Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/jsoup@1.14.2-1?distro=trixie

Type deb

Namespace debian

Name jsoup

Version 1.14.2-1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 1.15.3-1

Latest_non_vulnerable_version 1.15.3-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-4rxk-nhwr-ffad

vulnerability_id VCID-4rxk-nhwr-ffad

summary

Uncaught Exception
jsoup is a Java library for working with HTML. Those using jsoup to parse untrusted HTML or XML may be vulnerable to DoS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck (loop indefinitely until cancelled), to complete more slowly than usual, or to throw an unexpected exception. This effect may support a denial of service attack. The issue is patched There are a few available workarounds. Users may rate limit input parsing, limit the size of inputs based on system resources, and/or implement thread watchdogs to cap and timeout parse runtimes.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37714.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37714.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-37714

reference_id

reference_type

scores

value	0.04351
scoring_system	epss
scoring_elements	0.88958
published_at	2026-04-18T12:55:00Z

value	0.04351
scoring_system	epss
scoring_elements	0.8896
published_at	2026-04-16T12:55:00Z

value	0.04351
scoring_system	epss
scoring_elements	0.88947
published_at	2026-04-13T12:55:00Z

value	0.04351
scoring_system	epss
scoring_elements	0.88948
published_at	2026-04-12T12:55:00Z

value	0.04351
scoring_system	epss
scoring_elements	0.88954
published_at	2026-04-21T12:55:00Z

value	0.04351
scoring_system	epss
scoring_elements	0.88893
published_at	2026-04-01T12:55:00Z

value	0.04351
scoring_system	epss
scoring_elements	0.88942
published_at	2026-04-09T12:55:00Z

value	0.04351
scoring_system	epss
scoring_elements	0.88937
published_at	2026-04-08T12:55:00Z

value	0.04351
scoring_system	epss
scoring_elements	0.88919
published_at	2026-04-07T12:55:00Z

value	0.04351
scoring_system	epss
scoring_elements	0.88917
published_at	2026-04-04T12:55:00Z

value	0.04351
scoring_system	epss
scoring_elements	0.88901
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-37714

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37714
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37714

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/jhy/jsoup

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/jhy/jsoup

reference_url

https://github.com/jhy/jsoup/security/advisories/GHSA-m72m-mhq2-9p6c

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/jhy/jsoup/security/advisories/GHSA-m72m-mhq2-9p6c

reference_url

https://jsoup.org/news/release-1.14.1

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://jsoup.org/news/release-1.14.1

reference_url

https://jsoup.org/news/release-1.14.2

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://jsoup.org/news/release-1.14.2

reference_url

https://lists.apache.org/thread.html/r215009dbf7467a9f6506d0c0024cb36cad30071010e62c9352cfaaf0@%3Cissues.maven.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r215009dbf7467a9f6506d0c0024cb36cad30071010e62c9352cfaaf0@%3Cissues.maven.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r377b93d79817ce649e9e68b3456e6f499747ef1643fa987b342e082e@%3Cissues.maven.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r377b93d79817ce649e9e68b3456e6f499747ef1643fa987b342e082e@%3Cissues.maven.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r3d71f18adb78e50f626dde689161ca63d3b7491bd9718fcddfaecba7@%3Cissues.maven.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r3d71f18adb78e50f626dde689161ca63d3b7491bd9718fcddfaecba7@%3Cissues.maven.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r50e9c9466c592ca9d707a5dea549524d19e3287da08d8392f643960e@%3Cissues.maven.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r50e9c9466c592ca9d707a5dea549524d19e3287da08d8392f643960e@%3Cissues.maven.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r685c5235235ad0c26e86d0ee987fb802c9675de6081dbf0516464e0b@%3Cnotifications.james.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r685c5235235ad0c26e86d0ee987fb802c9675de6081dbf0516464e0b@%3Cnotifications.james.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r97404676a5cf591988faedb887d64e278f522adcaa823d89ca69defe@%3Cnotifications.james.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r97404676a5cf591988faedb887d64e278f522adcaa823d89ca69defe@%3Cnotifications.james.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rc3354080fc67fb50b45b3c2d12dc4ca2a3c1c78dad3d3ba012c038aa@%3Cnotifications.james.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rc3354080fc67fb50b45b3c2d12dc4ca2a3c1c78dad3d3ba012c038aa@%3Cnotifications.james.apache.org%3E

reference_url

https://security.netapp.com/advisory/ntap-20220210-0022

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20220210-0022

reference_url	https://security.netapp.com/advisory/ntap-20220210-0022/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20220210-0022/

reference_url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_url

https://www.oracle.com/security-alerts/cpujul2022.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujul2022.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1995259
reference_id	1995259
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1995259

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992590
reference_id	992590
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992590

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-37714

reference_id

CVE-2021-37714

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-37714

reference_url

https://github.com/advisories/GHSA-m72m-mhq2-9p6c

reference_id

GHSA-m72m-mhq2-9p6c

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-m72m-mhq2-9p6c

reference_url	https://access.redhat.com/errata/RHSA-2021:4676
reference_id	RHSA-2021:4676
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4676

reference_url	https://access.redhat.com/errata/RHSA-2021:4677
reference_id	RHSA-2021:4677
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4677

reference_url	https://access.redhat.com/errata/RHSA-2021:4679
reference_id	RHSA-2021:4679
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4679

reference_url	https://access.redhat.com/errata/RHSA-2021:5134
reference_id	RHSA-2021:5134
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5134

reference_url	https://access.redhat.com/errata/RHSA-2021:5149
reference_id	RHSA-2021:5149
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5149

reference_url	https://access.redhat.com/errata/RHSA-2021:5150
reference_id	RHSA-2021:5150
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5150

reference_url	https://access.redhat.com/errata/RHSA-2021:5151
reference_id	RHSA-2021:5151
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5151

reference_url	https://access.redhat.com/errata/RHSA-2021:5154
reference_id	RHSA-2021:5154
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5154

reference_url	https://access.redhat.com/errata/RHSA-2021:5170
reference_id	RHSA-2021:5170
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5170

reference_url	https://access.redhat.com/errata/RHSA-2022:0146
reference_id	RHSA-2022:0146
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0146

reference_url	https://access.redhat.com/errata/RHSA-2022:0589
reference_id	RHSA-2022:0589
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0589

reference_url	https://access.redhat.com/errata/RHSA-2022:5606
reference_id	RHSA-2022:5606
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5606

reference_url	https://access.redhat.com/errata/RHSA-2022:5903
reference_id	RHSA-2022:5903
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5903

reference_url	https://access.redhat.com/errata/RHSA-2022:6407
reference_id	RHSA-2022:6407
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6407

fixed_packages

url	pkg:deb/debian/jsoup@1.14.2-1?distro=trixie
purl	pkg:deb/debian/jsoup@1.14.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/jsoup@1.14.2-1%3Fdistro=trixie

url	pkg:deb/debian/jsoup@1.15.3-1?distro=trixie
purl	pkg:deb/debian/jsoup@1.15.3-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/jsoup@1.15.3-1%3Fdistro=trixie

aliases CVE-2021-37714, GHSA-m72m-mhq2-9p6c

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4rxk-nhwr-ffad

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jsoup@1.14.2-1%3Fdistro=trixie

Package Instance