Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.wildfly/wildfly-undertow@11.0.0.Final
Typemaven
Namespaceorg.wildfly
Namewildfly-undertow
Version11.0.0.Final
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version12.0.0.Final
Latest_non_vulnerable_version12.0.0.Final
Affected_by_vulnerabilities
0
url VCID-zku3-qq4e-7fes
vulnerability_id VCID-zku3-qq4e-7fes
summary 
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
A flaw was found in Wildfly 9.x. A path traversal vulnerability through the org.wildfly.extension.undertow.deployment.ServletResourceManager.getResource method could lead to information disclosure of arbitrary local files.
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:1247
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:1247
1
reference_url https://access.redhat.com/errata/RHSA-2018:1248
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:1248
2
reference_url https://access.redhat.com/errata/RHSA-2018:1249
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:1249
3
reference_url https://access.redhat.com/errata/RHSA-2018:1251
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:1251
4
reference_url https://access.redhat.com/errata/RHSA-2018:2938
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2938
5
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1047.json
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1047.json
6
reference_url https://access.redhat.com/security/cve/CVE-2018-1047
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2018-1047
7
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1047
reference_id
reference_type
scores
0
value 0.00176
scoring_system epss
scoring_elements 0.39129
published_at 2026-04-18T12:55:00Z
1
value 0.00176
scoring_system epss
scoring_elements 0.38809
published_at 2026-04-26T12:55:00Z
2
value 0.00176
scoring_system epss
scoring_elements 0.39149
published_at 2026-04-09T12:55:00Z
3
value 0.00176
scoring_system epss
scoring_elements 0.39161
published_at 2026-04-11T12:55:00Z
4
value 0.00176
scoring_system epss
scoring_elements 0.39124
published_at 2026-04-12T12:55:00Z
5
value 0.00176
scoring_system epss
scoring_elements 0.39105
published_at 2026-04-13T12:55:00Z
6
value 0.00176
scoring_system epss
scoring_elements 0.3916
published_at 2026-04-16T12:55:00Z
7
value 0.00176
scoring_system epss
scoring_elements 0.38832
published_at 2026-04-24T12:55:00Z
8
value 0.00176
scoring_system epss
scoring_elements 0.39041
published_at 2026-04-21T12:55:00Z
9
value 0.00176
scoring_system epss
scoring_elements 0.38951
published_at 2026-04-01T12:55:00Z
10
value 0.00176
scoring_system epss
scoring_elements 0.39137
published_at 2026-04-02T12:55:00Z
11
value 0.00176
scoring_system epss
scoring_elements 0.39159
published_at 2026-04-04T12:55:00Z
12
value 0.00176
scoring_system epss
scoring_elements 0.39078
published_at 2026-04-07T12:55:00Z
13
value 0.00176
scoring_system epss
scoring_elements 0.39133
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1047
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1528361
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1528361
9
reference_url https://issues.jboss.org/browse/WFLY-9620
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://issues.jboss.org/browse/WFLY-9620
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1047
reference_id CVE-2018-1047
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1047
11
reference_url https://github.com/advisories/GHSA-fmr4-w67p-vh8x
reference_id GHSA-fmr4-w67p-vh8x
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-fmr4-w67p-vh8x
fixed_packages
0
url pkg:maven/org.wildfly/wildfly-undertow@12.0.0.Final
purl pkg:maven/org.wildfly/wildfly-undertow@12.0.0.Final
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.wildfly/wildfly-undertow@12.0.0.Final
1
url pkg:maven/org.wildfly/wildfly-undertow@12.0.0
purl pkg:maven/org.wildfly/wildfly-undertow@12.0.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.wildfly/wildfly-undertow@12.0.0
aliases CVE-2018-1047, GHSA-fmr4-w67p-vh8x
risk_score 3.9
exploitability 0.5
weighted_severity 7.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zku3-qq4e-7fes
Fixing_vulnerabilities
0
url VCID-ay2f-3xcv-dqdc
vulnerability_id VCID-ay2f-3xcv-dqdc
summary 
Improper Neutralization of CRLF Sequences in HTTP Headers
CRLF injection vulnerability in the Undertow web server allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-1838.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1838.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2016-1839.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1839.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2016-1840.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1840.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2016-1841.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1841.html
4
reference_url https://access.redhat.com/errata/RHSA-2017:3454
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3454
5
reference_url https://access.redhat.com/errata/RHSA-2017:3455
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3455
6
reference_url https://access.redhat.com/errata/RHSA-2017:3456
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3456
7
reference_url https://access.redhat.com/errata/RHSA-2017:3458
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3458
8
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4993.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4993.json
9
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-4993
reference_id
reference_type
scores
0
value 0.01476
scoring_system epss
scoring_elements 0.81031
published_at 2026-04-26T12:55:00Z
1
value 0.01476
scoring_system epss
scoring_elements 0.80932
published_at 2026-04-07T12:55:00Z
2
value 0.01476
scoring_system epss
scoring_elements 0.8096
published_at 2026-04-08T12:55:00Z
3
value 0.01476
scoring_system epss
scoring_elements 0.80967
published_at 2026-04-09T12:55:00Z
4
value 0.01476
scoring_system epss
scoring_elements 0.80984
published_at 2026-04-11T12:55:00Z
5
value 0.01476
scoring_system epss
scoring_elements 0.8097
published_at 2026-04-12T12:55:00Z
6
value 0.01476
scoring_system epss
scoring_elements 0.80962
published_at 2026-04-13T12:55:00Z
7
value 0.01476
scoring_system epss
scoring_elements 0.80999
published_at 2026-04-16T12:55:00Z
8
value 0.01476
scoring_system epss
scoring_elements 0.81
published_at 2026-04-21T12:55:00Z
9
value 0.01476
scoring_system epss
scoring_elements 0.81022
published_at 2026-04-24T12:55:00Z
10
value 0.01476
scoring_system epss
scoring_elements 0.80904
published_at 2026-04-01T12:55:00Z
11
value 0.01476
scoring_system epss
scoring_elements 0.80913
published_at 2026-04-02T12:55:00Z
12
value 0.01476
scoring_system epss
scoring_elements 0.80935
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-4993
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1344321
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1344321
11
reference_url https://github.com/undertow-io/undertow/commit/834496fb74ddda2af197940c70d08bab419fdf12
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/undertow-io/undertow/commit/834496fb74ddda2af197940c70d08bab419fdf12
12
reference_url https://issues.redhat.com/browse/UNDERTOW-827
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://issues.redhat.com/browse/UNDERTOW-827
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-4993
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-4993
14
reference_url https://access.redhat.com/security/cve/CVE-2016-4993
reference_id CVE-2016-4993
reference_type
scores
url https://access.redhat.com/security/cve/CVE-2016-4993
15
reference_url https://github.com/advisories/GHSA-qcqr-hcjq-whfq
reference_id GHSA-qcqr-hcjq-whfq
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qcqr-hcjq-whfq
16
reference_url https://access.redhat.com/errata/RHSA-2016:1838
reference_id RHSA-2016:1838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1838
17
reference_url https://access.redhat.com/errata/RHSA-2016:1839
reference_id RHSA-2016:1839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1839
18
reference_url https://access.redhat.com/errata/RHSA-2016:1840
reference_id RHSA-2016:1840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1840
19
reference_url https://access.redhat.com/errata/RHSA-2016:1841
reference_id RHSA-2016:1841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1841
fixed_packages
0
url pkg:maven/org.wildfly/wildfly-undertow@11.0.0.Alpha1
purl pkg:maven/org.wildfly/wildfly-undertow@11.0.0.Alpha1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-tzmu-y1p4-8bac
1
vulnerability VCID-zku3-qq4e-7fes
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.wildfly/wildfly-undertow@11.0.0.Alpha1
1
url pkg:maven/org.wildfly/wildfly-undertow@11.0.0.Final
purl pkg:maven/org.wildfly/wildfly-undertow@11.0.0.Final
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-zku3-qq4e-7fes
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.wildfly/wildfly-undertow@11.0.0.Final
aliases CVE-2016-4993, GHSA-qcqr-hcjq-whfq
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ay2f-3xcv-dqdc
Risk_score3.9
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.wildfly/wildfly-undertow@11.0.0.Final