Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/eap7-log4j-jboss-logmanager@1.3.1-1.Final_redhat_00002.1?arch=el8eap
Typerpm
Namespaceredhat
Nameeap7-log4j-jboss-logmanager
Version1.3.1-1.Final_redhat_00002.1
Qualifiers
arch el8eap
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-2e6w-fs4j-17g9
vulnerability_id VCID-2e6w-fs4j-17g9
summary HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27316.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27316.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-27316
reference_id
reference_type
scores
0
value 0.89409
scoring_system epss
scoring_elements 0.99552
published_at 2026-04-29T12:55:00Z
1
value 0.89409
scoring_system epss
scoring_elements 0.99542
published_at 2026-04-02T12:55:00Z
2
value 0.89409
scoring_system epss
scoring_elements 0.99543
published_at 2026-04-04T12:55:00Z
3
value 0.89409
scoring_system epss
scoring_elements 0.99545
published_at 2026-04-11T12:55:00Z
4
value 0.89409
scoring_system epss
scoring_elements 0.99546
published_at 2026-04-13T12:55:00Z
5
value 0.89409
scoring_system epss
scoring_elements 0.99549
published_at 2026-04-26T12:55:00Z
6
value 0.89409
scoring_system epss
scoring_elements 0.9955
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-27316
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31122
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31122
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38709
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38709
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43622
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43622
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45802
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45802
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24795
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24795
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27316
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27316
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068412
reference_id 1068412
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068412
10
reference_url https://www.openwall.com/lists/oss-security/2024/04/03/16
reference_id 16
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-29T15:46:29Z/
url https://www.openwall.com/lists/oss-security/2024/04/03/16
11
reference_url http://seclists.org/fulldisclosure/2024/Jul/18
reference_id 18
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-29T15:46:29Z/
url http://seclists.org/fulldisclosure/2024/Jul/18
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2268277
reference_id 2268277
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2268277
13
reference_url http://www.openwall.com/lists/oss-security/2024/04/04/4
reference_id 4
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-29T15:46:29Z/
url http://www.openwall.com/lists/oss-security/2024/04/04/4
14
reference_url https://httpd.apache.org/security/json/CVE-2024-27316.json
reference_id CVE-2024-27316
reference_type
scores
url https://httpd.apache.org/security/json/CVE-2024-27316.json
15
reference_url https://security.gentoo.org/glsa/202409-31
reference_id GLSA-202409-31
reference_type
scores
url https://security.gentoo.org/glsa/202409-31
16
reference_url https://support.apple.com/kb/HT214119
reference_id HT214119
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-29T15:46:29Z/
url https://support.apple.com/kb/HT214119
17
reference_url https://access.redhat.com/errata/RHSA-2024:1786
reference_id RHSA-2024:1786
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1786
18
reference_url https://access.redhat.com/errata/RHSA-2024:1872
reference_id RHSA-2024:1872
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1872
19
reference_url https://access.redhat.com/errata/RHSA-2024:2564
reference_id RHSA-2024:2564
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2564
20
reference_url https://access.redhat.com/errata/RHSA-2024:2693
reference_id RHSA-2024:2693
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2693
21
reference_url https://access.redhat.com/errata/RHSA-2024:2694
reference_id RHSA-2024:2694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2694
22
reference_url https://access.redhat.com/errata/RHSA-2024:2891
reference_id RHSA-2024:2891
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2891
23
reference_url https://access.redhat.com/errata/RHSA-2024:2907
reference_id RHSA-2024:2907
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2907
24
reference_url https://access.redhat.com/errata/RHSA-2024:3402
reference_id RHSA-2024:3402
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3402
25
reference_url https://access.redhat.com/errata/RHSA-2024:3417
reference_id RHSA-2024:3417
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3417
26
reference_url https://access.redhat.com/errata/RHSA-2024:4390
reference_id RHSA-2024:4390
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4390
27
reference_url https://access.redhat.com/errata/RHSA-2025:16668
reference_id RHSA-2025:16668
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:16668
28
reference_url https://usn.ubuntu.com/6729-1/
reference_id USN-6729-1
reference_type
scores
url https://usn.ubuntu.com/6729-1/
29
reference_url https://usn.ubuntu.com/6729-2/
reference_id USN-6729-2
reference_type
scores
url https://usn.ubuntu.com/6729-2/
30
reference_url https://usn.ubuntu.com/6729-3/
reference_id USN-6729-3
reference_type
scores
url https://usn.ubuntu.com/6729-3/
fixed_packages
aliases CVE-2024-27316
risk_score 10.0
exploitability 2.0
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2e6w-fs4j-17g9
1
url VCID-d5x5-hcjh-efcr
vulnerability_id VCID-d5x5-hcjh-efcr
summary 
Bouncy Castle crafted signature and public key can be used to trigger an infinite loop
An issue was discovered in Bouncy Castle Java Cryptography APIs starting in 1.73 and before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public key.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-30172.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-30172.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-30172
reference_id
reference_type
scores
0
value 0.00075
scoring_system epss
scoring_elements 0.22412
published_at 2026-04-29T12:55:00Z
1
value 0.00075
scoring_system epss
scoring_elements 0.22414
published_at 2026-04-26T12:55:00Z
2
value 0.00075
scoring_system epss
scoring_elements 0.2263
published_at 2026-04-16T12:55:00Z
3
value 0.00075
scoring_system epss
scoring_elements 0.22424
published_at 2026-04-24T12:55:00Z
4
value 0.00075
scoring_system epss
scoring_elements 0.22579
published_at 2026-04-21T12:55:00Z
5
value 0.00075
scoring_system epss
scoring_elements 0.22713
published_at 2026-04-11T12:55:00Z
6
value 0.00075
scoring_system epss
scoring_elements 0.22673
published_at 2026-04-12T12:55:00Z
7
value 0.00075
scoring_system epss
scoring_elements 0.22615
published_at 2026-04-13T12:55:00Z
8
value 0.00075
scoring_system epss
scoring_elements 0.22627
published_at 2026-04-18T12:55:00Z
9
value 0.00077
scoring_system epss
scoring_elements 0.23136
published_at 2026-04-02T12:55:00Z
10
value 0.00077
scoring_system epss
scoring_elements 0.2318
published_at 2026-04-04T12:55:00Z
11
value 0.00077
scoring_system epss
scoring_elements 0.2297
published_at 2026-04-07T12:55:00Z
12
value 0.00077
scoring_system epss
scoring_elements 0.23043
published_at 2026-04-08T12:55:00Z
13
value 0.00077
scoring_system epss
scoring_elements 0.23096
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-30172
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-30172
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-30172
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9030172
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9030172
5
reference_url https://github.com/bcgit/bc-java/commit/1b9fd9b545e691bfb3941a9f6a797660c8860f02
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/1b9fd9b545e691bfb3941a9f6a797660c8860f02
6
reference_url https://github.com/bcgit/bc-java/commit/9c165791b68a204678b48ec11e4e579754c2ea49
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/9c165791b68a204678b48ec11e4e579754c2ea49
7
reference_url https://github.com/bcgit/bc-java/commit/ebe1c75579170072dc59b8dee2b55ce31663178f
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/ebe1c75579170072dc59b8dee2b55ce31663178f
8
reference_url https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9030172
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9030172
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-30172
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-30172
10
reference_url https://security.netapp.com/advisory/ntap-20240614-0007
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240614-0007
11
reference_url https://www.bouncycastle.org/latest_releases.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-05T13:44:28Z/
url https://www.bouncycastle.org/latest_releases.html
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070655
reference_id 1070655
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070655
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2293025
reference_id 2293025
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2293025
14
reference_url https://github.com/advisories/GHSA-m44j-cfrm-g8qc
reference_id GHSA-m44j-cfrm-g8qc
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-m44j-cfrm-g8qc
15
reference_url https://security.netapp.com/advisory/ntap-20240614-0007/
reference_id ntap-20240614-0007
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-05T13:44:28Z/
url https://security.netapp.com/advisory/ntap-20240614-0007/
16
reference_url https://access.redhat.com/errata/RHSA-2024:4271
reference_id RHSA-2024:4271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4271
17
reference_url https://access.redhat.com/errata/RHSA-2024:4326
reference_id RHSA-2024:4326
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4326
18
reference_url https://access.redhat.com/errata/RHSA-2024:4505
reference_id RHSA-2024:4505
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4505
19
reference_url https://access.redhat.com/errata/RHSA-2024:5479
reference_id RHSA-2024:5479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5479
20
reference_url https://access.redhat.com/errata/RHSA-2024:5481
reference_id RHSA-2024:5481
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5481
21
reference_url https://access.redhat.com/errata/RHSA-2024:5482
reference_id RHSA-2024:5482
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5482
22
reference_url https://usn.ubuntu.com/8108-1/
reference_id USN-8108-1
reference_type
scores
url https://usn.ubuntu.com/8108-1/
fixed_packages
aliases CVE-2024-30172, GHSA-m44j-cfrm-g8qc
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d5x5-hcjh-efcr
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-log4j-jboss-logmanager@1.3.1-1.Final_redhat_00002.1%3Farch=el8eap