redhat:amq_broker:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:amq_broker:7
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:a_mq_clients:2
reference_id cpe:/a:redhat:a_mq_clients:2
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:a_mq_clients:2
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:amq_online:1
reference_id cpe:/a:redhat:amq_online:1
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:amq_online:1
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:amq_streams:1
reference_id cpe:/a:redhat:amq_streams:1
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:amq_streams:1
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:cryostat:2
reference_id cpe:/a:redhat:cryostat:2
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:cryostat:2
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_grid:7
reference_id cpe:/a:redhat:jboss_data_grid:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_grid:7
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_grid:8
reference_id cpe:/a:redhat:jboss_data_grid:8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_grid:8
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_virtualization:6
reference_id cpe:/a:redhat:jboss_data_virtualization:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_virtualization:6
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_developer_studio:12.
reference_id cpe:/a:redhat:jboss_developer_studio:12.
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_developer_studio:12.
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:5
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:5
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:5
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:6
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:6
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform_cd
reference_id cpe:/a:redhat:jboss_enterprise_application_platform_cd
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform_cd
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_bpms_platform:6
reference_id cpe:/a:redhat:jboss_enterprise_bpms_platform:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_bpms_platform:6
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_bpms_platform:7
reference_id cpe:/a:redhat:jboss_enterprise_bpms_platform:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_bpms_platform:7
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_brms_platform:5
reference_id cpe:/a:redhat:jboss_enterprise_brms_platform:5
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_brms_platform:5
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_brms_platform:7
reference_id cpe:/a:redhat:jboss_enterprise_brms_platform:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_brms_platform:7
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_soa_platform:5
reference_id cpe:/a:redhat:jboss_enterprise_soa_platform:5
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_soa_platform:5
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_fuse:6
reference_id cpe:/a:redhat:jboss_fuse:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_fuse:6
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_fuse:7
reference_id cpe:/a:redhat:jboss_fuse:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_fuse:7
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_fuse_service_works:6
reference_id cpe:/a:redhat:jboss_fuse_service_works:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_fuse_service_works:6
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_operations_network:3
reference_id cpe:/a:redhat:jboss_operations_network:3
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_operations_network:3
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_application_runtimes:1.0
reference_id cpe:/a:redhat:openshift_application_runtimes:1.0
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_application_runtimes:1.0
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:10
reference_id cpe:/a:redhat:openstack:10
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:10
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:13
reference_id cpe:/a:redhat:openstack:13
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:13
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7
reference_id cpe:/a:redhat:red_hat_single_sign_on:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:satellite:6
reference_id cpe:/a:redhat:satellite:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:satellite:6
33
reference_url https://access.redhat.com/security/cve/CVE-2023-1932
reference_id CVE-2023-1932
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-07T14:09:13Z/
url https://access.redhat.com/security/cve/CVE-2023-1932
34
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-1932
reference_id CVE-2023-1932
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-1932
35
reference_url https://github.com/advisories/GHSA-x83m-pf6f-pf9g
reference_id GHSA-x83m-pf6f-pf9g
reference_type
scores
url https://github.com/advisories/GHSA-x83m-pf6f-pf9g
fixed_packages
0
url pkg:maven/org.hibernate.validator/hibernate-validator@6.2.0.Final
purl pkg:maven/org.hibernate.validator/hibernate-validator@6.2.0.Final
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.hibernate.validator/hibernate-validator@6.2.0.Final
aliases CVE-2023-1932, GHSA-x83m-pf6f-pf9g
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ntaj-bwx1-yqfd
Fixing_vulnerabilities
0
url VCID-12uy-cu8u-jkda
vulnerability_id VCID-12uy-cu8u-jkda
summary 
Improper Input Validation in Hibernate Validator
A flaw was found in Hibernate Validator version 6.1.2.Final. A bug in the message interpolation processor enables invalid EL expressions to be evaluated as if they were valid. This flaw allows attackers to bypass input sanitation (escaping, stripping) controls that developers may have put in place when handling user-controlled data in error messages.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10693.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10693.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-10693
reference_id
reference_type
scores
0
value 0.00094
scoring_system epss
scoring_elements 0.2628
published_at 2026-06-07T12:55:00Z
1
value 0.00094
scoring_system epss
scoring_elements 0.26228
published_at 2026-06-04T12:55:00Z
2
value 0.00094
scoring_system epss
scoring_elements 0.26324
published_at 2026-06-06T12:55:00Z
3
value 0.00094
scoring_system epss
scoring_elements 0.26332
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-10693
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10693
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10693
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10693
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10693
4
reference_url https://lists.apache.org/thread.html/rb8dca19a4e52b60dab0ab21e2ff9968d78f4b84e4033824db1dd24b4@%3Cpluto-scm.portals.apache.org%3E
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb8dca19a4e52b60dab0ab21e2ff9968d78f4b84e4033824db1dd24b4@%3Cpluto-scm.portals.apache.org%3E
5
reference_url https://lists.apache.org/thread.html/rd418deda6f0ebe658c2015f43a14d03acb8b8c2c093c5bf6b880cd7c@%3Cpluto-dev.portals.apache.org%3E
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rd418deda6f0ebe658c2015f43a14d03acb8b8c2c093c5bf6b880cd7c@%3Cpluto-dev.portals.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/rf9c17c3efc4a376a96e9e2777eee6acf0bec28e2200e4b35da62de4a@%3Cpluto-dev.portals.apache.org%3E
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf9c17c3efc4a376a96e9e2777eee6acf0bec28e2200e4b35da62de4a@%3Cpluto-dev.portals.apache.org%3E
7
reference_url https://www.ibm.com/support/pages/node/6348216
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.ibm.com/support/pages/node/6348216
8
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2022.html
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1805501
reference_id 1805501
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1805501
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988946
reference_id 988946
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988946
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-10693
reference_id CVE-2020-10693
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-10693
12
reference_url https://github.com/advisories/GHSA-rmrm-75hp-phr2
reference_id GHSA-rmrm-75hp-phr2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rmrm-75hp-phr2
13
reference_url https://access.redhat.com/errata/RHSA-2020:3461
reference_id RHSA-2020:3461
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3461
14
reference_url https://access.redhat.com/errata/RHSA-2020:3462
reference_id RHSA-2020:3462
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3462
15
reference_url https://access.redhat.com/errata/RHSA-2020:3463
reference_id RHSA-2020:3463
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3463
16
reference_url https://access.redhat.com/errata/RHSA-2020:3464
reference_id RHSA-2020:3464
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3464
17
reference_url https://access.redhat.com/errata/RHSA-2020:3501
reference_id RHSA-2020:3501
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3501
18
reference_url https://access.redhat.com/errata/RHSA-2020:3539
reference_id RHSA-2020:3539
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3539
19
reference_url https://access.redhat.com/errata/RHSA-2020:3637
reference_id RHSA-2020:3637
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3637
20
reference_url https://access.redhat.com/errata/RHSA-2020:3638
reference_id RHSA-2020:3638
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3638
21
reference_url https://access.redhat.com/errata/RHSA-2020:3639
reference_id RHSA-2020:3639
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3639
22
reference_url https://access.redhat.com/errata/RHSA-2020:3642
reference_id RHSA-2020:3642
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3642
23
reference_url https://access.redhat.com/errata/RHSA-2020:3806
reference_id RHSA-2020:3806
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3806
24
reference_url https://access.redhat.com/errata/RHSA-2020:4252
reference_id RHSA-2020:4252
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4252
25
reference_url https://access.redhat.com/errata/RHSA-2020:4366
reference_id RHSA-2020:4366
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4366
26
reference_url https://access.redhat.com/errata/RHSA-2020:4960
reference_id RHSA-2020:4960
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4960
27
reference_url https://access.redhat.com/errata/RHSA-2020:4961
reference_id RHSA-2020:4961
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4961
28
reference_url https://access.redhat.com/errata/RHSA-2021:3140
reference_id RHSA-2021:3140
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3140
fixed_packages
0
url pkg:maven/org.hibernate.validator/hibernate-validator@6.0.20.Final
purl pkg:maven/org.hibernate.validator/hibernate-validator@6.0.20.Final
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-31rj-auw9-f3en
1
vulnerability VCID-ntaj-bwx1-yqfd
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.hibernate.validator/hibernate-validator@6.0.20.Final
1
url pkg:maven/org.hibernate.validator/hibernate-validator@6.1.5.Final
purl pkg:maven/org.hibernate.validator/hibernate-validator@6.1.5.Final
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-31rj-auw9-f3en
1
vulnerability VCID-ntaj-bwx1-yqfd
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.hibernate.validator/hibernate-validator@6.1.5.Final
aliases CVE-2020-10693, GHSA-rmrm-75hp-phr2
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-12uy-cu8u-jkda
Risk_score3.3
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.hibernate.validator/hibernate-validator@6.0.20.Final