Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-36.Final_redhat_00035.1?arch=el8eap
Typerpm
Namespaceredhat
Nameeap7-jboss-server-migration
Version1.10.0-36.Final_redhat_00035.1
Qualifiers
arch el8eap
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-9p6a-t8zz-jkfd
vulnerability_id VCID-9p6a-t8zz-jkfd
summary 
WildFly Elytron: SSRF security issue
A flaw was found in` JwtValidator.resolvePublicKey` in JBoss EAP, where the validator checks jku and sends a HTTP request. During this process, no whitelisting or other filtering behavior is performed on the destination URL address, which may result in a server-side request forgery (SSRF) vulnerability.
references
0
reference_url https://access.redhat.com/errata/RHSA-2024:3559
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://access.redhat.com/errata/RHSA-2024:3559
1
reference_url https://access.redhat.com/errata/RHSA-2024:3560
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://access.redhat.com/errata/RHSA-2024:3560
2
reference_url https://access.redhat.com/errata/RHSA-2024:3561
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://access.redhat.com/errata/RHSA-2024:3561
3
reference_url https://access.redhat.com/errata/RHSA-2024:3563
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://access.redhat.com/errata/RHSA-2024:3563
4
reference_url https://access.redhat.com/errata/RHSA-2024:3580
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://access.redhat.com/errata/RHSA-2024:3580
5
reference_url https://access.redhat.com/errata/RHSA-2024:3581
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://access.redhat.com/errata/RHSA-2024:3581
6
reference_url https://access.redhat.com/errata/RHSA-2024:3583
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://access.redhat.com/errata/RHSA-2024:3583
7
reference_url https://access.redhat.com/errata/RHSA-2025:9582
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://access.redhat.com/errata/RHSA-2025:9582
8
reference_url https://access.redhat.com/errata/RHSA-2025:9583
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://access.redhat.com/errata/RHSA-2025:9583
9
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1233.json
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1233.json
10
reference_url https://access.redhat.com/security/cve/CVE-2024-1233
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://access.redhat.com/security/cve/CVE-2024-1233
11
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-1233
reference_id
reference_type
scores
0
value 0.00177
scoring_system epss
scoring_elements 0.39351
published_at 2026-04-04T12:55:00Z
1
value 0.00177
scoring_system epss
scoring_elements 0.39327
published_at 2026-04-02T12:55:00Z
2
value 0.00177
scoring_system epss
scoring_elements 0.39316
published_at 2026-04-18T12:55:00Z
3
value 0.00177
scoring_system epss
scoring_elements 0.39343
published_at 2026-04-16T12:55:00Z
4
value 0.00177
scoring_system epss
scoring_elements 0.39291
published_at 2026-04-13T12:55:00Z
5
value 0.00177
scoring_system epss
scoring_elements 0.39309
published_at 2026-04-12T12:55:00Z
6
value 0.00177
scoring_system epss
scoring_elements 0.39348
published_at 2026-04-11T12:55:00Z
7
value 0.00177
scoring_system epss
scoring_elements 0.39336
published_at 2026-04-09T12:55:00Z
8
value 0.00177
scoring_system epss
scoring_elements 0.3932
published_at 2026-04-08T12:55:00Z
9
value 0.00177
scoring_system epss
scoring_elements 0.39265
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-1233
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2262849
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2262849
13
reference_url https://github.com/wildfly-security/wildfly-elytron
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/wildfly-security/wildfly-elytron
14
reference_url https://github.com/wildfly/wildfly/commit/aa151a00d75d6dbc4a1bf1b68d58b9de3087bb62
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/wildfly/wildfly/commit/aa151a00d75d6dbc4a1bf1b68d58b9de3087bb62
15
reference_url https://github.com/wildfly/wildfly/pull/17812/commits/0c02350bc0d84287bed46e7c32f90b36e50d3523
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://github.com/wildfly/wildfly/pull/17812/commits/0c02350bc0d84287bed46e7c32f90b36e50d3523
16
reference_url https://issues.redhat.com/browse/WFLY-19226
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://issues.redhat.com/browse/WFLY-19226
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-1233
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-1233
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jbosseapxp
reference_id cpe:/a:redhat:jbosseapxp
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jbosseapxp
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:7.4
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.0
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:8.0
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.0
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7
reference_id cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7
reference_id cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7
28
reference_url https://github.com/advisories/GHSA-v4mm-q8fv-r2w5
reference_id GHSA-v4mm-q8fv-r2w5
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://github.com/advisories/GHSA-v4mm-q8fv-r2w5
fixed_packages
aliases CVE-2024-1233, GHSA-v4mm-q8fv-r2w5
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9p6a-t8zz-jkfd
1
url VCID-efw6-swgm-4fbc
vulnerability_id VCID-efw6-swgm-4fbc
summary 
SSRF vulnerability using the Aegis DataBinding in Apache CXF
A SSRF vulnerability using the Aegis DataBinding in versions of Apache CXF before 4.0.4, 3.6.3 and 3.5.8 allows an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type. Users of other data bindings (including the default databinding) are not impacted.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-28752.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-28752.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-28752
reference_id
reference_type
scores
0
value 0.0059
scoring_system epss
scoring_elements 0.69148
published_at 2026-04-02T12:55:00Z
1
value 0.00799
scoring_system epss
scoring_elements 0.74016
published_at 2026-04-04T12:55:00Z
2
value 0.55152
scoring_system epss
scoring_elements 0.98061
published_at 2026-04-11T12:55:00Z
3
value 0.55152
scoring_system epss
scoring_elements 0.98052
published_at 2026-04-07T12:55:00Z
4
value 0.55152
scoring_system epss
scoring_elements 0.98056
published_at 2026-04-08T12:55:00Z
5
value 0.55152
scoring_system epss
scoring_elements 0.98057
published_at 2026-04-09T12:55:00Z
6
value 0.55152
scoring_system epss
scoring_elements 0.98062
published_at 2026-04-13T12:55:00Z
7
value 0.57136
scoring_system epss
scoring_elements 0.98152
published_at 2026-04-16T12:55:00Z
8
value 0.57136
scoring_system epss
scoring_elements 0.98154
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-28752
2
reference_url https://cxf.apache.org/security-advisories.data/CVE-2024-28752.txt
reference_id
reference_type
scores
0
value 9.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-20T03:55:33Z/
url https://cxf.apache.org/security-advisories.data/CVE-2024-28752.txt
3
reference_url https://github.com/apache/cxf
reference_id
reference_type
scores
0
value 9.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/cxf
4
reference_url https://github.com/apache/cxf/commit/d0baeb3ee64c6d7c883bd2f5c4cb0de6b0b5f463
reference_id
reference_type
scores
0
value 9.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/cxf/commit/d0baeb3ee64c6d7c883bd2f5c4cb0de6b0b5f463
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-28752
reference_id
reference_type
scores
0
value 9.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-28752
6
reference_url https://security.netapp.com/advisory/ntap-20240517-0001
reference_id
reference_type
scores
0
value 9.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240517-0001
7
reference_url http://www.openwall.com/lists/oss-security/2024/03/14/3
reference_id
reference_type
scores
0
value 9.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-20T03:55:33Z/
url http://www.openwall.com/lists/oss-security/2024/03/14/3
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2270732
reference_id 2270732
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2270732
9
reference_url https://github.com/advisories/GHSA-qmgx-j96g-4428
reference_id GHSA-qmgx-j96g-4428
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qmgx-j96g-4428
10
reference_url https://security.netapp.com/advisory/ntap-20240517-0001/
reference_id ntap-20240517-0001
reference_type
scores
0
value 9.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-20T03:55:33Z/
url https://security.netapp.com/advisory/ntap-20240517-0001/
11
reference_url https://access.redhat.com/errata/RHSA-2024:2834
reference_id RHSA-2024:2834
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2834
12
reference_url https://access.redhat.com/errata/RHSA-2024:2852
reference_id RHSA-2024:2852
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2852
13
reference_url https://access.redhat.com/errata/RHSA-2024:3708
reference_id RHSA-2024:3708
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3708
14
reference_url https://access.redhat.com/errata/RHSA-2024:5479
reference_id RHSA-2024:5479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5479
15
reference_url https://access.redhat.com/errata/RHSA-2024:5481
reference_id RHSA-2024:5481
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5481
16
reference_url https://access.redhat.com/errata/RHSA-2024:5482
reference_id RHSA-2024:5482
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5482
17
reference_url https://access.redhat.com/errata/RHSA-2024:8339
reference_id RHSA-2024:8339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8339
fixed_packages
aliases CVE-2024-28752, GHSA-qmgx-j96g-4428
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-efw6-swgm-4fbc
2
url VCID-qxnr-wjq5-e7aj
vulnerability_id VCID-qxnr-wjq5-e7aj
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
This affects the package datatables.net If an array is passed to the HTML escape entities function it would not have its contents escaped.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23445.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23445.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-23445
reference_id
reference_type
scores
0
value 0.00379
scoring_system epss
scoring_elements 0.59482
published_at 2026-04-18T12:55:00Z
1
value 0.00379
scoring_system epss
scoring_elements 0.59475
published_at 2026-04-16T12:55:00Z
2
value 0.00379
scoring_system epss
scoring_elements 0.59404
published_at 2026-04-02T12:55:00Z
3
value 0.00379
scoring_system epss
scoring_elements 0.59442
published_at 2026-04-13T12:55:00Z
4
value 0.00379
scoring_system epss
scoring_elements 0.59461
published_at 2026-04-12T12:55:00Z
5
value 0.00379
scoring_system epss
scoring_elements 0.59477
published_at 2026-04-11T12:55:00Z
6
value 0.00379
scoring_system epss
scoring_elements 0.59458
published_at 2026-04-09T12:55:00Z
7
value 0.00379
scoring_system epss
scoring_elements 0.59445
published_at 2026-04-08T12:55:00Z
8
value 0.00379
scoring_system epss
scoring_elements 0.59394
published_at 2026-04-07T12:55:00Z
9
value 0.00379
scoring_system epss
scoring_elements 0.59428
published_at 2026-04-04T12:55:00Z
10
value 0.00379
scoring_system epss
scoring_elements 0.59331
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-23445
2
reference_url https://cdn.datatables.net/1.11.3
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://cdn.datatables.net/1.11.3
3
reference_url https://cdn.datatables.net/1.11.3/
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:14:48Z/
url https://cdn.datatables.net/1.11.3/
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23445
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23445
5
reference_url https://github.com/DataTables/Dist-DataTables
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/DataTables/Dist-DataTables
6
reference_url https://github.com/DataTables/Dist-DataTables/commit/59a8d3f8a3c1138ab08704e783bc52bfe88d7c9b
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:14:48Z/
url https://github.com/DataTables/Dist-DataTables/commit/59a8d3f8a3c1138ab08704e783bc52bfe88d7c9b
7
reference_url https://lists.debian.org/debian-lts-announce/2023/08/msg00018.html
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:14:48Z/
url https://lists.debian.org/debian-lts-announce/2023/08/msg00018.html
8
reference_url https://security.netapp.com/advisory/ntap-20240621-0006
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240621-0006
9
reference_url https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1715371
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:14:48Z/
url https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1715371
10
reference_url https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1715376
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:14:48Z/
url https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1715376
11
reference_url https://snyk.io/vuln/SNYK-JS-DATATABLESNET-1540544
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:14:48Z/
url https://snyk.io/vuln/SNYK-JS-DATATABLESNET-1540544
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2257732
reference_id 2257732
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2257732
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=995229
reference_id 995229
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=995229
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-23445
reference_id CVE-2021-23445
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-23445
15
reference_url https://github.com/advisories/GHSA-h73q-5wmj-q8pj
reference_id GHSA-h73q-5wmj-q8pj
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-h73q-5wmj-q8pj
fixed_packages
aliases CVE-2021-23445, GHSA-h73q-5wmj-q8pj
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qxnr-wjq5-e7aj
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-36.Final_redhat_00035.1%3Farch=el8eap