Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/eap8-elytron-web@4.0.1-1.Final_redhat_00001.1?arch=el8eap
Typerpm
Namespaceredhat
Nameeap8-elytron-web
Version4.0.1-1.Final_redhat_00001.1
Qualifiers
arch el8eap
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-9p6a-t8zz-jkfd
vulnerability_id VCID-9p6a-t8zz-jkfd
summary 
WildFly Elytron: SSRF security issue
A flaw was found in` JwtValidator.resolvePublicKey` in JBoss EAP, where the validator checks jku and sends a HTTP request. During this process, no whitelisting or other filtering behavior is performed on the destination URL address, which may result in a server-side request forgery (SSRF) vulnerability.
references
0
reference_url https://access.redhat.com/errata/RHSA-2024:3559
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://access.redhat.com/errata/RHSA-2024:3559
1
reference_url https://access.redhat.com/errata/RHSA-2024:3560
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://access.redhat.com/errata/RHSA-2024:3560
2
reference_url https://access.redhat.com/errata/RHSA-2024:3561
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://access.redhat.com/errata/RHSA-2024:3561
3
reference_url https://access.redhat.com/errata/RHSA-2024:3563
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://access.redhat.com/errata/RHSA-2024:3563
4
reference_url https://access.redhat.com/errata/RHSA-2024:3580
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://access.redhat.com/errata/RHSA-2024:3580
5
reference_url https://access.redhat.com/errata/RHSA-2024:3581
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://access.redhat.com/errata/RHSA-2024:3581
6
reference_url https://access.redhat.com/errata/RHSA-2024:3583
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://access.redhat.com/errata/RHSA-2024:3583
7
reference_url https://access.redhat.com/errata/RHSA-2025:9582
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://access.redhat.com/errata/RHSA-2025:9582
8
reference_url https://access.redhat.com/errata/RHSA-2025:9583
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://access.redhat.com/errata/RHSA-2025:9583
9
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1233.json
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1233.json
10
reference_url https://access.redhat.com/security/cve/CVE-2024-1233
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://access.redhat.com/security/cve/CVE-2024-1233
11
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-1233
reference_id
reference_type
scores
0
value 0.00177
scoring_system epss
scoring_elements 0.39229
published_at 2026-04-21T12:55:00Z
1
value 0.00177
scoring_system epss
scoring_elements 0.39327
published_at 2026-04-02T12:55:00Z
2
value 0.00177
scoring_system epss
scoring_elements 0.39351
published_at 2026-04-04T12:55:00Z
3
value 0.00177
scoring_system epss
scoring_elements 0.39265
published_at 2026-04-07T12:55:00Z
4
value 0.00177
scoring_system epss
scoring_elements 0.3932
published_at 2026-04-08T12:55:00Z
5
value 0.00177
scoring_system epss
scoring_elements 0.39336
published_at 2026-04-09T12:55:00Z
6
value 0.00177
scoring_system epss
scoring_elements 0.39348
published_at 2026-04-11T12:55:00Z
7
value 0.00177
scoring_system epss
scoring_elements 0.39309
published_at 2026-04-12T12:55:00Z
8
value 0.00177
scoring_system epss
scoring_elements 0.39291
published_at 2026-04-13T12:55:00Z
9
value 0.00177
scoring_system epss
scoring_elements 0.39343
published_at 2026-04-16T12:55:00Z
10
value 0.00177
scoring_system epss
scoring_elements 0.39316
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-1233
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2262849
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2262849
13
reference_url https://github.com/wildfly-security/wildfly-elytron
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/wildfly-security/wildfly-elytron
14
reference_url https://github.com/wildfly/wildfly/commit/aa151a00d75d6dbc4a1bf1b68d58b9de3087bb62
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/wildfly/wildfly/commit/aa151a00d75d6dbc4a1bf1b68d58b9de3087bb62
15
reference_url https://github.com/wildfly/wildfly/pull/17812/commits/0c02350bc0d84287bed46e7c32f90b36e50d3523
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://github.com/wildfly/wildfly/pull/17812/commits/0c02350bc0d84287bed46e7c32f90b36e50d3523
16
reference_url https://issues.redhat.com/browse/WFLY-19226
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://issues.redhat.com/browse/WFLY-19226
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-1233
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-1233
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jbosseapxp
reference_id cpe:/a:redhat:jbosseapxp
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jbosseapxp
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:7.4
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.0
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:8.0
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.0
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7
reference_id cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7
reference_id cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7
28
reference_url https://github.com/advisories/GHSA-v4mm-q8fv-r2w5
reference_id GHSA-v4mm-q8fv-r2w5
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://github.com/advisories/GHSA-v4mm-q8fv-r2w5
fixed_packages
aliases CVE-2024-1233, GHSA-v4mm-q8fv-r2w5
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9p6a-t8zz-jkfd
1
url VCID-etqf-v4yp-4fdu
vulnerability_id VCID-etqf-v4yp-4fdu
summary 
WildFly Elytron: OIDC app attempting to access the second tenant, the user should be prompted to log
A flaw was found in JBoss EAP. When an OIDC app that serves multiple tenants attempts to access the second tenant, it should prompt the user to log in again since the second tenant is secured with a different OIDC configuration. The underlying issue is in OidcSessionTokenStore when determining if a cached token should be used or not. This logic needs to be updated to take into account the new "provider-url" option in addition to the "realm" option.
references
0
reference_url https://access.redhat.com/errata/RHSA-2024:3580
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-31T17:54:51Z/
url https://access.redhat.com/errata/RHSA-2024:3580
1
reference_url https://access.redhat.com/errata/RHSA-2024:3581
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-31T17:54:51Z/
url https://access.redhat.com/errata/RHSA-2024:3581
2
reference_url https://access.redhat.com/errata/RHSA-2024:3583
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-31T17:54:51Z/
url https://access.redhat.com/errata/RHSA-2024:3583
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6236.json
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6236.json
4
reference_url https://access.redhat.com/security/cve/CVE-2023-6236
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-31T17:54:51Z/
url https://access.redhat.com/security/cve/CVE-2023-6236
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-6236
reference_id
reference_type
scores
0
value 0.00061
scoring_system epss
scoring_elements 0.19202
published_at 2026-04-09T12:55:00Z
1
value 0.00061
scoring_system epss
scoring_elements 0.19066
published_at 2026-04-16T12:55:00Z
2
value 0.00061
scoring_system epss
scoring_elements 0.19107
published_at 2026-04-13T12:55:00Z
3
value 0.00061
scoring_system epss
scoring_elements 0.19162
published_at 2026-04-12T12:55:00Z
4
value 0.00061
scoring_system epss
scoring_elements 0.19208
published_at 2026-04-11T12:55:00Z
5
value 0.00061
scoring_system epss
scoring_elements 0.19299
published_at 2026-04-02T12:55:00Z
6
value 0.00061
scoring_system epss
scoring_elements 0.19352
published_at 2026-04-04T12:55:00Z
7
value 0.00061
scoring_system epss
scoring_elements 0.19068
published_at 2026-04-07T12:55:00Z
8
value 0.00061
scoring_system epss
scoring_elements 0.19148
published_at 2026-04-08T12:55:00Z
9
value 0.00063
scoring_system epss
scoring_elements 0.19725
published_at 2026-04-21T12:55:00Z
10
value 0.00063
scoring_system epss
scoring_elements 0.19712
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-6236
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2250812
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-31T17:54:51Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2250812
7
reference_url https://github.com/wildfly-security/wildfly-elytron
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/wildfly-security/wildfly-elytron
8
reference_url https://github.com/wildfly-security/wildfly-elytron/commit/6e94ec3476a279c0a130186209c50a2991ba4c84
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/wildfly-security/wildfly-elytron/commit/6e94ec3476a279c0a130186209c50a2991ba4c84
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-6236
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-6236
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jbosseapxp
reference_id cpe:/a:redhat:jbosseapxp
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jbosseapxp
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.0
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:8.0
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.0
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9
15
reference_url https://github.com/advisories/GHSA-jpmx-996v-48fm
reference_id GHSA-jpmx-996v-48fm
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jpmx-996v-48fm
fixed_packages
aliases CVE-2023-6236, GHSA-jpmx-996v-48fm
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-etqf-v4yp-4fdu
2
url VCID-vf46-vrr9-k7c6
vulnerability_id VCID-vf46-vrr9-k7c6
summary eap-galleon: custom provisioning creates unsecured http-invoker
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4503.json
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4503.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-4503
reference_id
reference_type
scores
0
value 0.00191
scoring_system epss
scoring_elements 0.40908
published_at 2026-04-21T12:55:00Z
1
value 0.00191
scoring_system epss
scoring_elements 0.40992
published_at 2026-04-02T12:55:00Z
2
value 0.00191
scoring_system epss
scoring_elements 0.41015
published_at 2026-04-16T12:55:00Z
3
value 0.00191
scoring_system epss
scoring_elements 0.40986
published_at 2026-04-18T12:55:00Z
4
value 0.00191
scoring_system epss
scoring_elements 0.41024
published_at 2026-04-04T12:55:00Z
5
value 0.00191
scoring_system epss
scoring_elements 0.4095
published_at 2026-04-07T12:55:00Z
6
value 0.00191
scoring_system epss
scoring_elements 0.40999
published_at 2026-04-08T12:55:00Z
7
value 0.00191
scoring_system epss
scoring_elements 0.41007
published_at 2026-04-09T12:55:00Z
8
value 0.00191
scoring_system epss
scoring_elements 0.41025
published_at 2026-04-11T12:55:00Z
9
value 0.00191
scoring_system epss
scoring_elements 0.4099
published_at 2026-04-12T12:55:00Z
10
value 0.00191
scoring_system epss
scoring_elements 0.40974
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-4503
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2184751
reference_id 2184751
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-07T15:53:22Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2184751
3
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jbosseapxp
reference_id cpe:/a:redhat:jbosseapxp
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jbosseapxp
4
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:7.4
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9
8
reference_url https://access.redhat.com/security/cve/CVE-2023-4503
reference_id CVE-2023-4503
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-07T15:53:22Z/
url https://access.redhat.com/security/cve/CVE-2023-4503
fixed_packages
aliases CVE-2023-4503
risk_score 3.0
exploitability 0.5
weighted_severity 6.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vf46-vrr9-k7c6
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap8-elytron-web@4.0.1-1.Final_redhat_00001.1%3Farch=el8eap