Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/rh-sso7-keycloak@18.0.9-1.redhat_00001.1?arch=el9sso
Typerpm
Namespaceredhat
Namerh-sso7-keycloak
Version18.0.9-1.redhat_00001.1
Qualifiers
arch el9sso
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-2cup-9gdn-yyhk
vulnerability_id VCID-2cup-9gdn-yyhk
summary 
jackson-databind possible Denial of Service if using JDK serialization to serialize JsonNode
jackson-databind 2.10.x through 2.12.x before 2.12.6 and 2.13.x before 2.13.1 allows attackers to cause a denial of service (2 GB transient heap usage per read) in uncommon situations involving JsonNode JDK serialization.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46877.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46877.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-46877
reference_id
reference_type
scores
0
value 0.00252
scoring_system epss
scoring_elements 0.48562
published_at 2026-04-04T12:55:00Z
1
value 0.00252
scoring_system epss
scoring_elements 0.48539
published_at 2026-04-02T12:55:00Z
2
value 0.00252
scoring_system epss
scoring_elements 0.48504
published_at 2026-04-01T12:55:00Z
3
value 0.00293
scoring_system epss
scoring_elements 0.52692
published_at 2026-04-21T12:55:00Z
4
value 0.00293
scoring_system epss
scoring_elements 0.52599
published_at 2026-04-07T12:55:00Z
5
value 0.00293
scoring_system epss
scoring_elements 0.5265
published_at 2026-04-08T12:55:00Z
6
value 0.00293
scoring_system epss
scoring_elements 0.52645
published_at 2026-04-09T12:55:00Z
7
value 0.00293
scoring_system epss
scoring_elements 0.52695
published_at 2026-04-11T12:55:00Z
8
value 0.00293
scoring_system epss
scoring_elements 0.52679
published_at 2026-04-12T12:55:00Z
9
value 0.00293
scoring_system epss
scoring_elements 0.52663
published_at 2026-04-13T12:55:00Z
10
value 0.00293
scoring_system epss
scoring_elements 0.52701
published_at 2026-04-16T12:55:00Z
11
value 0.00293
scoring_system epss
scoring_elements 0.52709
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-46877
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46877
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46877
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/FasterXML/jackson-databind
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FasterXML/jackson-databind
5
reference_url https://github.com/FasterXML/jackson-databind/commit/3ccde7d938fea547e598fdefe9a82cff37fed5cb
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FasterXML/jackson-databind/commit/3ccde7d938fea547e598fdefe9a82cff37fed5cb
6
reference_url https://github.com/FasterXML/jackson-databind/issues/3328
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T15:58:50Z/
url https://github.com/FasterXML/jackson-databind/issues/3328
7
reference_url https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.12.6
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.12.6
8
reference_url https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.13.1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.13.1
9
reference_url https://groups.google.com/g/jackson-user/c/OsBsirPM_Vw
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T15:58:50Z/
url https://groups.google.com/g/jackson-user/c/OsBsirPM_Vw
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2185707
reference_id 2185707
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2185707
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-46877
reference_id CVE-2021-46877
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-46877
12
reference_url https://github.com/advisories/GHSA-3x8x-79m2-3w2w
reference_id GHSA-3x8x-79m2-3w2w
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3x8x-79m2-3w2w
13
reference_url https://access.redhat.com/errata/RHSA-2023:2097
reference_id RHSA-2023:2097
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2097
14
reference_url https://access.redhat.com/errata/RHSA-2023:3223
reference_id RHSA-2023:3223
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3223
15
reference_url https://access.redhat.com/errata/RHSA-2023:3299
reference_id RHSA-2023:3299
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3299
16
reference_url https://access.redhat.com/errata/RHSA-2023:3373
reference_id RHSA-2023:3373
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3373
17
reference_url https://access.redhat.com/errata/RHSA-2023:3610
reference_id RHSA-2023:3610
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3610
18
reference_url https://access.redhat.com/errata/RHSA-2023:3815
reference_id RHSA-2023:3815
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3815
19
reference_url https://access.redhat.com/errata/RHSA-2023:4627
reference_id RHSA-2023:4627
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4627
20
reference_url https://access.redhat.com/errata/RHSA-2023:5147
reference_id RHSA-2023:5147
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5147
fixed_packages
aliases CVE-2021-46877, GHSA-3x8x-79m2-3w2w
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2cup-9gdn-yyhk
1
url VCID-7yc7-e35f-8uhj
vulnerability_id VCID-7yc7-e35f-8uhj
summary 
Uncontrolled Resource Consumption
A flaw was found in undertow. Servlets annotated with @MultipartConfig may cause an OutOfMemoryError due to large multipart content. This may allow unauthorized users to cause remote Denial of Service (DoS) attack. If the server uses fileSizeThreshold to limit the file size, it's possible to bypass the limit by setting the file name in the request to null.
references
0
reference_url https://access.redhat.com/errata/RHSA-2023:4505
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-13T20:07:40Z/
url https://access.redhat.com/errata/RHSA-2023:4505
1
reference_url https://access.redhat.com/errata/RHSA-2023:4506
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-13T20:07:40Z/
url https://access.redhat.com/errata/RHSA-2023:4506
2
reference_url https://access.redhat.com/errata/RHSA-2023:4507
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-13T20:07:40Z/
url https://access.redhat.com/errata/RHSA-2023:4507
3
reference_url https://access.redhat.com/errata/RHSA-2023:4509
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-13T20:07:40Z/
url https://access.redhat.com/errata/RHSA-2023:4509
4
reference_url https://access.redhat.com/errata/RHSA-2023:4918
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-13T20:07:40Z/
url https://access.redhat.com/errata/RHSA-2023:4918
5
reference_url https://access.redhat.com/errata/RHSA-2023:4919
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-13T20:07:40Z/
url https://access.redhat.com/errata/RHSA-2023:4919
6
reference_url https://access.redhat.com/errata/RHSA-2023:4920
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-13T20:07:40Z/
url https://access.redhat.com/errata/RHSA-2023:4920
7
reference_url https://access.redhat.com/errata/RHSA-2023:4921
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-13T20:07:40Z/
url https://access.redhat.com/errata/RHSA-2023:4921
8
reference_url https://access.redhat.com/errata/RHSA-2023:4924
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-13T20:07:40Z/
url https://access.redhat.com/errata/RHSA-2023:4924
9
reference_url https://access.redhat.com/errata/RHSA-2023:7247
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-13T20:07:40Z/
url https://access.redhat.com/errata/RHSA-2023:7247
10
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3223.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3223.json
11
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-3223
reference_id
reference_type
scores
0
value 0.00879
scoring_system epss
scoring_elements 0.75383
published_at 2026-04-21T12:55:00Z
1
value 0.00879
scoring_system epss
scoring_elements 0.75296
published_at 2026-04-02T12:55:00Z
2
value 0.00879
scoring_system epss
scoring_elements 0.75328
published_at 2026-04-04T12:55:00Z
3
value 0.00879
scoring_system epss
scoring_elements 0.75305
published_at 2026-04-07T12:55:00Z
4
value 0.00879
scoring_system epss
scoring_elements 0.75348
published_at 2026-04-08T12:55:00Z
5
value 0.00879
scoring_system epss
scoring_elements 0.75358
published_at 2026-04-09T12:55:00Z
6
value 0.00879
scoring_system epss
scoring_elements 0.75379
published_at 2026-04-11T12:55:00Z
7
value 0.00879
scoring_system epss
scoring_elements 0.75357
published_at 2026-04-12T12:55:00Z
8
value 0.00879
scoring_system epss
scoring_elements 0.75346
published_at 2026-04-13T12:55:00Z
9
value 0.00879
scoring_system epss
scoring_elements 0.75386
published_at 2026-04-16T12:55:00Z
10
value 0.00879
scoring_system epss
scoring_elements 0.75392
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-3223
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2209689
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-13T20:07:40Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2209689
13
reference_url https://github.com/undertow-io/undertow
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/undertow-io/undertow
14
reference_url https://security.netapp.com/advisory/ntap-20231027-0004
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20231027-0004
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054893
reference_id 1054893
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054893
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:integration:1
reference_id cpe:/a:redhat:integration:1
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:integration:1
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_grid:7
reference_id cpe:/a:redhat:jboss_data_grid:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_grid:7
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_grid:8
reference_id cpe:/a:redhat:jboss_data_grid:8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_grid:8
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jbosseapxp
reference_id cpe:/a:redhat:jbosseapxp
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jbosseapxp
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:7.4
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_bpms_platform:7
reference_id cpe:/a:redhat:jboss_enterprise_bpms_platform:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_bpms_platform:7
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_brms_platform:7
reference_id cpe:/a:redhat:jboss_enterprise_brms_platform:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_brms_platform:7
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_fuse:6
reference_id cpe:/a:redhat:jboss_fuse:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_fuse:6
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_fuse:7
reference_id cpe:/a:redhat:jboss_fuse:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_fuse:7
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_application_runtimes:1.0
reference_id cpe:/a:redhat:openshift_application_runtimes:1.0
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_application_runtimes:1.0
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack-optools:13
reference_id cpe:/a:redhat:openstack-optools:13
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack-optools:13
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:quarkus:2
reference_id cpe:/a:redhat:quarkus:2
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:quarkus:2
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6.5
reference_id cpe:/a:redhat:red_hat_single_sign_on:7.6.5
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6.5
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el7
reference_id cpe:/a:redhat:red_hat_single_sign_on:7.6::el7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el7
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el8
reference_id cpe:/a:redhat:red_hat_single_sign_on:7.6::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el8
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el9
reference_id cpe:/a:redhat:red_hat_single_sign_on:7.6::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el9
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhosemc:1.0::el8
reference_id cpe:/a:redhat:rhosemc:1.0::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhosemc:1.0::el8
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:service_registry:2
reference_id cpe:/a:redhat:service_registry:2
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:service_registry:2
37
reference_url https://access.redhat.com/security/cve/CVE-2023-3223
reference_id CVE-2023-3223
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-13T20:07:40Z/
url https://access.redhat.com/security/cve/CVE-2023-3223
38
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-3223
reference_id CVE-2023-3223
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-3223
39
reference_url https://github.com/advisories/GHSA-65h2-wf7m-q2v8
reference_id GHSA-65h2-wf7m-q2v8
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-65h2-wf7m-q2v8
40
reference_url https://security.netapp.com/advisory/ntap-20231027-0004/
reference_id ntap-20231027-0004
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-13T20:07:40Z/
url https://security.netapp.com/advisory/ntap-20231027-0004/
fixed_packages
aliases CVE-2023-3223, GHSA-65h2-wf7m-q2v8
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7yc7-e35f-8uhj
2
url VCID-qq1f-3nsz-6kcz
vulnerability_id VCID-qq1f-3nsz-6kcz
summary 
Jettison vulnerable to infinite recursion
An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads to a StackOverflowError exception being thrown.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1436.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1436.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-1436
reference_id
reference_type
scores
0
value 0.00026
scoring_system epss
scoring_elements 0.07004
published_at 2026-04-02T12:55:00Z
1
value 0.0003
scoring_system epss
scoring_elements 0.08499
published_at 2026-04-11T12:55:00Z
2
value 0.0003
scoring_system epss
scoring_elements 0.08506
published_at 2026-04-09T12:55:00Z
3
value 0.0003
scoring_system epss
scoring_elements 0.08488
published_at 2026-04-08T12:55:00Z
4
value 0.0003
scoring_system epss
scoring_elements 0.08415
published_at 2026-04-07T12:55:00Z
5
value 0.0003
scoring_system epss
scoring_elements 0.08496
published_at 2026-04-04T12:55:00Z
6
value 0.0003
scoring_system epss
scoring_elements 0.08466
published_at 2026-04-13T12:55:00Z
7
value 0.0003
scoring_system epss
scoring_elements 0.0848
published_at 2026-04-12T12:55:00Z
8
value 0.00097
scoring_system epss
scoring_elements 0.26724
published_at 2026-04-16T12:55:00Z
9
value 0.00097
scoring_system epss
scoring_elements 0.26696
published_at 2026-04-18T12:55:00Z
10
value 0.00097
scoring_system epss
scoring_elements 0.2666
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-1436
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1436
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1436
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/jettison-json/jettison
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jettison-json/jettison
5
reference_url https://github.com/jettison-json/jettison/issues/60
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jettison-json/jettison/issues/60
6
reference_url https://github.com/jettison-json/jettison/pull/62
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jettison-json/jettison/pull/62
7
reference_url https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.4
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.4
8
reference_url https://research.jfrog.com/vulnerabilities/jettison-json-array-dos-xray-427911
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://research.jfrog.com/vulnerabilities/jettison-json-array-dos-xray-427911
9
reference_url https://research.jfrog.com/vulnerabilities/jettison-json-array-dos-xray-427911/
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T15:02:11Z/
url https://research.jfrog.com/vulnerabilities/jettison-json-array-dos-xray-427911/
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033846
reference_id 1033846
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033846
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2182788
reference_id 2182788
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2182788
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-1436
reference_id CVE-2023-1436
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-1436
13
reference_url https://github.com/advisories/GHSA-q6g2-g7f3-rr83
reference_id GHSA-q6g2-g7f3-rr83
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q6g2-g7f3-rr83
14
reference_url https://access.redhat.com/errata/RHSA-2023:2100
reference_id RHSA-2023:2100
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2100
15
reference_url https://access.redhat.com/errata/RHSA-2023:3622
reference_id RHSA-2023:3622
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3622
16
reference_url https://access.redhat.com/errata/RHSA-2023:3641
reference_id RHSA-2023:3641
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3641
17
reference_url https://access.redhat.com/errata/RHSA-2023:3663
reference_id RHSA-2023:3663
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3663
18
reference_url https://access.redhat.com/errata/RHSA-2023:3667
reference_id RHSA-2023:3667
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3667
19
reference_url https://access.redhat.com/errata/RHSA-2023:7670
reference_id RHSA-2023:7670
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7670
20
reference_url https://access.redhat.com/errata/RHSA-2024:1027
reference_id RHSA-2024:1027
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1027
21
reference_url https://usn.ubuntu.com/6179-1/
reference_id USN-6179-1
reference_type
scores
url https://usn.ubuntu.com/6179-1/
fixed_packages
aliases CVE-2023-1436, GHSA-q6g2-g7f3-rr83
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qq1f-3nsz-6kcz
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@18.0.9-1.redhat_00001.1%3Farch=el9sso