Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/libspring-java@3.0.6.RELEASE-11?distro=trixie
Typedeb
Namespacedebian
Namelibspring-java
Version3.0.6.RELEASE-11
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version3.0.6.RELEASE-13
Latest_non_vulnerable_version4.3.30-4
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-asmf-3c71-gqcb
vulnerability_id VCID-asmf-3c71-gqcb
summary The JavaScriptUtils.javaScriptEscape method in web/util/JavaScriptUtils.java in Spring MVC in Spring Framework before 3.2.2 does not properly escape certain characters, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a (1) line separator or (2) paragraph separator Unicode character or (3) left or (4) right angle bracket.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6430.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6430.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-6430
reference_id
reference_type
scores
0
value 0.00315
scoring_system epss
scoring_elements 0.54513
published_at 2026-04-01T12:55:00Z
1
value 0.00315
scoring_system epss
scoring_elements 0.54616
published_at 2026-04-21T12:55:00Z
2
value 0.00315
scoring_system epss
scoring_elements 0.54637
published_at 2026-04-18T12:55:00Z
3
value 0.00315
scoring_system epss
scoring_elements 0.54635
published_at 2026-04-16T12:55:00Z
4
value 0.00315
scoring_system epss
scoring_elements 0.54597
published_at 2026-04-13T12:55:00Z
5
value 0.00315
scoring_system epss
scoring_elements 0.54619
published_at 2026-04-12T12:55:00Z
6
value 0.00315
scoring_system epss
scoring_elements 0.54636
published_at 2026-04-11T12:55:00Z
7
value 0.00315
scoring_system epss
scoring_elements 0.54623
published_at 2026-04-09T12:55:00Z
8
value 0.00315
scoring_system epss
scoring_elements 0.54628
published_at 2026-04-08T12:55:00Z
9
value 0.00315
scoring_system epss
scoring_elements 0.54577
published_at 2026-04-07T12:55:00Z
10
value 0.00315
scoring_system epss
scoring_elements 0.54607
published_at 2026-04-04T12:55:00Z
11
value 0.00315
scoring_system epss
scoring_elements 0.54583
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-6430
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6429
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6429
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6430
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6430
4
reference_url https://github.com/spring-projects/spring-framework
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/spring-projects/spring-framework
5
reference_url https://github.com/spring-projects/spring-framework/commit/7a7df6637478607bef0277bf52a4e0a03e20a248
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/spring-projects/spring-framework/commit/7a7df6637478607bef0277bf52a4e0a03e20a248
6
reference_url https://github.com/spring-projects/spring-framework/commit/9982b4c01a8c7be0961e58b58ed83731c40449ff
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/spring-projects/spring-framework/commit/9982b4c01a8c7be0961e58b58ed83731c40449ff
7
reference_url https://github.com/spring-projects/spring-framework/commit/f5c9fe69a444607af667911bd4c5074b5b073e7b
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/spring-projects/spring-framework/commit/f5c9fe69a444607af667911bd4c5074b5b073e7b
8
reference_url https://github.com/spring-projects/spring-framework/issues/14617
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/spring-projects/spring-framework/issues/14617
9
reference_url https://jira.spring.io/browse/SPR-9983?redirect=false
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://jira.spring.io/browse/SPR-9983?redirect=false
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1039783
reference_id 1039783
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1039783
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=735420
reference_id 735420
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=735420
12
reference_url https://bugzilla.redhat.com/CVE-2013-6430
reference_id CVE-2013-6430
reference_type
scores
url https://bugzilla.redhat.com/CVE-2013-6430
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-6430
reference_id CVE-2013-6430
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-6430
14
reference_url https://spring.io/security/cve-2013-6430
reference_id CVE-2013-6430
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://spring.io/security/cve-2013-6430
15
reference_url http://www.gopivotal.com/security/cve-2013-6430
reference_id CVE-2013-6430
reference_type
scores
url http://www.gopivotal.com/security/cve-2013-6430
16
reference_url https://github.com/advisories/GHSA-xjrf-8x4f-43h4
reference_id GHSA-xjrf-8x4f-43h4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xjrf-8x4f-43h4
17
reference_url https://access.redhat.com/errata/RHSA-2014:0400
reference_id RHSA-2014:0400
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0400
18
reference_url https://access.redhat.com/errata/RHSA-2014:0401
reference_id RHSA-2014:0401
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0401
fixed_packages
0
url pkg:deb/debian/libspring-java@3.0.6.RELEASE-11?distro=trixie
purl pkg:deb/debian/libspring-java@3.0.6.RELEASE-11?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libspring-java@3.0.6.RELEASE-11%3Fdistro=trixie
1
url pkg:deb/debian/libspring-java@4.3.30-1?distro=trixie
purl pkg:deb/debian/libspring-java@4.3.30-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libspring-java@4.3.30-1%3Fdistro=trixie
2
url pkg:deb/debian/libspring-java@4.3.30-2?distro=trixie
purl pkg:deb/debian/libspring-java@4.3.30-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libspring-java@4.3.30-2%3Fdistro=trixie
3
url pkg:deb/debian/libspring-java@4.3.30-3?distro=trixie
purl pkg:deb/debian/libspring-java@4.3.30-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libspring-java@4.3.30-3%3Fdistro=trixie
4
url pkg:deb/debian/libspring-java@4.3.30-4?distro=trixie
purl pkg:deb/debian/libspring-java@4.3.30-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libspring-java@4.3.30-4%3Fdistro=trixie
aliases CVE-2013-6430, GHSA-xjrf-8x4f-43h4
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-asmf-3c71-gqcb
1
url VCID-mvx7-2y3s-fbbb
vulnerability_id VCID-mvx7-2y3s-fbbb
summary The SourceHttpMessageConverter in Spring MVC in Spring Framework before 3.2.5 and 4.0.0.M1 through 4.0.0.RC1 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152 and CVE-2013-7315.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2014-0400.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0400.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6429.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6429.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-6429
reference_id
reference_type
scores
0
value 0.38725
scoring_system epss
scoring_elements 0.97267
published_at 2026-04-21T12:55:00Z
1
value 0.38725
scoring_system epss
scoring_elements 0.97241
published_at 2026-04-07T12:55:00Z
2
value 0.38725
scoring_system epss
scoring_elements 0.97248
published_at 2026-04-08T12:55:00Z
3
value 0.38725
scoring_system epss
scoring_elements 0.97249
published_at 2026-04-09T12:55:00Z
4
value 0.38725
scoring_system epss
scoring_elements 0.97252
published_at 2026-04-11T12:55:00Z
5
value 0.38725
scoring_system epss
scoring_elements 0.97253
published_at 2026-04-12T12:55:00Z
6
value 0.38725
scoring_system epss
scoring_elements 0.97254
published_at 2026-04-13T12:55:00Z
7
value 0.38725
scoring_system epss
scoring_elements 0.97262
published_at 2026-04-16T12:55:00Z
8
value 0.38725
scoring_system epss
scoring_elements 0.97264
published_at 2026-04-18T12:55:00Z
9
value 0.38725
scoring_system epss
scoring_elements 0.97229
published_at 2026-04-01T12:55:00Z
10
value 0.38725
scoring_system epss
scoring_elements 0.97235
published_at 2026-04-02T12:55:00Z
11
value 0.38725
scoring_system epss
scoring_elements 0.9724
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-6429
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6429
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6429
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6430
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6430
5
reference_url http://secunia.com/advisories/57915
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/57915
6
reference_url https://github.com/spring-projects/spring-framework/commit/2ae6a6a3415eebc57babcb9d3e5505887eda6d8
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/spring-projects/spring-framework/commit/2ae6a6a3415eebc57babcb9d3e5505887eda6d8
7
reference_url https://github.com/spring-projects/spring-framework/commit/7387cb990e35b0f1b573faf29d4f9ae183d7a5e
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/spring-projects/spring-framework/commit/7387cb990e35b0f1b573faf29d4f9ae183d7a5e
8
reference_url https://github.com/spring-projects/spring-framework/issues/15704
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/spring-projects/spring-framework/issues/15704
9
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755
10
reference_url https://jira.spring.io/browse/SPR-11078?redirect=false
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://jira.spring.io/browse/SPR-11078?redirect=false
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-6429
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-6429
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1053290
reference_id 1053290
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1053290
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=735420
reference_id 735420
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=735420
14
reference_url https://bugzilla.redhat.com/CVE-2013-6429
reference_id CVE-2013-6429
reference_type
scores
url https://bugzilla.redhat.com/CVE-2013-6429
15
reference_url http://www.gopivotal.com/security/cve-2013-6429
reference_id CVE-2013-6429
reference_type
scores
url http://www.gopivotal.com/security/cve-2013-6429
16
reference_url https://github.com/advisories/GHSA-g6hf-f9cq-q7w7
reference_id GHSA-g6hf-f9cq-q7w7
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-g6hf-f9cq-q7w7
17
reference_url https://access.redhat.com/errata/RHSA-2014:0400
reference_id RHSA-2014:0400
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0400
18
reference_url https://access.redhat.com/errata/RHSA-2014:0401
reference_id RHSA-2014:0401
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0401
fixed_packages
0
url pkg:deb/debian/libspring-java@3.0.6.RELEASE-11?distro=trixie
purl pkg:deb/debian/libspring-java@3.0.6.RELEASE-11?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libspring-java@3.0.6.RELEASE-11%3Fdistro=trixie
1
url pkg:deb/debian/libspring-java@4.3.30-1?distro=trixie
purl pkg:deb/debian/libspring-java@4.3.30-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libspring-java@4.3.30-1%3Fdistro=trixie
2
url pkg:deb/debian/libspring-java@4.3.30-2?distro=trixie
purl pkg:deb/debian/libspring-java@4.3.30-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libspring-java@4.3.30-2%3Fdistro=trixie
3
url pkg:deb/debian/libspring-java@4.3.30-3?distro=trixie
purl pkg:deb/debian/libspring-java@4.3.30-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libspring-java@4.3.30-3%3Fdistro=trixie
4
url pkg:deb/debian/libspring-java@4.3.30-4?distro=trixie
purl pkg:deb/debian/libspring-java@4.3.30-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libspring-java@4.3.30-4%3Fdistro=trixie
aliases CVE-2013-6429, GHSA-g6hf-f9cq-q7w7
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mvx7-2y3s-fbbb
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/libspring-java@3.0.6.RELEASE-11%3Fdistro=trixie