Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1?arch=el7sso
Typerpm
Namespaceredhat
Namerh-sso7-keycloak
Version18.0.6-1.redhat_00001.1
Qualifiers
arch el7sso
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-2xyb-g3n4-n3ca
vulnerability_id VCID-2xyb-g3n4-n3ca
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other attacks against users.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1274.json
reference_id
reference_type
scores
0
value 7.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1274.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-1274
reference_id
reference_type
scores
0
value 0.00842
scoring_system epss
scoring_elements 0.74741
published_at 2026-04-13T12:55:00Z
1
value 0.00842
scoring_system epss
scoring_elements 0.7475
published_at 2026-04-12T12:55:00Z
2
value 0.00842
scoring_system epss
scoring_elements 0.74771
published_at 2026-04-11T12:55:00Z
3
value 0.00861
scoring_system epss
scoring_elements 0.75036
published_at 2026-04-04T12:55:00Z
4
value 0.00861
scoring_system epss
scoring_elements 0.75012
published_at 2026-04-07T12:55:00Z
5
value 0.00861
scoring_system epss
scoring_elements 0.75057
published_at 2026-04-09T12:55:00Z
6
value 0.00861
scoring_system epss
scoring_elements 0.75046
published_at 2026-04-08T12:55:00Z
7
value 0.00861
scoring_system epss
scoring_elements 0.75004
published_at 2026-04-01T12:55:00Z
8
value 0.00861
scoring_system epss
scoring_elements 0.75007
published_at 2026-04-02T12:55:00Z
9
value 0.00978
scoring_system epss
scoring_elements 0.76766
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-1274
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2073157
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=2073157
3
reference_url https://github.com/keycloak/keycloak
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak
4
reference_url https://github.com/keycloak/keycloak/commit/fc3c61235fa30132123c17ed8702ff7b3a672fe9
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/commit/fc3c61235fa30132123c17ed8702ff7b3a672fe9
5
reference_url https://github.com/keycloak/keycloak/pull/16764
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/pull/16764
6
reference_url https://herolab.usd.de/security-advisories/usd-2021-0033
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://herolab.usd.de/security-advisories/usd-2021-0033
7
reference_url https://herolab.usd.de/security-advisories/usd-2021-0033/
reference_id
reference_type
scores
url https://herolab.usd.de/security-advisories/usd-2021-0033/
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-1274
reference_id CVE-2022-1274
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-1274
9
reference_url https://github.com/advisories/GHSA-m4fv-gm5m-4725
reference_id GHSA-m4fv-gm5m-4725
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-m4fv-gm5m-4725
10
reference_url https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725
reference_id GHSA-m4fv-gm5m-4725
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725
fixed_packages
aliases CVE-2022-1274, GHSA-m4fv-gm5m-4725, GMS-2023-528
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2xyb-g3n4-n3ca
1
url VCID-3s9f-prpy-hbcx
vulnerability_id VCID-3s9f-prpy-hbcx
summary 
Cross-site Scripting
The jQuery library, which is included in rdoc, mishandles `jQuery.extend(true, {}, ...)` because of Object.prototype pollution. If an unsanitized source object contained an enumerable `__proto__` property, it could extend the native `Object.prototype.`
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html
2
reference_url http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html
3
reference_url http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html
4
reference_url http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html
5
reference_url https://access.redhat.com/errata/RHBA-2019:1570
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://access.redhat.com/errata/RHBA-2019:1570
6
reference_url https://access.redhat.com/errata/RHSA-2019:1456
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://access.redhat.com/errata/RHSA-2019:1456
7
reference_url https://access.redhat.com/errata/RHSA-2019:2587
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://access.redhat.com/errata/RHSA-2019:2587
8
reference_url https://access.redhat.com/errata/RHSA-2019:3023
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://access.redhat.com/errata/RHSA-2019:3023
9
reference_url https://access.redhat.com/errata/RHSA-2019:3024
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://access.redhat.com/errata/RHSA-2019:3024
10
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11358.json
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11358.json
11
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-11358
reference_id
reference_type
scores
0
value 0.01856
scoring_system epss
scoring_elements 0.83012
published_at 2026-04-08T12:55:00Z
1
value 0.01856
scoring_system epss
scoring_elements 0.8299
published_at 2026-04-04T12:55:00Z
2
value 0.01856
scoring_system epss
scoring_elements 0.82988
published_at 2026-04-07T12:55:00Z
3
value 0.01856
scoring_system epss
scoring_elements 0.8302
published_at 2026-04-09T12:55:00Z
4
value 0.01856
scoring_system epss
scoring_elements 0.83035
published_at 2026-04-11T12:55:00Z
5
value 0.01856
scoring_system epss
scoring_elements 0.83028
published_at 2026-04-12T12:55:00Z
6
value 0.01856
scoring_system epss
scoring_elements 0.83024
published_at 2026-04-13T12:55:00Z
7
value 0.02646
scoring_system epss
scoring_elements 0.85754
published_at 2026-04-16T12:55:00Z
8
value 0.02717
scoring_system epss
scoring_elements 0.85871
published_at 2026-04-02T12:55:00Z
9
value 0.02717
scoring_system epss
scoring_elements 0.8586
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-11358
12
reference_url https://backdropcms.org/security/backdrop-sa-core-2019-009
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://backdropcms.org/security/backdrop-sa-core-2019-009
13
reference_url https://blog.jquery.com/2019/04/10/jquery-3-4-0-released
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://blog.jquery.com/2019/04/10/jquery-3-4-0-released
14
reference_url https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11358
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11358
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12466
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12466
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12467
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12467
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12468
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12468
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12469
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12469
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12470
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12470
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12471
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12471
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12472
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12472
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12473
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12473
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12474
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12474
25
reference_url http://seclists.org/fulldisclosure/2019/May/10
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url http://seclists.org/fulldisclosure/2019/May/10
26
reference_url http://seclists.org/fulldisclosure/2019/May/11
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url http://seclists.org/fulldisclosure/2019/May/11
27
reference_url http://seclists.org/fulldisclosure/2019/May/13
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url http://seclists.org/fulldisclosure/2019/May/13
28
reference_url https://github.com/django/django/commit/34ec52269ade54af31a021b12969913129571a3f
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/34ec52269ade54af31a021b12969913129571a3f
29
reference_url https://github.com/django/django/commit/95649bc08547a878cebfa1d019edec8cb1b80829
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/95649bc08547a878cebfa1d019edec8cb1b80829
30
reference_url https://github.com/django/django/commit/baaf187a4e354bf3976c51e2c83a0d2f8ee6e6ad
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/baaf187a4e354bf3976c51e2c83a0d2f8ee6e6ad
31
reference_url https://github.com/jquery/jquery
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jquery/jquery
32
reference_url https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b
33
reference_url https://github.com/jquery/jquery/pull/4333
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://github.com/jquery/jquery/pull/4333
34
reference_url https://github.com/maximebf/php-debugbar/commit/847216e60544258c881f2733d699bbcfeefac0fc
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/maximebf/php-debugbar/commit/847216e60544258c881f2733d699bbcfeefac0fc
35
reference_url https://github.com/maximebf/php-debugbar/issues/447
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/maximebf/php-debugbar/issues/447
36
reference_url https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#434
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#434
37
reference_url https://hackerone.com/reports/454365
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3
scoring_elements
url https://hackerone.com/reports/454365
38
reference_url https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601
39
reference_url https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc@%3Ccommits.airflow.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc@%3Ccommits.airflow.apache.org%3E
40
reference_url https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc%40%3Ccommits.airflow.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc%40%3Ccommits.airflow.apache.org%3E
41
reference_url https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
42
reference_url https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E
43
reference_url https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844@%3Ccommits.airflow.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844@%3Ccommits.airflow.apache.org%3E
44
reference_url https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844%40%3Ccommits.airflow.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844%40%3Ccommits.airflow.apache.org%3E
45
reference_url https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f@%3Ccommits.airflow.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f@%3Ccommits.airflow.apache.org%3E
46
reference_url https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f%40%3Ccommits.airflow.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f%40%3Ccommits.airflow.apache.org%3E
47
reference_url https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7@%3Ccommits.airflow.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7@%3Ccommits.airflow.apache.org%3E
48
reference_url https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7%40%3Ccommits.airflow.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7%40%3Ccommits.airflow.apache.org%3E
49
reference_url https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
50
reference_url https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E
51
reference_url https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205@%3Ccommits.airflow.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205@%3Ccommits.airflow.apache.org%3E
52
reference_url https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205%40%3Ccommits.airflow.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205%40%3Ccommits.airflow.apache.org%3E
53
reference_url https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6@%3Ccommits.roller.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6@%3Ccommits.roller.apache.org%3E
54
reference_url https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E
55
reference_url https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E
56
reference_url https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E
57
reference_url https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E
58
reference_url https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E
59
reference_url https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9@%3Cissues.flink.apache.org%3E
60
reference_url https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9%40%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9%40%3Cissues.flink.apache.org%3E
61
reference_url https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa@%3Cissues.flink.apache.org%3E
62
reference_url https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa%40%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa%40%3Cissues.flink.apache.org%3E
63
reference_url https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766@%3Cdev.syncope.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766@%3Cdev.syncope.apache.org%3E
64
reference_url https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766%40%3Cdev.syncope.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766%40%3Cdev.syncope.apache.org%3E
65
reference_url https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08@%3Cissues.flink.apache.org%3E
66
reference_url https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08%40%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08%40%3Cissues.flink.apache.org%3E
67
reference_url https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355@%3Cdev.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355@%3Cdev.flink.apache.org%3E
68
reference_url https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355%40%3Cdev.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355%40%3Cdev.flink.apache.org%3E
69
reference_url https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734@%3Cdev.storm.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734@%3Cdev.storm.apache.org%3E
70
reference_url https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734%40%3Cdev.storm.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734%40%3Cdev.storm.apache.org%3E
71
reference_url https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73@%3Cissues.flink.apache.org%3E
72
reference_url https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73%40%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73%40%3Cissues.flink.apache.org%3E
73
reference_url https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d@%3Cissues.flink.apache.org%3E
74
reference_url https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d%40%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d%40%3Cissues.flink.apache.org%3E
75
reference_url https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E
76
reference_url https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E
77
reference_url https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html
78
reference_url https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html
79
reference_url https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html
80
reference_url https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
81
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA
82
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI
83
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO
84
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP
85
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F
86
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5
87
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA
88
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI
89
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO
90
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP
91
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F
92
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5
93
reference_url https://seclists.org/bugtraq/2019/Apr/32
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://seclists.org/bugtraq/2019/Apr/32
94
reference_url https://seclists.org/bugtraq/2019/Jun/12
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://seclists.org/bugtraq/2019/Jun/12
95
reference_url https://seclists.org/bugtraq/2019/May/18
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://seclists.org/bugtraq/2019/May/18
96
reference_url https://security.netapp.com/advisory/ntap-20190919-0001
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190919-0001
97
reference_url https://security.snyk.io/vuln/SNYK-DOTNET-JQUERY-450226
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.snyk.io/vuln/SNYK-DOTNET-JQUERY-450226
98
reference_url https://snyk.io/vuln/SNYK-JS-JQUERY-174006
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://snyk.io/vuln/SNYK-JS-JQUERY-174006
99
reference_url https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1
100
reference_url https://web.archive.org/web/20190824065237/http://www.securityfocus.com/bid/108023
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20190824065237/http://www.securityfocus.com/bid/108023
101
reference_url https://www.debian.org/security/2019/dsa-4434
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://www.debian.org/security/2019/dsa-4434
102
reference_url https://www.debian.org/security/2019/dsa-4460
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://www.debian.org/security/2019/dsa-4460
103
reference_url https://www.djangoproject.com/weblog/2019/jun/03/security-releases
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2019/jun/03/security-releases
104
reference_url https://www.drupal.org/sa-core-2019-006
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://www.drupal.org/sa-core-2019-006
105
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://www.oracle.com/security-alerts/cpuapr2020.html
106
reference_url https://www.oracle.com/security-alerts/cpuApr2021.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://www.oracle.com/security-alerts/cpuApr2021.html
107
reference_url https://www.oracle.com/security-alerts/cpujan2020.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://www.oracle.com/security-alerts/cpujan2020.html
108
reference_url https://www.oracle.com/security-alerts/cpujan2021.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://www.oracle.com/security-alerts/cpujan2021.html
109
reference_url https://www.oracle.com/security-alerts/cpujan2022.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://www.oracle.com/security-alerts/cpujan2022.html
110
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://www.oracle.com/security-alerts/cpujul2020.html
111
reference_url https://www.oracle.com//security-alerts/cpujul2021.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://www.oracle.com//security-alerts/cpujul2021.html
112
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://www.oracle.com/security-alerts/cpuoct2020.html
113
reference_url https://www.oracle.com/security-alerts/cpuoct2021.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://www.oracle.com/security-alerts/cpuoct2021.html
114
reference_url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
115
reference_url https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
116
reference_url https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery
117
reference_url https://www.synology.com/security/advisory/Synology_SA_19_19
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://www.synology.com/security/advisory/Synology_SA_19_19
118
reference_url https://www.tenable.com/security/tns-2019-08
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://www.tenable.com/security/tns-2019-08
119
reference_url https://www.tenable.com/security/tns-2020-02
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://www.tenable.com/security/tns-2020-02
120
reference_url http://www.openwall.com/lists/oss-security/2019/06/03/2
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url http://www.openwall.com/lists/oss-security/2019/06/03/2
121
reference_url http://www.securityfocus.com/bid/108023
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url http://www.securityfocus.com/bid/108023
122
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1701972
reference_id 1701972
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1701972
123
reference_url https://github.com/nodejs/security-wg/blob/main/vuln/npm/496.json
reference_id 496
reference_type
scores
0
value 5.6
scoring_system cvssv3
scoring_elements
url https://github.com/nodejs/security-wg/blob/main/vuln/npm/496.json
124
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/
reference_id 4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/
125
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/
reference_id 5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/
126
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927466
reference_id 927466
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927466
127
reference_url https://security.archlinux.org/ASA-201906-2
reference_id ASA-201906-2
reference_type
scores
url https://security.archlinux.org/ASA-201906-2
128
reference_url https://security.archlinux.org/AVG-969
reference_id AVG-969
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-969
129
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-11358
reference_id CVE-2019-11358
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-11358
130
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2019-11358.yml
reference_id CVE-2019-11358.YML
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2019-11358.yml
131
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52141.txt
reference_id CVE-2020-7656;CVE-2019-11358
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52141.txt
132
reference_url https://github.com/advisories/GHSA-6c3j-c64m-qhgq
reference_id GHSA-6c3j-c64m-qhgq
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6c3j-c64m-qhgq
133
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/
reference_id KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/
134
reference_url https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/
reference_id mitigating-cve-2019-11358-in-old-versions-of-jquery
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/
135
reference_url https://security.netapp.com/advisory/ntap-20190919-0001/
reference_id ntap-20190919-0001
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://security.netapp.com/advisory/ntap-20190919-0001/
136
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/
reference_id QV3PKZC3PQCO3273HAT76PAQZFBEO4KP
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/
137
reference_url https://access.redhat.com/errata/RHSA-2020:1325
reference_id RHSA-2020:1325
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1325
138
reference_url https://access.redhat.com/errata/RHSA-2020:2412
reference_id RHSA-2020:2412
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2412
139
reference_url https://access.redhat.com/errata/RHSA-2020:3936
reference_id RHSA-2020:3936
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3936
140
reference_url https://access.redhat.com/errata/RHSA-2020:4298
reference_id RHSA-2020:4298
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4298
141
reference_url https://access.redhat.com/errata/RHSA-2020:4670
reference_id RHSA-2020:4670
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4670
142
reference_url https://access.redhat.com/errata/RHSA-2020:4847
reference_id RHSA-2020:4847
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4847
143
reference_url https://access.redhat.com/errata/RHSA-2020:5581
reference_id RHSA-2020:5581
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5581
144
reference_url https://access.redhat.com/errata/RHSA-2021:4142
reference_id RHSA-2021:4142
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4142
145
reference_url https://access.redhat.com/errata/RHSA-2022:7343
reference_id RHSA-2022:7343
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7343
146
reference_url https://access.redhat.com/errata/RHSA-2023:0552
reference_id RHSA-2023:0552
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0552
147
reference_url https://access.redhat.com/errata/RHSA-2023:0553
reference_id RHSA-2023:0553
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0553
148
reference_url https://access.redhat.com/errata/RHSA-2023:0554
reference_id RHSA-2023:0554
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0554
149
reference_url https://access.redhat.com/errata/RHSA-2023:0556
reference_id RHSA-2023:0556
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0556
150
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/
reference_id RLXRX23725JL366CNZGJZ7AQQB7LHQ6F
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/
151
reference_url https://usn.ubuntu.com/7622-1/
reference_id USN-7622-1
reference_type
scores
url https://usn.ubuntu.com/7622-1/
152
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/
reference_id WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/
fixed_packages
aliases CVE-2019-11358, GHSA-6c3j-c64m-qhgq
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3s9f-prpy-hbcx
2
url VCID-4nu3-fknt-puej
vulnerability_id VCID-4nu3-fknt-puej
summary 
snakeYAML before 1.31 vulnerable to Denial of Service due to Out-of-bounds Write
Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38750.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38750.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-38750
reference_id
reference_type
scores
0
value 0.00155
scoring_system epss
scoring_elements 0.36272
published_at 2026-04-16T12:55:00Z
1
value 0.00155
scoring_system epss
scoring_elements 0.36228
published_at 2026-04-13T12:55:00Z
2
value 0.00155
scoring_system epss
scoring_elements 0.36253
published_at 2026-04-12T12:55:00Z
3
value 0.00155
scoring_system epss
scoring_elements 0.36289
published_at 2026-04-11T12:55:00Z
4
value 0.00155
scoring_system epss
scoring_elements 0.36284
published_at 2026-04-09T12:55:00Z
5
value 0.00155
scoring_system epss
scoring_elements 0.36266
published_at 2026-04-08T12:55:00Z
6
value 0.00155
scoring_system epss
scoring_elements 0.36216
published_at 2026-04-07T12:55:00Z
7
value 0.00155
scoring_system epss
scoring_elements 0.36382
published_at 2026-04-04T12:55:00Z
8
value 0.00155
scoring_system epss
scoring_elements 0.36349
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-38750
2
reference_url https://bitbucket.org/snakeyaml/snakeyaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bitbucket.org/snakeyaml/snakeyaml
3
reference_url https://bitbucket.org/snakeyaml/snakeyaml/issues/526/stackoverflow-oss-fuzz-47027
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-15T18:43:03Z/
url https://bitbucket.org/snakeyaml/snakeyaml/issues/526/stackoverflow-oss-fuzz-47027
4
reference_url https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47027
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-15T18:43:03Z/
url https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47027
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38750
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38750
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://lists.debian.org/debian-lts-announce/2022/10/msg00001.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-15T18:43:03Z/
url https://lists.debian.org/debian-lts-announce/2022/10/msg00001.html
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-38750
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-38750
9
reference_url https://security.gentoo.org/glsa/202305-28
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-15T18:43:03Z/
url https://security.gentoo.org/glsa/202305-28
10
reference_url https://security.netapp.com/advisory/ntap-20240315-0010
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240315-0010
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2129707
reference_id 2129707
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2129707
12
reference_url https://github.com/advisories/GHSA-hhhw-99gj-p3c3
reference_id GHSA-hhhw-99gj-p3c3
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hhhw-99gj-p3c3
13
reference_url https://security.netapp.com/advisory/ntap-20240315-0010/
reference_id ntap-20240315-0010
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-15T18:43:03Z/
url https://security.netapp.com/advisory/ntap-20240315-0010/
14
reference_url https://access.redhat.com/errata/RHSA-2022:6757
reference_id RHSA-2022:6757
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6757
15
reference_url https://access.redhat.com/errata/RHSA-2022:8524
reference_id RHSA-2022:8524
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8524
16
reference_url https://access.redhat.com/errata/RHSA-2022:8876
reference_id RHSA-2022:8876
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8876
17
reference_url https://access.redhat.com/errata/RHSA-2023:2097
reference_id RHSA-2023:2097
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2097
18
reference_url https://access.redhat.com/errata/RHSA-2023:2100
reference_id RHSA-2023:2100
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2100
19
reference_url https://access.redhat.com/errata/RHSA-2023:3641
reference_id RHSA-2023:3641
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3641
20
reference_url https://usn.ubuntu.com/5944-1/
reference_id USN-5944-1
reference_type
scores
url https://usn.ubuntu.com/5944-1/
fixed_packages
aliases CVE-2022-38750, GHSA-hhhw-99gj-p3c3
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4nu3-fknt-puej
3
url VCID-4v1f-kt5y-w7d1
vulnerability_id VCID-4v1f-kt5y-w7d1
summary Undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2764.json
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2764.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-2764
reference_id
reference_type
scores
0
value 0.00348
scoring_system epss
scoring_elements 0.57338
published_at 2026-04-04T12:55:00Z
1
value 0.00348
scoring_system epss
scoring_elements 0.57314
published_at 2026-04-07T12:55:00Z
2
value 0.00348
scoring_system epss
scoring_elements 0.57366
published_at 2026-04-08T12:55:00Z
3
value 0.00348
scoring_system epss
scoring_elements 0.57368
published_at 2026-04-16T12:55:00Z
4
value 0.00348
scoring_system epss
scoring_elements 0.57383
published_at 2026-04-11T12:55:00Z
5
value 0.00348
scoring_system epss
scoring_elements 0.57363
published_at 2026-04-12T12:55:00Z
6
value 0.00348
scoring_system epss
scoring_elements 0.57342
published_at 2026-04-13T12:55:00Z
7
value 0.00521
scoring_system epss
scoring_elements 0.66803
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-2764
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2117506
reference_id 2117506
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2117506
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-2764
reference_id CVE-2022-2764
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-2764
4
reference_url https://access.redhat.com/errata/RHSA-2022:8790
reference_id RHSA-2022:8790
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8790
5
reference_url https://access.redhat.com/errata/RHSA-2022:8791
reference_id RHSA-2022:8791
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8791
6
reference_url https://access.redhat.com/errata/RHSA-2022:8792
reference_id RHSA-2022:8792
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8792
7
reference_url https://access.redhat.com/errata/RHSA-2022:8793
reference_id RHSA-2022:8793
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8793
fixed_packages
aliases CVE-2022-2764
risk_score 1.9
exploitability 0.5
weighted_severity 3.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4v1f-kt5y-w7d1
4
url VCID-5618-53yg-8qh4
vulnerability_id VCID-5618-53yg-8qh4
summary 
Potential XSS vulnerability in jQuery
### Impact
Passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. `.html()`, `.append()`, and others) may execute untrusted code.

### Patches
This problem is patched in jQuery 3.5.0.

### Workarounds
To workaround the issue without upgrading, adding the following to your code:

```js
jQuery.htmlPrefilter = function( html ) {
	return html;
};
```

You need to use at least jQuery 1.12/2.2 or newer to be able to apply this workaround.

### References
https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/
https://jquery.com/upgrade-guide/3.5/

### For more information
If you have any questions or comments about this advisory, search for a relevant issue in [the jQuery repo](https://github.com/jquery/jquery/issues). If you don't find an answer, open a new issue.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html
3
reference_url http://packetstormsecurity.com/files/162159/jQuery-1.2-Cross-Site-Scripting.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/162159/jQuery-1.2-Cross-Site-Scripting.html
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11022.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11022.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-11022
reference_id
reference_type
scores
0
value 0.02136
scoring_system epss
scoring_elements 0.84179
published_at 2026-04-08T12:55:00Z
1
value 0.02136
scoring_system epss
scoring_elements 0.84203
published_at 2026-04-11T12:55:00Z
2
value 0.02136
scoring_system epss
scoring_elements 0.84185
published_at 2026-04-09T12:55:00Z
3
value 0.02136
scoring_system epss
scoring_elements 0.84157
published_at 2026-04-07T12:55:00Z
4
value 0.02136
scoring_system epss
scoring_elements 0.84194
published_at 2026-04-13T12:55:00Z
5
value 0.02136
scoring_system epss
scoring_elements 0.84198
published_at 2026-04-12T12:55:00Z
6
value 0.02136
scoring_system epss
scoring_elements 0.84155
published_at 2026-04-04T12:55:00Z
7
value 0.03251
scoring_system epss
scoring_elements 0.87068
published_at 2026-04-01T12:55:00Z
8
value 0.03251
scoring_system epss
scoring_elements 0.87079
published_at 2026-04-02T12:55:00Z
9
value 0.03538
scoring_system epss
scoring_elements 0.87688
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-11022
6
reference_url https://blog.jquery.com/2020/04/10/jquery-3-5-0-released
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://blog.jquery.com/2020/04/10/jquery-3-5-0-released
7
reference_url https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/
reference_id
reference_type
scores
url https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13662
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13662
11
reference_url http://security.netapp.com/advisory/ntap-20200511-0006
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://security.netapp.com/advisory/ntap-20200511-0006
12
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
13
reference_url https://github.com/advisories/GHSA-gxr4-xjj5-5px2
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-gxr4-xjj5-5px2
14
reference_url https://github.com/jquery/jquery
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jquery/jquery
15
reference_url https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77
16
reference_url https://github.com/jquery/jquery/releases/tag/3.5.0
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jquery/jquery/releases/tag/3.5.0
17
reference_url https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3
scoring_elements
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2
18
reference_url https://github.com/maximebf/php-debugbar/commit/847216e60544258c881f2733d699bbcfeefac0fc
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/maximebf/php-debugbar/commit/847216e60544258c881f2733d699bbcfeefac0fc
19
reference_url https://github.com/maximebf/php-debugbar/issues/447
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/maximebf/php-debugbar/issues/447
20
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-11022.yml
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-11022.yml
21
reference_url https://jquery.com/upgrade-guide/3.5
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://jquery.com/upgrade-guide/3.5
22
reference_url https://jquery.com/upgrade-guide/3.5/
reference_id
reference_type
scores
url https://jquery.com/upgrade-guide/3.5/
23
reference_url https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E
27
reference_url https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E
28
reference_url https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E
29
reference_url https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E
30
reference_url https://lists.apache.org/thread.html/rdf44341677cf7eec7e9aa96dcf3f37ed709544863d619cca8c36f133@%3Ccommits.airflow.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rdf44341677cf7eec7e9aa96dcf3f37ed709544863d619cca8c36f133@%3Ccommits.airflow.apache.org%3E
31
reference_url https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E
32
reference_url https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E
33
reference_url https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E
34
reference_url https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html
35
reference_url https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
36
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY
37
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K
38
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4
39
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B
40
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOE7P7APPRQKD4FGNHBKJPDY6FFCOH3W
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOE7P7APPRQKD4FGNHBKJPDY6FFCOH3W
41
reference_url https://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html
42
reference_url https://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html
43
reference_url https://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html
44
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-11022
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-11022
45
reference_url https://packetstormsecurity.com/files/162159/jQuery-1.2-Cross-Site-Scripting.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://packetstormsecurity.com/files/162159/jQuery-1.2-Cross-Site-Scripting.html
46
reference_url https://security.gentoo.org/glsa/202007-03
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202007-03
47
reference_url https://security.netapp.com/advisory/ntap-20200511-0006
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200511-0006
48
reference_url https://www.debian.org/security/2020/dsa-4693
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4693
49
reference_url https://www.drupal.org/sa-core-2020-002
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2020-002
50
reference_url https://www.npmjs.com/advisories/1518
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.npmjs.com/advisories/1518
51
reference_url https://www.oracle.com/security-alerts/cpuApr2021.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuApr2021.html
52
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2022.html
53
reference_url https://www.oracle.com/security-alerts/cpujan2021.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2021.html
54
reference_url https://www.oracle.com/security-alerts/cpujan2022.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2022.html
55
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2020.html
56
reference_url https://www.oracle.com//security-alerts/cpujul2021.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com//security-alerts/cpujul2021.html
57
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2022.html
58
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2020.html
59
reference_url https://www.oracle.com/security-alerts/cpuoct2021.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2021.html
60
reference_url https://www.tenable.com/security/tns-2020-10
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.tenable.com/security/tns-2020-10
61
reference_url https://www.tenable.com/security/tns-2020-11
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.tenable.com/security/tns-2020-11
62
reference_url https://www.tenable.com/security/tns-2021-02
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.tenable.com/security/tns-2021-02
63
reference_url https://www.tenable.com/security/tns-2021-10
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.tenable.com/security/tns-2021-10
64
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1828406
reference_id 1828406
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1828406
65
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/49766.txt
reference_id CVE-2020-11022
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/49766.txt
66
reference_url https://access.redhat.com/errata/RHSA-2020:2217
reference_id RHSA-2020:2217
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2217
67
reference_url https://access.redhat.com/errata/RHSA-2020:2362
reference_id RHSA-2020:2362
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2362
68
reference_url https://access.redhat.com/errata/RHSA-2020:2412
reference_id RHSA-2020:2412
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2412
69
reference_url https://access.redhat.com/errata/RHSA-2020:2813
reference_id RHSA-2020:2813
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2813
70
reference_url https://access.redhat.com/errata/RHSA-2020:3247
reference_id RHSA-2020:3247
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3247
71
reference_url https://access.redhat.com/errata/RHSA-2020:3807
reference_id RHSA-2020:3807
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3807
72
reference_url https://access.redhat.com/errata/RHSA-2020:3936
reference_id RHSA-2020:3936
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3936
73
reference_url https://access.redhat.com/errata/RHSA-2020:4211
reference_id RHSA-2020:4211
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4211
74
reference_url https://access.redhat.com/errata/RHSA-2020:4298
reference_id RHSA-2020:4298
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4298
75
reference_url https://access.redhat.com/errata/RHSA-2020:4670
reference_id RHSA-2020:4670
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4670
76
reference_url https://access.redhat.com/errata/RHSA-2020:4847
reference_id RHSA-2020:4847
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4847
77
reference_url https://access.redhat.com/errata/RHSA-2020:5249
reference_id RHSA-2020:5249
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5249
78
reference_url https://access.redhat.com/errata/RHSA-2021:0778
reference_id RHSA-2021:0778
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0778
79
reference_url https://access.redhat.com/errata/RHSA-2022:6393
reference_id RHSA-2022:6393
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6393
80
reference_url https://access.redhat.com/errata/RHSA-2023:0552
reference_id RHSA-2023:0552
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0552
81
reference_url https://access.redhat.com/errata/RHSA-2023:0553
reference_id RHSA-2023:0553
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0553
82
reference_url https://access.redhat.com/errata/RHSA-2023:0554
reference_id RHSA-2023:0554
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0554
83
reference_url https://access.redhat.com/errata/RHSA-2023:0556
reference_id RHSA-2023:0556
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0556
84
reference_url https://usn.ubuntu.com/7246-1/
reference_id USN-7246-1
reference_type
scores
url https://usn.ubuntu.com/7246-1/
85
reference_url https://usn.ubuntu.com/7622-1/
reference_id USN-7622-1
reference_type
scores
url https://usn.ubuntu.com/7622-1/
86
reference_url https://usn.ubuntu.com/7658-1/
reference_id USN-7658-1
reference_type
scores
url https://usn.ubuntu.com/7658-1/
fixed_packages
aliases CVE-2020-11022, GHSA-gxr4-xjj5-5px2
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5618-53yg-8qh4
5
url VCID-6354-p39b-zbhp
vulnerability_id VCID-6354-p39b-zbhp
summary 
snakeYAML before 1.31 vulnerable to Denial of Service due to Out-of-bounds Write
Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38749.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38749.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-38749
reference_id
reference_type
scores
0
value 0.00533
scoring_system epss
scoring_elements 0.67415
published_at 2026-04-16T12:55:00Z
1
value 0.00533
scoring_system epss
scoring_elements 0.6738
published_at 2026-04-13T12:55:00Z
2
value 0.00533
scoring_system epss
scoring_elements 0.67414
published_at 2026-04-12T12:55:00Z
3
value 0.00533
scoring_system epss
scoring_elements 0.67426
published_at 2026-04-11T12:55:00Z
4
value 0.00533
scoring_system epss
scoring_elements 0.67392
published_at 2026-04-08T12:55:00Z
5
value 0.00533
scoring_system epss
scoring_elements 0.67364
published_at 2026-04-04T12:55:00Z
6
value 0.00533
scoring_system epss
scoring_elements 0.67341
published_at 2026-04-07T12:55:00Z
7
value 0.00533
scoring_system epss
scoring_elements 0.67406
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-38749
2
reference_url https://arxiv.org/pdf/2306.05534.pdf
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://arxiv.org/pdf/2306.05534.pdf
3
reference_url https://bitbucket.org/snakeyaml/snakeyaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bitbucket.org/snakeyaml/snakeyaml
4
reference_url https://bitbucket.org/snakeyaml/snakeyaml/issues/525/got-stackoverflowerror-for-many-open
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bitbucket.org/snakeyaml/snakeyaml/issues/525/got-stackoverflowerror-for-many-open
5
reference_url https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47024
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47024
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38749
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38749
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://lists.debian.org/debian-lts-announce/2022/10/msg00001.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/10/msg00001.html
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-38749
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-38749
10
reference_url https://security.gentoo.org/glsa/202305-28
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202305-28
11
reference_url https://security.netapp.com/advisory/ntap-20240315-0010
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240315-0010
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2129706
reference_id 2129706
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2129706
13
reference_url https://github.com/advisories/GHSA-c4r9-r8fh-9vj2
reference_id GHSA-c4r9-r8fh-9vj2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-c4r9-r8fh-9vj2
14
reference_url https://access.redhat.com/errata/RHSA-2022:6757
reference_id RHSA-2022:6757
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6757
15
reference_url https://access.redhat.com/errata/RHSA-2022:8524
reference_id RHSA-2022:8524
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8524
16
reference_url https://access.redhat.com/errata/RHSA-2022:8652
reference_id RHSA-2022:8652
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8652
17
reference_url https://access.redhat.com/errata/RHSA-2022:8876
reference_id RHSA-2022:8876
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8876
18
reference_url https://access.redhat.com/errata/RHSA-2023:2097
reference_id RHSA-2023:2097
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2097
19
reference_url https://access.redhat.com/errata/RHSA-2023:2100
reference_id RHSA-2023:2100
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2100
20
reference_url https://access.redhat.com/errata/RHSA-2023:3641
reference_id RHSA-2023:3641
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3641
21
reference_url https://access.redhat.com/errata/RHSA-2023:7697
reference_id RHSA-2023:7697
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7697
22
reference_url https://usn.ubuntu.com/5944-1/
reference_id USN-5944-1
reference_type
scores
url https://usn.ubuntu.com/5944-1/
fixed_packages
aliases CVE-2022-38749, GHSA-c4r9-r8fh-9vj2
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6354-p39b-zbhp
6
url VCID-7j7q-m1zp-zfac
vulnerability_id VCID-7j7q-m1zp-zfac
summary 
Keycloak has lack of validation of access token on client registrations endpoint
When a service account with the create-client or manage-clients role can use the client-registration endpoints to create/manage clients with an access token.

If the access token is leaked, there is an option to revoke the specific token. However, the check is not performed in client-registration endpoints.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0091.json
reference_id
reference_type
scores
0
value 3.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0091.json
1
reference_url https://access.redhat.com/security/cve/CVE-2023-0091
reference_id
reference_type
scores
0
value 3.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-09T14:08:50Z/
url https://access.redhat.com/security/cve/CVE-2023-0091
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-0091
reference_id
reference_type
scores
0
value 0.00104
scoring_system epss
scoring_elements 0.28325
published_at 2026-04-16T12:55:00Z
1
value 0.00104
scoring_system epss
scoring_elements 0.28469
published_at 2026-04-02T12:55:00Z
2
value 0.00104
scoring_system epss
scoring_elements 0.28511
published_at 2026-04-04T12:55:00Z
3
value 0.00104
scoring_system epss
scoring_elements 0.28302
published_at 2026-04-07T12:55:00Z
4
value 0.00104
scoring_system epss
scoring_elements 0.28367
published_at 2026-04-08T12:55:00Z
5
value 0.00104
scoring_system epss
scoring_elements 0.28411
published_at 2026-04-09T12:55:00Z
6
value 0.00104
scoring_system epss
scoring_elements 0.28414
published_at 2026-04-11T12:55:00Z
7
value 0.00104
scoring_system epss
scoring_elements 0.28371
published_at 2026-04-12T12:55:00Z
8
value 0.00104
scoring_system epss
scoring_elements 0.28313
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-0091
3
reference_url https://github.com/keycloak/keycloak
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak
4
reference_url https://github.com/keycloak/keycloak/security/advisories/GHSA-v436-q368-hvgg
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/security/advisories/GHSA-v436-q368-hvgg
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-0091
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-0091
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2158585
reference_id 2158585
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2158585
7
reference_url https://github.com/advisories/GHSA-v436-q368-hvgg
reference_id GHSA-v436-q368-hvgg
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v436-q368-hvgg
fixed_packages
aliases CVE-2023-0091, GHSA-v436-q368-hvgg, GMS-2023-37
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7j7q-m1zp-zfac
7
url VCID-9h46-72hw-bkcr
vulnerability_id VCID-9h46-72hw-bkcr
summary Multiple vulnerabilities have been found in FasterXML jackson-databind, the worst of which could result in denial of service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42003.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42003.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-42003
reference_id
reference_type
scores
0
value 0.00319
scoring_system epss
scoring_elements 0.54935
published_at 2026-04-16T12:55:00Z
1
value 0.00319
scoring_system epss
scoring_elements 0.54897
published_at 2026-04-13T12:55:00Z
2
value 0.00319
scoring_system epss
scoring_elements 0.5492
published_at 2026-04-12T12:55:00Z
3
value 0.00319
scoring_system epss
scoring_elements 0.54939
published_at 2026-04-11T12:55:00Z
4
value 0.00319
scoring_system epss
scoring_elements 0.54926
published_at 2026-04-09T12:55:00Z
5
value 0.00319
scoring_system epss
scoring_elements 0.54928
published_at 2026-04-08T12:55:00Z
6
value 0.00319
scoring_system epss
scoring_elements 0.54883
published_at 2026-04-02T12:55:00Z
7
value 0.00319
scoring_system epss
scoring_elements 0.54909
published_at 2026-04-04T12:55:00Z
8
value 0.00319
scoring_system epss
scoring_elements 0.54878
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-42003
2
reference_url https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51020
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51020
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36518
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36518
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42003
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42003
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42004
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42004
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://github.com/FasterXML/jackson-databind
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FasterXML/jackson-databind
8
reference_url https://github.com/FasterXML/jackson-databind/blob/2.13/release-notes/VERSION-2.x
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FasterXML/jackson-databind/blob/2.13/release-notes/VERSION-2.x
9
reference_url https://github.com/FasterXML/jackson-databind/commit/0e37a39502439ecbaa1a5b5188387c01bf7f7fa1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FasterXML/jackson-databind/commit/0e37a39502439ecbaa1a5b5188387c01bf7f7fa1
10
reference_url https://github.com/FasterXML/jackson-databind/commit/2c4a601c626f7790cad9d3c322d244e182838288
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FasterXML/jackson-databind/commit/2c4a601c626f7790cad9d3c322d244e182838288
11
reference_url https://github.com/FasterXML/jackson-databind/commit/7ba9ac5b87a9d6ac0d2815158ecbeb315ad4dcdc
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FasterXML/jackson-databind/commit/7ba9ac5b87a9d6ac0d2815158ecbeb315ad4dcdc
12
reference_url https://github.com/FasterXML/jackson-databind/commit/cd090979b7ea78c75e4de8a4aed04f7e9fa8deea
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FasterXML/jackson-databind/commit/cd090979b7ea78c75e4de8a4aed04f7e9fa8deea
13
reference_url https://github.com/FasterXML/jackson-databind/commit/d499f2e7bbc5ebd63af11e1f5cf1989fa323aa45
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FasterXML/jackson-databind/commit/d499f2e7bbc5ebd63af11e1f5cf1989fa323aa45
14
reference_url https://github.com/FasterXML/jackson-databind/commit/d78d00ee7b5245b93103fef3187f70543d67ca33
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FasterXML/jackson-databind/commit/d78d00ee7b5245b93103fef3187f70543d67ca33
15
reference_url https://github.com/FasterXML/jackson-databind/commits/jackson-databind-2.4.0-rc1?after=75b97b8519f0d50c62523ad85170d80a197a2c86+174&branch=jackson-databind-2.4.0-rc1&qualified_name=refs%2Ftags%2Fjackson-databind-2.4.0-rc1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FasterXML/jackson-databind/commits/jackson-databind-2.4.0-rc1?after=75b97b8519f0d50c62523ad85170d80a197a2c86+174&branch=jackson-databind-2.4.0-rc1&qualified_name=refs%2Ftags%2Fjackson-databind-2.4.0-rc1
16
reference_url https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.13.4.1...jackson-databind-2.13.4.2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.13.4.1...jackson-databind-2.13.4.2
17
reference_url https://github.com/FasterXML/jackson-databind/issues/3590
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FasterXML/jackson-databind/issues/3590
18
reference_url https://github.com/FasterXML/jackson-databind/issues/3627
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FasterXML/jackson-databind/issues/3627
19
reference_url https://lists.debian.org/debian-lts-announce/2022/11/msg00035.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/11/msg00035.html
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-42003
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-42003
21
reference_url https://security.netapp.com/advisory/ntap-20221124-0004
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20221124-0004
22
reference_url https://www.debian.org/security/2022/dsa-5283
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2022/dsa-5283
23
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2135244
reference_id 2135244
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2135244
24
reference_url https://github.com/advisories/GHSA-jjjh-jjxp-wpff
reference_id GHSA-jjjh-jjxp-wpff
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jjjh-jjxp-wpff
25
reference_url https://security.gentoo.org/glsa/202210-21
reference_id GLSA-202210-21
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202210-21
26
reference_url https://access.redhat.com/errata/RHSA-2022:7435
reference_id RHSA-2022:7435
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7435
27
reference_url https://access.redhat.com/errata/RHSA-2022:8781
reference_id RHSA-2022:8781
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8781
28
reference_url https://access.redhat.com/errata/RHSA-2022:8876
reference_id RHSA-2022:8876
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8876
29
reference_url https://access.redhat.com/errata/RHSA-2022:8889
reference_id RHSA-2022:8889
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8889
30
reference_url https://access.redhat.com/errata/RHSA-2022:9023
reference_id RHSA-2022:9023
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:9023
31
reference_url https://access.redhat.com/errata/RHSA-2022:9032
reference_id RHSA-2022:9032
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:9032
32
reference_url https://access.redhat.com/errata/RHSA-2023:0189
reference_id RHSA-2023:0189
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0189
33
reference_url https://access.redhat.com/errata/RHSA-2023:0261
reference_id RHSA-2023:0261
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0261
34
reference_url https://access.redhat.com/errata/RHSA-2023:0264
reference_id RHSA-2023:0264
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0264
35
reference_url https://access.redhat.com/errata/RHSA-2023:0469
reference_id RHSA-2023:0469
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0469
36
reference_url https://access.redhat.com/errata/RHSA-2023:0471
reference_id RHSA-2023:0471
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0471
37
reference_url https://access.redhat.com/errata/RHSA-2023:0552
reference_id RHSA-2023:0552
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0552
38
reference_url https://access.redhat.com/errata/RHSA-2023:0553
reference_id RHSA-2023:0553
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0553
39
reference_url https://access.redhat.com/errata/RHSA-2023:0554
reference_id RHSA-2023:0554
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0554
40
reference_url https://access.redhat.com/errata/RHSA-2023:0556
reference_id RHSA-2023:0556
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0556
41
reference_url https://access.redhat.com/errata/RHSA-2023:0713
reference_id RHSA-2023:0713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0713
42
reference_url https://access.redhat.com/errata/RHSA-2023:1006
reference_id RHSA-2023:1006
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1006
43
reference_url https://access.redhat.com/errata/RHSA-2023:1064
reference_id RHSA-2023:1064
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1064
44
reference_url https://access.redhat.com/errata/RHSA-2023:1151
reference_id RHSA-2023:1151
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1151
45
reference_url https://access.redhat.com/errata/RHSA-2023:2097
reference_id RHSA-2023:2097
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2097
46
reference_url https://access.redhat.com/errata/RHSA-2023:2100
reference_id RHSA-2023:2100
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2100
47
reference_url https://access.redhat.com/errata/RHSA-2023:3223
reference_id RHSA-2023:3223
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3223
48
reference_url https://access.redhat.com/errata/RHSA-2023:3641
reference_id RHSA-2023:3641
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3641
49
reference_url https://access.redhat.com/errata/RHSA-2023:3663
reference_id RHSA-2023:3663
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3663
50
reference_url https://access.redhat.com/errata/RHSA-2025:1746
reference_id RHSA-2025:1746
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1746
51
reference_url https://access.redhat.com/errata/RHSA-2025:1747
reference_id RHSA-2025:1747
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1747
fixed_packages
aliases CVE-2022-42003, GHSA-jjjh-jjxp-wpff
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9h46-72hw-bkcr
8
url VCID-cvxp-ctj9-guej
vulnerability_id VCID-cvxp-ctj9-guej
summary 
Potential XSS vulnerability in jQuery
### Impact
Passing HTML containing `<option>` elements from untrusted sources - even after sanitizing them - to one of jQuery's DOM manipulation methods (i.e. `.html()`, `.append()`, and others) may execute untrusted code.

### Patches
This problem is patched in jQuery 3.5.0.

### Workarounds
To workaround this issue without upgrading, use [DOMPurify](https://github.com/cure53/DOMPurify) with its `SAFE_FOR_JQUERY` option to sanitize the HTML string before passing it to a jQuery method.

### References
https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/

### For more information
If you have any questions or comments about this advisory, search for a relevant issue in [the jQuery repo](https://github.com/jquery/jquery/issues). If you don't find an answer, open a new issue.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html
3
reference_url http://packetstormsecurity.com/files/162160/jQuery-1.0.3-Cross-Site-Scripting.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url http://packetstormsecurity.com/files/162160/jQuery-1.0.3-Cross-Site-Scripting.html
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11023.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11023.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-11023
reference_id
reference_type
scores
0
value 0.36278
scoring_system epss
scoring_elements 0.97107
published_at 2026-04-13T12:55:00Z
1
value 0.36278
scoring_system epss
scoring_elements 0.97106
published_at 2026-04-12T12:55:00Z
2
value 0.36278
scoring_system epss
scoring_elements 0.97105
published_at 2026-04-11T12:55:00Z
3
value 0.36278
scoring_system epss
scoring_elements 0.97101
published_at 2026-04-09T12:55:00Z
4
value 0.36278
scoring_system epss
scoring_elements 0.97091
published_at 2026-04-07T12:55:00Z
5
value 0.36278
scoring_system epss
scoring_elements 0.9709
published_at 2026-04-04T12:55:00Z
6
value 0.36851
scoring_system epss
scoring_elements 0.97125
published_at 2026-04-02T12:55:00Z
7
value 0.36851
scoring_system epss
scoring_elements 0.97117
published_at 2026-04-01T12:55:00Z
8
value 0.42137
scoring_system epss
scoring_elements 0.9745
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-11023
6
reference_url https://blog.jquery.com/2020/04/10/jquery-3-5-0-released
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3
scoring_elements
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://blog.jquery.com/2020/04/10/jquery-3-5-0-released
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13662
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13662
10
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
11
reference_url https://github.com/github/advisory-database/blob/99afa6fdeaf5d1d23e1021ff915a5e5dbc82c1f1/advisories/github-reviewed/2020/04/GHSA-jpcq-cgw6-v4j6/GHSA-jpcq-cgw6-v4j6.json#L20-L37
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/github/advisory-database/blob/99afa6fdeaf5d1d23e1021ff915a5e5dbc82c1f1/advisories/github-reviewed/2020/04/GHSA-jpcq-cgw6-v4j6/GHSA-jpcq-cgw6-v4j6.json#L20-L37
12
reference_url https://github.com/jquery/jquery
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jquery/jquery
13
reference_url https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77
14
reference_url https://github.com/jquery/jquery/releases/tag/3.5.0
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jquery/jquery/releases/tag/3.5.0
15
reference_url https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6
16
reference_url https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#410
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#410
17
reference_url https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#440
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#440
18
reference_url https://github.com/rails/jquery-rails/blob/v4.3.5/vendor/assets/javascripts/jquery3.js#L5979
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/jquery-rails/blob/v4.3.5/vendor/assets/javascripts/jquery3.js#L5979
19
reference_url https://github.com/rails/jquery-rails/blob/v4.4.0/vendor/assets/javascripts/jquery3.js#L6162
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/jquery-rails/blob/v4.4.0/vendor/assets/javascripts/jquery3.js#L6162
20
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-11023.yml
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-11023.yml
21
reference_url https://jquery.com/upgrade-guide/3.5
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://jquery.com/upgrade-guide/3.5
22
reference_url https://jquery.com/upgrade-guide/3.5/
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://jquery.com/upgrade-guide/3.5/
23
reference_url https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36%40%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36%40%3Cissues.flink.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb@%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb@%3Cissues.hive.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb%40%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb%40%3Cissues.hive.apache.org%3E
27
reference_url https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6@%3Cdev.felix.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6@%3Cdev.felix.apache.org%3E
28
reference_url https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6%40%3Cdev.felix.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6%40%3Cdev.felix.apache.org%3E
29
reference_url https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec@%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec@%3Cissues.hive.apache.org%3E
30
reference_url https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec%40%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec%40%3Cissues.hive.apache.org%3E
31
reference_url https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c@%3Cgitbox.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c@%3Cgitbox.hive.apache.org%3E
32
reference_url https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c%40%3Cgitbox.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c%40%3Cgitbox.hive.apache.org%3E
33
reference_url https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330@%3Cdev.felix.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330@%3Cdev.felix.apache.org%3E
34
reference_url https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330%40%3Cdev.felix.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330%40%3Cdev.felix.apache.org%3E
35
reference_url https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef@%3Cdev.felix.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef@%3Cdev.felix.apache.org%3E
36
reference_url https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef%40%3Cdev.felix.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef%40%3Cdev.felix.apache.org%3E
37
reference_url https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E
38
reference_url https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48%40%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48%40%3Cissues.flink.apache.org%3E
39
reference_url https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5@%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5@%3Cissues.hive.apache.org%3E
40
reference_url https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5%40%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5%40%3Cissues.hive.apache.org%3E
41
reference_url https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16@%3Cdev.felix.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16@%3Cdev.felix.apache.org%3E
42
reference_url https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16%40%3Cdev.felix.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16%40%3Cdev.felix.apache.org%3E
43
reference_url https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E
44
reference_url https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae%40%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae%40%3Cissues.flink.apache.org%3E
45
reference_url https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494@%3Cdev.felix.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494@%3Cdev.felix.apache.org%3E
46
reference_url https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494%40%3Cdev.felix.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494%40%3Cdev.felix.apache.org%3E
47
reference_url https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E
48
reference_url https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760%40%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760%40%3Cissues.flink.apache.org%3E
49
reference_url https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1@%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1@%3Cissues.hive.apache.org%3E
50
reference_url https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1%40%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1%40%3Cissues.hive.apache.org%3E
51
reference_url https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49@%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49@%3Cissues.hive.apache.org%3E
52
reference_url https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49%40%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49%40%3Cissues.hive.apache.org%3E
53
reference_url https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E
54
reference_url https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d%40%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d%40%3Cissues.flink.apache.org%3E
55
reference_url https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E
56
reference_url https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c%40%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c%40%3Cissues.flink.apache.org%3E
57
reference_url https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c@%3Ccommits.felix.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c@%3Ccommits.felix.apache.org%3E
58
reference_url https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c%40%3Ccommits.felix.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c%40%3Ccommits.felix.apache.org%3E
59
reference_url https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15@%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15@%3Cissues.hive.apache.org%3E
60
reference_url https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15%40%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15%40%3Cissues.hive.apache.org%3E
61
reference_url https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e@%3Cdev.felix.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e@%3Cdev.felix.apache.org%3E
62
reference_url https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e%40%3Cdev.felix.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e%40%3Cdev.felix.apache.org%3E
63
reference_url https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac@%3Cgitbox.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac@%3Cgitbox.hive.apache.org%3E
64
reference_url https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac%40%3Cgitbox.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac%40%3Cgitbox.hive.apache.org%3E
65
reference_url https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72@%3Cgitbox.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72@%3Cgitbox.hive.apache.org%3E
66
reference_url https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72%40%3Cgitbox.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72%40%3Cgitbox.hive.apache.org%3E
67
reference_url https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c@%3Cgitbox.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c@%3Cgitbox.hive.apache.org%3E
68
reference_url https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c%40%3Cgitbox.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c%40%3Cgitbox.hive.apache.org%3E
69
reference_url https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6@%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6@%3Cissues.hive.apache.org%3E
70
reference_url https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6%40%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6%40%3Cissues.hive.apache.org%3E
71
reference_url https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9@%3Ccommits.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9@%3Ccommits.hive.apache.org%3E
72
reference_url https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9%40%3Ccommits.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9%40%3Ccommits.hive.apache.org%3E
73
reference_url https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea@%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea@%3Cissues.hive.apache.org%3E
74
reference_url https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea%40%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea%40%3Cissues.hive.apache.org%3E
75
reference_url https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61@%3Cgitbox.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61@%3Cgitbox.hive.apache.org%3E
76
reference_url https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61%40%3Cgitbox.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61%40%3Cgitbox.hive.apache.org%3E
77
reference_url https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7@%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7@%3Cissues.hive.apache.org%3E
78
reference_url https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7%40%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7%40%3Cissues.hive.apache.org%3E
79
reference_url https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E
80
reference_url https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67%40%3Cdev.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67%40%3Cdev.flink.apache.org%3E
81
reference_url https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9@%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9@%3Cissues.hive.apache.org%3E
82
reference_url https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9%40%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9%40%3Cissues.hive.apache.org%3E
83
reference_url https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679@%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679@%3Ccommits.nifi.apache.org%3E
84
reference_url https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679%40%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679%40%3Ccommits.nifi.apache.org%3E
85
reference_url https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E
86
reference_url https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108%40%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108%40%3Cissues.flink.apache.org%3E
87
reference_url https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E
88
reference_url https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4%40%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4%40%3Cissues.flink.apache.org%3E
89
reference_url https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E
90
reference_url https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2%40%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2%40%3Cissues.flink.apache.org%3E
91
reference_url https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817@%3Cdev.felix.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817@%3Cdev.felix.apache.org%3E
92
reference_url https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817%40%3Cdev.felix.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817%40%3Cdev.felix.apache.org%3E
93
reference_url https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93@%3Cgitbox.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93@%3Cgitbox.hive.apache.org%3E
94
reference_url https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93%40%3Cgitbox.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93%40%3Cgitbox.hive.apache.org%3E
95
reference_url https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248@%3Cdev.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248@%3Cdev.hive.apache.org%3E
96
reference_url https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248%40%3Cdev.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248%40%3Cdev.hive.apache.org%3E
97
reference_url https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html
98
reference_url https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
99
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY
100
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K
101
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4
102
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B
103
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY
104
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K
105
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4
106
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B
107
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-11023
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-11023
108
reference_url https://security.gentoo.org/glsa/202007-03
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://security.gentoo.org/glsa/202007-03
109
reference_url https://security.netapp.com/advisory/ntap-20200511-0006
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200511-0006
110
reference_url https://security.netapp.com/advisory/ntap-20230725-0003
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20230725-0003
111
reference_url https://security.snyk.io/vuln/SNYK-DOTNET-JQUERY-565440
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.snyk.io/vuln/SNYK-DOTNET-JQUERY-565440
112
reference_url https://snyk.io/vuln/SNYK-JS-JQUERY-565129
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://snyk.io/vuln/SNYK-JS-JQUERY-565129
113
reference_url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-11023
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-11023
114
reference_url https://www.debian.org/security/2020/dsa-4693
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://www.debian.org/security/2020/dsa-4693
115
reference_url https://www.drupal.org/sa-core-2020-002
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://www.drupal.org/sa-core-2020-002
116
reference_url https://www.oracle.com/security-alerts/cpuApr2021.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://www.oracle.com/security-alerts/cpuApr2021.html
117
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://www.oracle.com/security-alerts/cpuapr2022.html
118
reference_url https://www.oracle.com/security-alerts/cpujan2021.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://www.oracle.com/security-alerts/cpujan2021.html
119
reference_url https://www.oracle.com/security-alerts/cpujan2022.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://www.oracle.com/security-alerts/cpujan2022.html
120
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://www.oracle.com/security-alerts/cpujul2020.html
121
reference_url https://www.oracle.com//security-alerts/cpujul2021.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://www.oracle.com//security-alerts/cpujul2021.html
122
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://www.oracle.com/security-alerts/cpujul2022.html
123
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://www.oracle.com/security-alerts/cpuoct2020.html
124
reference_url https://www.oracle.com/security-alerts/cpuoct2021.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://www.oracle.com/security-alerts/cpuoct2021.html
125
reference_url https://www.tenable.com/security/tns-2021-02
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://www.tenable.com/security/tns-2021-02
126
reference_url https://www.tenable.com/security/tns-2021-10
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://www.tenable.com/security/tns-2021-10
127
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1850004
reference_id 1850004
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1850004
128
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/
reference_id AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/
129
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/49767.txt
reference_id CVE-2020-11023
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/49767.txt
130
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-23064.yml
reference_id CVE-2020-23064.YML
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-23064.yml
131
reference_url https://security.netapp.com/advisory/ntap-20200511-0006/
reference_id ntap-20200511-0006
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://security.netapp.com/advisory/ntap-20200511-0006/
132
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/
reference_id QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/
133
reference_url https://access.redhat.com/errata/RHSA-2020:2412
reference_id RHSA-2020:2412
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2412
134
reference_url https://access.redhat.com/errata/RHSA-2020:2813
reference_id RHSA-2020:2813
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2813
135
reference_url https://access.redhat.com/errata/RHSA-2020:3247
reference_id RHSA-2020:3247
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3247
136
reference_url https://access.redhat.com/errata/RHSA-2020:3369
reference_id RHSA-2020:3369
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3369
137
reference_url https://access.redhat.com/errata/RHSA-2020:3807
reference_id RHSA-2020:3807
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3807
138
reference_url https://access.redhat.com/errata/RHSA-2020:4211
reference_id RHSA-2020:4211
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4211
139
reference_url https://access.redhat.com/errata/RHSA-2020:4298
reference_id RHSA-2020:4298
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4298
140
reference_url https://access.redhat.com/errata/RHSA-2020:4847
reference_id RHSA-2020:4847
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4847
141
reference_url https://access.redhat.com/errata/RHSA-2020:5249
reference_id RHSA-2020:5249
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5249
142
reference_url https://access.redhat.com/errata/RHSA-2020:5412
reference_id RHSA-2020:5412
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5412
143
reference_url https://access.redhat.com/errata/RHSA-2021:0778
reference_id RHSA-2021:0778
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0778
144
reference_url https://access.redhat.com/errata/RHSA-2021:0851
reference_id RHSA-2021:0851
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0851
145
reference_url https://access.redhat.com/errata/RHSA-2021:0860
reference_id RHSA-2021:0860
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0860
146
reference_url https://access.redhat.com/errata/RHSA-2021:1846
reference_id RHSA-2021:1846
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1846
147
reference_url https://access.redhat.com/errata/RHSA-2021:4142
reference_id RHSA-2021:4142
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4142
148
reference_url https://access.redhat.com/errata/RHSA-2022:6393
reference_id RHSA-2022:6393
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6393
149
reference_url https://access.redhat.com/errata/RHSA-2022:7343
reference_id RHSA-2022:7343
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7343
150
reference_url https://access.redhat.com/errata/RHSA-2023:0552
reference_id RHSA-2023:0552
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0552
151
reference_url https://access.redhat.com/errata/RHSA-2023:0553
reference_id RHSA-2023:0553
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0553
152
reference_url https://access.redhat.com/errata/RHSA-2023:0554
reference_id RHSA-2023:0554
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0554
153
reference_url https://access.redhat.com/errata/RHSA-2023:0556
reference_id RHSA-2023:0556
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0556
154
reference_url https://access.redhat.com/errata/RHSA-2025:1070
reference_id RHSA-2025:1070
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1070
155
reference_url https://access.redhat.com/errata/RHSA-2025:1185
reference_id RHSA-2025:1185
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1185
156
reference_url https://access.redhat.com/errata/RHSA-2025:1209
reference_id RHSA-2025:1209
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1209
157
reference_url https://access.redhat.com/errata/RHSA-2025:1210
reference_id RHSA-2025:1210
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1210
158
reference_url https://access.redhat.com/errata/RHSA-2025:1211
reference_id RHSA-2025:1211
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1211
159
reference_url https://access.redhat.com/errata/RHSA-2025:1212
reference_id RHSA-2025:1212
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1212
160
reference_url https://access.redhat.com/errata/RHSA-2025:1213
reference_id RHSA-2025:1213
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1213
161
reference_url https://access.redhat.com/errata/RHSA-2025:1214
reference_id RHSA-2025:1214
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1214
162
reference_url https://access.redhat.com/errata/RHSA-2025:1215
reference_id RHSA-2025:1215
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1215
163
reference_url https://access.redhat.com/errata/RHSA-2025:1216
reference_id RHSA-2025:1216
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1216
164
reference_url https://access.redhat.com/errata/RHSA-2025:1217
reference_id RHSA-2025:1217
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1217
165
reference_url https://access.redhat.com/errata/RHSA-2025:1247
reference_id RHSA-2025:1247
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1247
166
reference_url https://access.redhat.com/errata/RHSA-2025:1255
reference_id RHSA-2025:1255
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1255
167
reference_url https://access.redhat.com/errata/RHSA-2025:1256
reference_id RHSA-2025:1256
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1256
168
reference_url https://access.redhat.com/errata/RHSA-2025:1300
reference_id RHSA-2025:1300
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1300
169
reference_url https://access.redhat.com/errata/RHSA-2025:1301
reference_id RHSA-2025:1301
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1301
170
reference_url https://access.redhat.com/errata/RHSA-2025:1303
reference_id RHSA-2025:1303
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1303
171
reference_url https://access.redhat.com/errata/RHSA-2025:1304
reference_id RHSA-2025:1304
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1304
172
reference_url https://access.redhat.com/errata/RHSA-2025:1305
reference_id RHSA-2025:1305
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1305
173
reference_url https://access.redhat.com/errata/RHSA-2025:1306
reference_id RHSA-2025:1306
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1306
174
reference_url https://access.redhat.com/errata/RHSA-2025:1308
reference_id RHSA-2025:1308
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1308
175
reference_url https://access.redhat.com/errata/RHSA-2025:1309
reference_id RHSA-2025:1309
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1309
176
reference_url https://access.redhat.com/errata/RHSA-2025:1310
reference_id RHSA-2025:1310
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1310
177
reference_url https://access.redhat.com/errata/RHSA-2025:1311
reference_id RHSA-2025:1311
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1311
178
reference_url https://access.redhat.com/errata/RHSA-2025:1312
reference_id RHSA-2025:1312
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1312
179
reference_url https://access.redhat.com/errata/RHSA-2025:1314
reference_id RHSA-2025:1314
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1314
180
reference_url https://access.redhat.com/errata/RHSA-2025:1315
reference_id RHSA-2025:1315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1315
181
reference_url https://access.redhat.com/errata/RHSA-2025:1329
reference_id RHSA-2025:1329
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1329
182
reference_url https://access.redhat.com/errata/RHSA-2025:1338
reference_id RHSA-2025:1338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1338
183
reference_url https://access.redhat.com/errata/RHSA-2025:1342
reference_id RHSA-2025:1342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1342
184
reference_url https://access.redhat.com/errata/RHSA-2025:1346
reference_id RHSA-2025:1346
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1346
185
reference_url https://access.redhat.com/errata/RHSA-2025:1514
reference_id RHSA-2025:1514
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1514
186
reference_url https://access.redhat.com/errata/RHSA-2025:1515
reference_id RHSA-2025:1515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1515
187
reference_url https://access.redhat.com/errata/RHSA-2025:1580
reference_id RHSA-2025:1580
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1580
188
reference_url https://access.redhat.com/errata/RHSA-2025:1601
reference_id RHSA-2025:1601
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1601
189
reference_url https://access.redhat.com/errata/RHSA-2025:1983
reference_id RHSA-2025:1983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1983
190
reference_url https://access.redhat.com/errata/RHSA-2025:2426
reference_id RHSA-2025:2426
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:2426
191
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/
reference_id SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/
192
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/
reference_id SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/
193
reference_url https://usn.ubuntu.com/7246-1/
reference_id USN-7246-1
reference_type
scores
url https://usn.ubuntu.com/7246-1/
194
reference_url https://usn.ubuntu.com/7622-1/
reference_id USN-7622-1
reference_type
scores
url https://usn.ubuntu.com/7622-1/
195
reference_url https://usn.ubuntu.com/7658-1/
reference_id USN-7658-1
reference_type
scores
url https://usn.ubuntu.com/7658-1/
fixed_packages
aliases CVE-2020-11023, GHSA-jpcq-cgw6-v4j6
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cvxp-ctj9-guej
9
url VCID-dmkc-42vj-gbhc
vulnerability_id VCID-dmkc-42vj-gbhc
summary 
SnakeYaml Constructor Deserialization Remote Code Execution
### Summary
SnakeYaml's `Constructor` class, which inherits from `SafeConstructor`, allows
any type be deserialized given the following line:

new Yaml(new Constructor(TestDataClass.class)).load(yamlContent);

Types do not have to match the types of properties in the
target class. A `ConstructorException` is thrown, but only after a malicious
payload is deserialized.

### Severity
High, lack of type checks during deserialization allows remote code execution.

### Proof of Concept
Execute `bash run.sh`. The PoC uses Constructor to deserialize a payload
for RCE. RCE is demonstrated by using a payload which performs a http request to
http://127.0.0.1:8000.

Example output of successful run of proof of concept:

```
$ bash run.sh

[+] Downloading snakeyaml if needed
[+] Starting mock HTTP server on 127.0.0.1:8000 to demonstrate RCE
nc: no process found
[+] Compiling and running Proof of Concept, which a payload that sends a HTTP request to mock web server.
[+] An exception is expected.
Exception:
Cannot create property=payload for JavaBean=Main$TestDataClass@3cbbc1e0
 in 'string', line 1, column 1:
    payload: !!javax.script.ScriptEn ... 
    ^
Can not set java.lang.String field Main$TestDataClass.payload to javax.script.ScriptEngineManager
 in 'string', line 1, column 10:
    payload: !!javax.script.ScriptEngineManag ... 
             ^

	at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.constructJavaBean2ndStep(Constructor.java:291)
	at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.construct(Constructor.java:172)
	at org.yaml.snakeyaml.constructor.Constructor$ConstructYamlObject.construct(Constructor.java:332)
	at org.yaml.snakeyaml.constructor.BaseConstructor.constructObjectNoCheck(BaseConstructor.java:230)
	at org.yaml.snakeyaml.constructor.BaseConstructor.constructObject(BaseConstructor.java:220)
	at org.yaml.snakeyaml.constructor.BaseConstructor.constructDocument(BaseConstructor.java:174)
	at org.yaml.snakeyaml.constructor.BaseConstructor.getSingleData(BaseConstructor.java:158)
	at org.yaml.snakeyaml.Yaml.loadFromReader(Yaml.java:491)
	at org.yaml.snakeyaml.Yaml.load(Yaml.java:416)
	at Main.main(Main.java:37)
Caused by: java.lang.IllegalArgumentException: Can not set java.lang.String field Main$TestDataClass.payload to javax.script.ScriptEngineManager
	at java.base/jdk.internal.reflect.UnsafeFieldAccessorImpl.throwSetIllegalArgumentException(UnsafeFieldAccessorImpl.java:167)
	at java.base/jdk.internal.reflect.UnsafeFieldAccessorImpl.throwSetIllegalArgumentException(UnsafeFieldAccessorImpl.java:171)
	at java.base/jdk.internal.reflect.UnsafeObjectFieldAccessorImpl.set(UnsafeObjectFieldAccessorImpl.java:81)
	at java.base/java.lang.reflect.Field.set(Field.java:780)
	at org.yaml.snakeyaml.introspector.FieldProperty.set(FieldProperty.java:44)
	at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.constructJavaBean2ndStep(Constructor.java:286)
	... 9 more
[+] Dumping Received HTTP Request. Will not be empty if PoC worked
GET /proof-of-concept HTTP/1.1
User-Agent: Java/11.0.14
Host: localhost:8000
Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
Connection: keep-alive
```

### Further Analysis
Potential mitigations include, leveraging SnakeYaml's SafeConstructor while parsing untrusted content.

See https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64581479 for discussion on the subject.

### Timeline
**Date reported**: 4/11/2022
**Date fixed**:  [30/12/2022](https://bitbucket.org/snakeyaml/snakeyaml/pull-requests/44)
**Date disclosed**: 10/13/2022
references
0
reference_url http://packetstormsecurity.com/files/175095/PyTorch-Model-Server-Registration-Deserialization-Remote-Code-Execution.html
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/
url http://packetstormsecurity.com/files/175095/PyTorch-Model-Server-Registration-Deserialization-Remote-Code-Execution.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1471.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1471.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-1471
reference_id
reference_type
scores
0
value 0.93849
scoring_system epss
scoring_elements 0.99866
published_at 2026-04-12T12:55:00Z
1
value 0.93849
scoring_system epss
scoring_elements 0.99867
published_at 2026-04-13T12:55:00Z
2
value 0.93849
scoring_system epss
scoring_elements 0.99868
published_at 2026-04-16T12:55:00Z
3
value 0.93849
scoring_system epss
scoring_elements 0.99865
published_at 2026-04-02T12:55:00Z
4
value 0.93849
scoring_system epss
scoring_elements 0.99864
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-1471
3
reference_url https://bitbucket.org/snakeyaml/snakeyaml
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bitbucket.org/snakeyaml/snakeyaml
4
reference_url https://bitbucket.org/snakeyaml/snakeyaml/commits/5014df1a36f50aca54405bb8433bc99a8847f758
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bitbucket.org/snakeyaml/snakeyaml/commits/5014df1a36f50aca54405bb8433bc99a8847f758
5
reference_url https://bitbucket.org/snakeyaml/snakeyaml/commits/acc44099f5f4af26ff86b4e4e4cc1c874e2dc5c4
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bitbucket.org/snakeyaml/snakeyaml/commits/acc44099f5f4af26ff86b4e4e4cc1c874e2dc5c4
6
reference_url https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64581479
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/
url https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64581479
7
reference_url https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64634374
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64634374
8
reference_url https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64876314
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64876314
9
reference_url https://bitbucket.org/snakeyaml/snakeyaml/wiki/CVE-2022-1471
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bitbucket.org/snakeyaml/snakeyaml/wiki/CVE-2022-1471
10
reference_url https://confluence.atlassian.com/security/cve-2022-1471-snakeyaml-library-rce-vulnerability-in-multiple-products-1296171009.html
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/
url https://confluence.atlassian.com/security/cve-2022-1471-snakeyaml-library-rce-vulnerability-in-multiple-products-1296171009.html
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1471
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1471
12
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
13
reference_url https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/
url https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2
14
reference_url https://github.com/mbechler/marshalsec
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/
url https://github.com/mbechler/marshalsec
15
reference_url https://groups.google.com/g/kubernetes-security-announce/c/mwrakFaEdnc
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/
url https://groups.google.com/g/kubernetes-security-announce/c/mwrakFaEdnc
16
reference_url https://infosecwriteups.com/%EF%B8%8F-inside-the-160-comment-fight-to-fix-snakeyamls-rce-default-1a20c5ca4d4c
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/
url https://infosecwriteups.com/%EF%B8%8F-inside-the-160-comment-fight-to-fix-snakeyamls-rce-default-1a20c5ca4d4c
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-1471
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-1471
18
reference_url https://security.netapp.com/advisory/ntap-20230818-0015
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20230818-0015
19
reference_url https://security.netapp.com/advisory/ntap-20240621-0006
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240621-0006
20
reference_url https://snyk.io/blog/unsafe-deserialization-snakeyaml-java-cve-2022-1471
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://snyk.io/blog/unsafe-deserialization-snakeyaml-java-cve-2022-1471
21
reference_url https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/
url https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true
22
reference_url http://www.openwall.com/lists/oss-security/2023/11/19/1
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/
url http://www.openwall.com/lists/oss-security/2023/11/19/1
23
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2150009
reference_id 2150009
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2150009
24
reference_url https://github.com/advisories/GHSA-mjmj-j48q-9wg2
reference_id GHSA-mjmj-j48q-9wg2
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mjmj-j48q-9wg2
25
reference_url https://security.netapp.com/advisory/ntap-20230818-0015/
reference_id ntap-20230818-0015
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/
url https://security.netapp.com/advisory/ntap-20230818-0015/
26
reference_url https://access.redhat.com/errata/RHSA-2022:9032
reference_id RHSA-2022:9032
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:9032
27
reference_url https://access.redhat.com/errata/RHSA-2022:9058
reference_id RHSA-2022:9058
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:9058
28
reference_url https://access.redhat.com/errata/RHSA-2023:0697
reference_id RHSA-2023:0697
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0697
29
reference_url https://access.redhat.com/errata/RHSA-2023:0758
reference_id RHSA-2023:0758
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0758
30
reference_url https://access.redhat.com/errata/RHSA-2023:0777
reference_id RHSA-2023:0777
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0777
31
reference_url https://access.redhat.com/errata/RHSA-2023:1006
reference_id RHSA-2023:1006
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1006
32
reference_url https://access.redhat.com/errata/RHSA-2023:2097
reference_id RHSA-2023:2097
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2097
33
reference_url https://access.redhat.com/errata/RHSA-2023:3198
reference_id RHSA-2023:3198
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3198
34
reference_url https://access.redhat.com/errata/RHSA-2023:5165
reference_id RHSA-2023:5165
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5165
35
reference_url https://access.redhat.com/errata/RHSA-2023:6171
reference_id RHSA-2023:6171
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6171
36
reference_url https://access.redhat.com/errata/RHSA-2023:7697
reference_id RHSA-2023:7697
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7697
37
reference_url https://access.redhat.com/errata/RHSA-2024:0325
reference_id RHSA-2024:0325
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0325
38
reference_url https://access.redhat.com/errata/RHSA-2024:0775
reference_id RHSA-2024:0775
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0775
39
reference_url https://access.redhat.com/errata/RHSA-2025:1746
reference_id RHSA-2025:1746
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1746
40
reference_url https://access.redhat.com/errata/RHSA-2025:1747
reference_id RHSA-2025:1747
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1747
fixed_packages
aliases CVE-2022-1471, GHSA-mjmj-j48q-9wg2
risk_score 10.0
exploitability 2.0
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dmkc-42vj-gbhc
10
url VCID-dxj3-8sk5-mfdy
vulnerability_id VCID-dxj3-8sk5-mfdy
summary 
Insufficient Session Expiration
A flaw was found in the offline_access scope in Keycloak. This issue would affect users of shared computers more (especially if cookies are not cleared), due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to resolve a user session attached to a previously authenticated user; when utilizing the refresh token, they will be issued a token for the original user.
references
0
reference_url https://access.redhat.com/errata/RHSA-2022:8961
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/
url https://access.redhat.com/errata/RHSA-2022:8961
1
reference_url https://access.redhat.com/errata/RHSA-2022:8962
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/
url https://access.redhat.com/errata/RHSA-2022:8962
2
reference_url https://access.redhat.com/errata/RHSA-2022:8963
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/
url https://access.redhat.com/errata/RHSA-2022:8963
3
reference_url https://access.redhat.com/errata/RHSA-2022:8964
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/
url https://access.redhat.com/errata/RHSA-2022:8964
4
reference_url https://access.redhat.com/errata/RHSA-2022:8965
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/
url https://access.redhat.com/errata/RHSA-2022:8965
5
reference_url https://access.redhat.com/errata/RHSA-2023:1043
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/
url https://access.redhat.com/errata/RHSA-2023:1043
6
reference_url https://access.redhat.com/errata/RHSA-2023:1044
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/
url https://access.redhat.com/errata/RHSA-2023:1044
7
reference_url https://access.redhat.com/errata/RHSA-2023:1045
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/
url https://access.redhat.com/errata/RHSA-2023:1045
8
reference_url https://access.redhat.com/errata/RHSA-2023:1047
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/
url https://access.redhat.com/errata/RHSA-2023:1047
9
reference_url https://access.redhat.com/errata/RHSA-2023:1049
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/
url https://access.redhat.com/errata/RHSA-2023:1049
10
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3916.json
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3916.json
11
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-3916
reference_id
reference_type
scores
0
value 0.00226
scoring_system epss
scoring_elements 0.45481
published_at 2026-04-16T12:55:00Z
1
value 0.00226
scoring_system epss
scoring_elements 0.45418
published_at 2026-04-02T12:55:00Z
2
value 0.00226
scoring_system epss
scoring_elements 0.45438
published_at 2026-04-04T12:55:00Z
3
value 0.00226
scoring_system epss
scoring_elements 0.45382
published_at 2026-04-07T12:55:00Z
4
value 0.00226
scoring_system epss
scoring_elements 0.45437
published_at 2026-04-09T12:55:00Z
5
value 0.00226
scoring_system epss
scoring_elements 0.45458
published_at 2026-04-11T12:55:00Z
6
value 0.00226
scoring_system epss
scoring_elements 0.45428
published_at 2026-04-12T12:55:00Z
7
value 0.00226
scoring_system epss
scoring_elements 0.4543
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-3916
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2141404
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2141404
13
reference_url https://github.com/keycloak/keycloak
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6
reference_id cpe:/a:redhat:red_hat_single_sign_on:7.6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6.1
reference_id cpe:/a:redhat:red_hat_single_sign_on:7.6.1
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6.1
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el7
reference_id cpe:/a:redhat:red_hat_single_sign_on:7.6::el7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el7
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el8
reference_id cpe:/a:redhat:red_hat_single_sign_on:7.6::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el8
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el9
reference_id cpe:/a:redhat:red_hat_single_sign_on:7.6::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el9
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhosemc:1.0::el8
reference_id cpe:/a:redhat:rhosemc:1.0::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhosemc:1.0::el8
20
reference_url https://access.redhat.com/security/cve/CVE-2022-3916
reference_id CVE-2022-3916
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T20:08:01Z/
url https://access.redhat.com/security/cve/CVE-2022-3916
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-3916
reference_id CVE-2022-3916
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-3916
22
reference_url https://github.com/advisories/GHSA-97g8-xfvw-q4hg
reference_id GHSA-97g8-xfvw-q4hg
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-97g8-xfvw-q4hg
23
reference_url https://github.com/keycloak/keycloak/security/advisories/GHSA-97g8-xfvw-q4hg
reference_id GHSA-97g8-xfvw-q4hg
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/security/advisories/GHSA-97g8-xfvw-q4hg
fixed_packages
aliases CVE-2022-3916, GHSA-97g8-xfvw-q4hg, GMS-2022-8406
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dxj3-8sk5-mfdy
11
url VCID-ebn8-cjqs-k3ad
vulnerability_id VCID-ebn8-cjqs-k3ad
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
A reflected cross-site scripting (XSS) vulnerability was found in the 'oob' OAuth endpoint due to incorrect null-byte handling. This issue allows a malicious link to insert an arbitrary URI into a Keycloak error page. This flaw requires a user or administrator to interact with a link in order to be vulnerable. This may compromise user details, allowing it to be changed or collected by an attacker.
references
0
reference_url https://access.redhat.com/errata/RHSA-2023:1043
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2023:1043
1
reference_url https://access.redhat.com/errata/RHSA-2023:1044
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2023:1044
2
reference_url https://access.redhat.com/errata/RHSA-2023:1045
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2023:1045
3
reference_url https://access.redhat.com/errata/RHSA-2023:1049
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2023:1049
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4137.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4137.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-4137
reference_id
reference_type
scores
0
value 0.00529
scoring_system epss
scoring_elements 0.67227
published_at 2026-04-16T12:55:00Z
1
value 0.00529
scoring_system epss
scoring_elements 0.67158
published_at 2026-04-07T12:55:00Z
2
value 0.00529
scoring_system epss
scoring_elements 0.67182
published_at 2026-04-04T12:55:00Z
3
value 0.00529
scoring_system epss
scoring_elements 0.67207
published_at 2026-04-08T12:55:00Z
4
value 0.00529
scoring_system epss
scoring_elements 0.6722
published_at 2026-04-09T12:55:00Z
5
value 0.00529
scoring_system epss
scoring_elements 0.6724
published_at 2026-04-11T12:55:00Z
6
value 0.00529
scoring_system epss
scoring_elements 0.67226
published_at 2026-04-12T12:55:00Z
7
value 0.00529
scoring_system epss
scoring_elements 0.67192
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-4137
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2148496
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=2148496
7
reference_url https://github.com/keycloak/keycloak
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak
8
reference_url https://github.com/keycloak/keycloak/commit/30d0e9d22dae51392e5a3748a1c68c116667359a
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/commit/30d0e9d22dae51392e5a3748a1c68c116667359a
9
reference_url https://github.com/keycloak/keycloak/pull/16774
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/pull/16774
10
reference_url https://access.redhat.com/security/cve/CVE-2022-4137
reference_id CVE-2022-4137
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2022-4137
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-4137
reference_id CVE-2022-4137
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-4137
12
reference_url https://github.com/advisories/GHSA-9hhc-pj4w-w5rv
reference_id GHSA-9hhc-pj4w-w5rv
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9hhc-pj4w-w5rv
13
reference_url https://github.com/keycloak/keycloak/security/advisories/GHSA-9hhc-pj4w-w5rv
reference_id GHSA-9hhc-pj4w-w5rv
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/security/advisories/GHSA-9hhc-pj4w-w5rv
fixed_packages
aliases CVE-2022-4137, GHSA-9hhc-pj4w-w5rv, GMS-2023-616
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ebn8-cjqs-k3ad
12
url VCID-gp47-t3vm-57an
vulnerability_id VCID-gp47-t3vm-57an
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
A flaw was found in Keycloak. Under specific circumstances, HTML entities are not sanitized during user impersonation, resulting in a Cross-site scripting (XSS) vulnerability.
references
0
reference_url https://access.redhat.com/errata/RHSA-2023:1043
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T15:05:51Z/
url https://access.redhat.com/errata/RHSA-2023:1043
1
reference_url https://access.redhat.com/errata/RHSA-2023:1044
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T15:05:51Z/
url https://access.redhat.com/errata/RHSA-2023:1044
2
reference_url https://access.redhat.com/errata/RHSA-2023:1045
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T15:05:51Z/
url https://access.redhat.com/errata/RHSA-2023:1045
3
reference_url https://access.redhat.com/errata/RHSA-2023:1047
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T15:05:51Z/
url https://access.redhat.com/errata/RHSA-2023:1047
4
reference_url https://access.redhat.com/errata/RHSA-2023:1049
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T15:05:51Z/
url https://access.redhat.com/errata/RHSA-2023:1049
5
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1438.json
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1438.json
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-1438
reference_id
reference_type
scores
0
value 0.00166
scoring_system epss
scoring_elements 0.37796
published_at 2026-04-16T12:55:00Z
1
value 0.00166
scoring_system epss
scoring_elements 0.37645
published_at 2026-04-01T12:55:00Z
2
value 0.00166
scoring_system epss
scoring_elements 0.37827
published_at 2026-04-02T12:55:00Z
3
value 0.00166
scoring_system epss
scoring_elements 0.37853
published_at 2026-04-04T12:55:00Z
4
value 0.00166
scoring_system epss
scoring_elements 0.37731
published_at 2026-04-07T12:55:00Z
5
value 0.00166
scoring_system epss
scoring_elements 0.37781
published_at 2026-04-08T12:55:00Z
6
value 0.00166
scoring_system epss
scoring_elements 0.37794
published_at 2026-04-09T12:55:00Z
7
value 0.00166
scoring_system epss
scoring_elements 0.37808
published_at 2026-04-11T12:55:00Z
8
value 0.00166
scoring_system epss
scoring_elements 0.37773
published_at 2026-04-12T12:55:00Z
9
value 0.00166
scoring_system epss
scoring_elements 0.37748
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-1438
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2031904
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T15:05:51Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2031904
8
reference_url https://github.com/keycloak/keycloak
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak
9
reference_url https://github.com/keycloak/keycloak/blob/48835576daa158443f69917ac309e1a7c951bc87/services/src/main/java/org/keycloak/authentication/AuthenticationProcessor.java#L1045
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/blob/48835576daa158443f69917ac309e1a7c951bc87/services/src/main/java/org/keycloak/authentication/AuthenticationProcessor.java#L1045
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6
reference_id cpe:/a:redhat:red_hat_single_sign_on:7.6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el7
reference_id cpe:/a:redhat:red_hat_single_sign_on:7.6::el7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el7
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el8
reference_id cpe:/a:redhat:red_hat_single_sign_on:7.6::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el8
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el9
reference_id cpe:/a:redhat:red_hat_single_sign_on:7.6::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el9
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhosemc:1.0::el8
reference_id cpe:/a:redhat:rhosemc:1.0::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhosemc:1.0::el8
15
reference_url https://access.redhat.com/security/cve/cve-2022-1438
reference_id CVE-2022-1438
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/cve-2022-1438
16
reference_url https://access.redhat.com/security/cve/CVE-2022-1438
reference_id CVE-2022-1438
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T15:05:51Z/
url https://access.redhat.com/security/cve/CVE-2022-1438
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-1438
reference_id CVE-2022-1438
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-1438
18
reference_url https://github.com/advisories/GHSA-w354-2f3c-qvg9
reference_id GHSA-w354-2f3c-qvg9
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w354-2f3c-qvg9
19
reference_url https://github.com/keycloak/keycloak/security/advisories/GHSA-w354-2f3c-qvg9
reference_id GHSA-w354-2f3c-qvg9
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/security/advisories/GHSA-w354-2f3c-qvg9
fixed_packages
aliases CVE-2022-1438, GHSA-w354-2f3c-qvg9, GMS-2023-529
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gp47-t3vm-57an
13
url VCID-hbwg-ebvx-k7e1
vulnerability_id VCID-hbwg-ebvx-k7e1
summary 
Cross-site Scripting
In Bootstrap, XSS is possible in the collapse data-parent attribute.
references
0
reference_url http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html
1
reference_url http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14040.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14040.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-14040
reference_id
reference_type
scores
0
value 0.01633
scoring_system epss
scoring_elements 0.81854
published_at 2026-04-02T12:55:00Z
1
value 0.01633
scoring_system epss
scoring_elements 0.81876
published_at 2026-04-04T12:55:00Z
2
value 0.01633
scoring_system epss
scoring_elements 0.81843
published_at 2026-04-01T12:55:00Z
3
value 0.01874
scoring_system epss
scoring_elements 0.83114
published_at 2026-04-09T12:55:00Z
4
value 0.01874
scoring_system epss
scoring_elements 0.8313
published_at 2026-04-11T12:55:00Z
5
value 0.01874
scoring_system epss
scoring_elements 0.83082
published_at 2026-04-07T12:55:00Z
6
value 0.01874
scoring_system epss
scoring_elements 0.83107
published_at 2026-04-08T12:55:00Z
7
value 0.02801
scoring_system epss
scoring_elements 0.8612
published_at 2026-04-12T12:55:00Z
8
value 0.02801
scoring_system epss
scoring_elements 0.86133
published_at 2026-04-16T12:55:00Z
9
value 0.02801
scoring_system epss
scoring_elements 0.86116
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-14040
4
reference_url https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2
5
reference_url https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2/
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements
url https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2/
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14040
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14040
7
reference_url http://seclists.org/fulldisclosure/2019/May/10
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2019/May/10
8
reference_url http://seclists.org/fulldisclosure/2019/May/11
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2019/May/11
9
reference_url http://seclists.org/fulldisclosure/2019/May/13
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2019/May/13
10
reference_url https://github.com/twbs/bootstrap/blob/v3.4.1/js/collapse.js#L140
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/twbs/bootstrap/blob/v3.4.1/js/collapse.js#L140
11
reference_url https://github.com/twbs/bootstrap/blob/v3.4.1/js/scrollspy.js#L56
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/twbs/bootstrap/blob/v3.4.1/js/scrollspy.js#L56
12
reference_url https://github.com/twbs/bootstrap/blob/v3.4.1/js/tooltip.js#L352
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/twbs/bootstrap/blob/v3.4.1/js/tooltip.js#L352
13
reference_url https://github.com/twbs/bootstrap/commit/149096016f70fd815540d62c0989fd99cdc809e0
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/twbs/bootstrap/commit/149096016f70fd815540d62c0989fd99cdc809e0
14
reference_url https://github.com/twbs/bootstrap/commit/2a5ba23ce8f041f3548317acc992ed8a736b609d
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/twbs/bootstrap/commit/2a5ba23ce8f041f3548317acc992ed8a736b609d
15
reference_url https://github.com/twbs/bootstrap/issues/26423
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/twbs/bootstrap/issues/26423
16
reference_url https://github.com/twbs/bootstrap/issues/26625
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/twbs/bootstrap/issues/26625
17
reference_url https://github.com/twbs/bootstrap/pull/26630
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/twbs/bootstrap/pull/26630
18
reference_url https://github.com/twbs/bootstrap-rubygem/commit/f34c43c936ac7d0ebb129289321d8c51cd56aed1#diff-4e736e880b7fc39eb5e85576b629f6e3cd08f02f45104a7b4581f82852e97a81R1306
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/twbs/bootstrap-rubygem/commit/f34c43c936ac7d0ebb129289321d8c51cd56aed1#diff-4e736e880b7fc39eb5e85576b629f6e3cd08f02f45104a7b4581f82852e97a81R1306
19
reference_url https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e@%3Cdev.superset.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e@%3Cdev.superset.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e%40%3Cdev.superset.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e%40%3Cdev.superset.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E
27
reference_url https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714@%3Cissues.hbase.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714@%3Cissues.hbase.apache.org%3E
28
reference_url https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714%40%3Cissues.hbase.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714%40%3Cissues.hbase.apache.org%3E
29
reference_url https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26@%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26@%3Ccommits.pulsar.apache.org%3E
30
reference_url https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26%40%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26%40%3Ccommits.pulsar.apache.org%3E
31
reference_url https://lists.debian.org/debian-lts-announce/2018/08/msg00027.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/08/msg00027.html
32
reference_url https://seclists.org/bugtraq/2019/May/18
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/May/18
33
reference_url https://www.oracle.com/security-alerts/cpuApr2021.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuApr2021.html
34
reference_url https://www.tenable.com/security/tns-2021-14
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.tenable.com/security/tns-2021-14
35
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1601614
reference_id 1601614
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1601614
36
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=907414
reference_id 907414
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=907414
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha:*:*:*:*:*:*
reference_id cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha2:*:*:*:*:*:*
reference_id cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha2:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha3:*:*:*:*:*:*
reference_id cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha3:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha4:*:*:*:*:*:*
reference_id cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha4:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha5:*:*:*:*:*:*
reference_id cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha5:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha5:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha6:*:*:*:*:*:*
reference_id cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha6:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha6:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta:*:*:*:*:*:*
reference_id cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta2:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta3:*:*:*:*:*:*
reference_id cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta3:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-14040
reference_id CVE-2018-14040
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-14040
49
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap/CVE-2018-14040.yml
reference_id CVE-2018-14040.YML
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap/CVE-2018-14040.yml
50
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap-sass/CVE-2018-14040.yml
reference_id CVE-2018-14040.YML
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap-sass/CVE-2018-14040.yml
51
reference_url https://github.com/advisories/GHSA-3wqf-4x89-9g79
reference_id GHSA-3wqf-4x89-9g79
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3wqf-4x89-9g79
52
reference_url https://access.redhat.com/errata/RHSA-2020:3936
reference_id RHSA-2020:3936
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3936
53
reference_url https://access.redhat.com/errata/RHSA-2020:4670
reference_id RHSA-2020:4670
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4670
54
reference_url https://access.redhat.com/errata/RHSA-2020:4847
reference_id RHSA-2020:4847
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4847
55
reference_url https://access.redhat.com/errata/RHSA-2023:0552
reference_id RHSA-2023:0552
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0552
56
reference_url https://access.redhat.com/errata/RHSA-2023:0553
reference_id RHSA-2023:0553
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0553
57
reference_url https://access.redhat.com/errata/RHSA-2023:0554
reference_id RHSA-2023:0554
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0554
58
reference_url https://access.redhat.com/errata/RHSA-2023:0556
reference_id RHSA-2023:0556
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0556
fixed_packages
aliases CVE-2018-14040, GHSA-3wqf-4x89-9g79
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hbwg-ebvx-k7e1
14
url VCID-kexn-gjxj-uudm
vulnerability_id VCID-kexn-gjxj-uudm
summary 
Path Traversal: 'dir/../../filename' in moment.locale
This vulnerability impacts npm (server) users of moment.js, especially if user provided locale string, eg `fr` is directly used to switch moment locale.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24785.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24785.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-24785
reference_id
reference_type
scores
0
value 0.02256
scoring_system epss
scoring_elements 0.84621
published_at 2026-04-16T12:55:00Z
1
value 0.02256
scoring_system epss
scoring_elements 0.84611
published_at 2026-04-11T12:55:00Z
2
value 0.02256
scoring_system epss
scoring_elements 0.84539
published_at 2026-04-02T12:55:00Z
3
value 0.02256
scoring_system epss
scoring_elements 0.8456
published_at 2026-04-04T12:55:00Z
4
value 0.02256
scoring_system epss
scoring_elements 0.84601
published_at 2026-04-13T12:55:00Z
5
value 0.02256
scoring_system epss
scoring_elements 0.84606
published_at 2026-04-12T12:55:00Z
6
value 0.02256
scoring_system epss
scoring_elements 0.84564
published_at 2026-04-07T12:55:00Z
7
value 0.02256
scoring_system epss
scoring_elements 0.84585
published_at 2026-04-08T12:55:00Z
8
value 0.02256
scoring_system epss
scoring_elements 0.84592
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-24785
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24785
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24785
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/moment/moment
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moment/moment
5
reference_url https://github.com/moment/moment/commit/4211bfc8f15746be4019bba557e29a7ba83d54c5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:10Z/
url https://github.com/moment/moment/commit/4211bfc8f15746be4019bba557e29a7ba83d54c5
6
reference_url https://lists.debian.org/debian-lts-announce/2023/01/msg00035.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:10Z/
url https://lists.debian.org/debian-lts-announce/2023/01/msg00035.html
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5
11
reference_url https://security.netapp.com/advisory/ntap-20220513-0006
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220513-0006
12
reference_url https://security.netapp.com/advisory/ntap-20241108-0002
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20241108-0002
13
reference_url https://www.tenable.com/security/tns-2022-09
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:10Z/
url https://www.tenable.com/security/tns-2022-09
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009327
reference_id 1009327
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009327
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2072009
reference_id 2072009
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2072009
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q/
reference_id 6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:10Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q/
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-24785
reference_id CVE-2022-24785
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-24785
18
reference_url https://github.com/advisories/GHSA-8hfj-j24r-96c4
reference_id GHSA-8hfj-j24r-96c4
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8hfj-j24r-96c4
19
reference_url https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4
reference_id GHSA-8hfj-j24r-96c4
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:10Z/
url https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4
20
reference_url https://security.netapp.com/advisory/ntap-20220513-0006/
reference_id ntap-20220513-0006
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:10Z/
url https://security.netapp.com/advisory/ntap-20220513-0006/
21
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5/
reference_id ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:10Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5/
22
reference_url https://access.redhat.com/errata/RHSA-2022:4918
reference_id RHSA-2022:4918
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4918
23
reference_url https://access.redhat.com/errata/RHSA-2022:4919
reference_id RHSA-2022:4919
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4919
24
reference_url https://access.redhat.com/errata/RHSA-2022:4922
reference_id RHSA-2022:4922
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4922
25
reference_url https://access.redhat.com/errata/RHSA-2022:5006
reference_id RHSA-2022:5006
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5006
26
reference_url https://access.redhat.com/errata/RHSA-2022:6156
reference_id RHSA-2022:6156
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6156
27
reference_url https://access.redhat.com/errata/RHSA-2022:6272
reference_id RHSA-2022:6272
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6272
28
reference_url https://access.redhat.com/errata/RHSA-2022:6277
reference_id RHSA-2022:6277
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6277
29
reference_url https://access.redhat.com/errata/RHSA-2022:8652
reference_id RHSA-2022:8652
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8652
30
reference_url https://access.redhat.com/errata/RHSA-2023:0076
reference_id RHSA-2023:0076
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0076
31
reference_url https://access.redhat.com/errata/RHSA-2023:3642
reference_id RHSA-2023:3642
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3642
32
reference_url https://access.redhat.com/errata/RHSA-2025:4437
reference_id RHSA-2025:4437
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4437
33
reference_url https://usn.ubuntu.com/5559-1/
reference_id USN-5559-1
reference_type
scores
url https://usn.ubuntu.com/5559-1/
fixed_packages
aliases CVE-2022-24785, GHSA-8hfj-j24r-96c4
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kexn-gjxj-uudm
15
url VCID-mm3e-4pej-byed
vulnerability_id VCID-mm3e-4pej-byed
summary 
Uncontrolled Resource Consumption in snakeyaml
The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25857.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25857.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-25857
reference_id
reference_type
scores
0
value 0.00869
scoring_system epss
scoring_elements 0.7521
published_at 2026-04-16T12:55:00Z
1
value 0.00869
scoring_system epss
scoring_elements 0.75162
published_at 2026-04-04T12:55:00Z
2
value 0.00869
scoring_system epss
scoring_elements 0.75207
published_at 2026-04-11T12:55:00Z
3
value 0.00869
scoring_system epss
scoring_elements 0.75185
published_at 2026-04-12T12:55:00Z
4
value 0.00869
scoring_system epss
scoring_elements 0.75173
published_at 2026-04-13T12:55:00Z
5
value 0.00869
scoring_system epss
scoring_elements 0.75139
published_at 2026-04-07T12:55:00Z
6
value 0.00869
scoring_system epss
scoring_elements 0.75132
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-25857
2
reference_url https://bitbucket.org/snakeyaml/snakeyaml/commits/fc300780da21f4bb92c148bc90257201220cf174
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bitbucket.org/snakeyaml/snakeyaml/commits/fc300780da21f4bb92c148bc90257201220cf174
3
reference_url https://bitbucket.org/snakeyaml/snakeyaml/issues/525
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bitbucket.org/snakeyaml/snakeyaml/issues/525
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25857
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25857
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/jruby/jruby/issues/7342
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
url https://github.com/jruby/jruby/issues/7342
7
reference_url https://github.com/snakeyaml/snakeyaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/snakeyaml/snakeyaml
8
reference_url https://github.com/snakeyaml/snakeyaml/commit/fc300780da21f4bb92c148bc90257201220cf174
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/snakeyaml/snakeyaml/commit/fc300780da21f4bb92c148bc90257201220cf174
9
reference_url https://lists.debian.org/debian-lts-announce/2022/10/msg00001.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/10/msg00001.html
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-25857
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-25857
11
reference_url https://security.netapp.com/advisory/ntap-20240315-0010
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240315-0010
12
reference_url https://security.snyk.io/vuln/SNYK-JAVA-ORGYAML-2806360
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.snyk.io/vuln/SNYK-JAVA-ORGYAML-2806360
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019218
reference_id 1019218
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019218
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2126789
reference_id 2126789
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2126789
15
reference_url https://github.com/advisories/GHSA-3mc7-4q67-w48m
reference_id GHSA-3mc7-4q67-w48m
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3mc7-4q67-w48m
16
reference_url https://access.redhat.com/errata/RHSA-2022:6757
reference_id RHSA-2022:6757
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6757
17
reference_url https://access.redhat.com/errata/RHSA-2022:6820
reference_id RHSA-2022:6820
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6820
18
reference_url https://access.redhat.com/errata/RHSA-2022:6821
reference_id RHSA-2022:6821
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6821
19
reference_url https://access.redhat.com/errata/RHSA-2022:6822
reference_id RHSA-2022:6822
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6822
20
reference_url https://access.redhat.com/errata/RHSA-2022:6823
reference_id RHSA-2022:6823
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6823
21
reference_url https://access.redhat.com/errata/RHSA-2022:6825
reference_id RHSA-2022:6825
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6825
22
reference_url https://access.redhat.com/errata/RHSA-2022:6835
reference_id RHSA-2022:6835
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6835
23
reference_url https://access.redhat.com/errata/RHSA-2022:6941
reference_id RHSA-2022:6941
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6941
24
reference_url https://access.redhat.com/errata/RHSA-2022:8524
reference_id RHSA-2022:8524
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8524
25
reference_url https://access.redhat.com/errata/RHSA-2022:8652
reference_id RHSA-2022:8652
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8652
26
reference_url https://access.redhat.com/errata/RHSA-2022:8876
reference_id RHSA-2022:8876
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8876
27
reference_url https://access.redhat.com/errata/RHSA-2023:0560
reference_id RHSA-2023:0560
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0560
28
reference_url https://access.redhat.com/errata/RHSA-2023:0777
reference_id RHSA-2023:0777
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0777
29
reference_url https://access.redhat.com/errata/RHSA-2023:2097
reference_id RHSA-2023:2097
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2097
30
reference_url https://access.redhat.com/errata/RHSA-2023:2100
reference_id RHSA-2023:2100
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2100
31
reference_url https://access.redhat.com/errata/RHSA-2023:3198
reference_id RHSA-2023:3198
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3198
32
reference_url https://access.redhat.com/errata/RHSA-2023:3641
reference_id RHSA-2023:3641
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3641
33
reference_url https://access.redhat.com/errata/RHSA-2023:4983
reference_id RHSA-2023:4983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4983
34
reference_url https://access.redhat.com/errata/RHSA-2023:6172
reference_id RHSA-2023:6172
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6172
35
reference_url https://access.redhat.com/errata/RHSA-2023:6179
reference_id RHSA-2023:6179
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6179
36
reference_url https://access.redhat.com/errata/RHSA-2023:7288
reference_id RHSA-2023:7288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7288
37
reference_url https://access.redhat.com/errata/RHSA-2023:7697
reference_id RHSA-2023:7697
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7697
38
reference_url https://access.redhat.com/errata/RHSA-2024:0776
reference_id RHSA-2024:0776
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0776
39
reference_url https://access.redhat.com/errata/RHSA-2024:0777
reference_id RHSA-2024:0777
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0777
40
reference_url https://access.redhat.com/errata/RHSA-2024:0778
reference_id RHSA-2024:0778
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0778
41
reference_url https://access.redhat.com/errata/RHSA-2025:4437
reference_id RHSA-2025:4437
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4437
42
reference_url https://usn.ubuntu.com/5944-1/
reference_id USN-5944-1
reference_type
scores
url https://usn.ubuntu.com/5944-1/
fixed_packages
aliases CVE-2022-25857, GHSA-3mc7-4q67-w48m
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mm3e-4pej-byed
16
url VCID-myp4-24sf-9yfv
vulnerability_id VCID-myp4-24sf-9yfv
summary 
Jettison memory exhaustion
Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by Out of memory. This effect may support a denial of service attack.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40150.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40150.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-40150
reference_id
reference_type
scores
0
value 0.00065
scoring_system epss
scoring_elements 0.20272
published_at 2026-04-16T12:55:00Z
1
value 0.00065
scoring_system epss
scoring_elements 0.20284
published_at 2026-04-13T12:55:00Z
2
value 0.00065
scoring_system epss
scoring_elements 0.20343
published_at 2026-04-12T12:55:00Z
3
value 0.00065
scoring_system epss
scoring_elements 0.20388
published_at 2026-04-11T12:55:00Z
4
value 0.00065
scoring_system epss
scoring_elements 0.20358
published_at 2026-04-09T12:55:00Z
5
value 0.00065
scoring_system epss
scoring_elements 0.20299
published_at 2026-04-08T12:55:00Z
6
value 0.00065
scoring_system epss
scoring_elements 0.20219
published_at 2026-04-07T12:55:00Z
7
value 0.00065
scoring_system epss
scoring_elements 0.2043
published_at 2026-04-02T12:55:00Z
8
value 0.00065
scoring_system epss
scoring_elements 0.20493
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-40150
2
reference_url https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46549
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:36:35Z/
url https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46549
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40149
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40149
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40150
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40150
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45685
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45685
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45693
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45693
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://github.com/jettison-json/jettison
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jettison-json/jettison
9
reference_url https://github.com/jettison-json/jettison/issues/45
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:36:35Z/
url https://github.com/jettison-json/jettison/issues/45
10
reference_url https://lists.debian.org/debian-lts-announce/2022/12/msg00045.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:36:35Z/
url https://lists.debian.org/debian-lts-announce/2022/12/msg00045.html
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-40150
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-40150
12
reference_url https://www.debian.org/security/2023/dsa-5312
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:36:35Z/
url https://www.debian.org/security/2023/dsa-5312
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022553
reference_id 1022553
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022553
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2135770
reference_id 2135770
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2135770
15
reference_url https://github.com/advisories/GHSA-x27m-9w8j-5vcw
reference_id GHSA-x27m-9w8j-5vcw
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x27m-9w8j-5vcw
16
reference_url https://access.redhat.com/errata/RHSA-2023:0469
reference_id RHSA-2023:0469
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0469
17
reference_url https://access.redhat.com/errata/RHSA-2023:0552
reference_id RHSA-2023:0552
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0552
18
reference_url https://access.redhat.com/errata/RHSA-2023:0553
reference_id RHSA-2023:0553
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0553
19
reference_url https://access.redhat.com/errata/RHSA-2023:0554
reference_id RHSA-2023:0554
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0554
20
reference_url https://access.redhat.com/errata/RHSA-2023:0556
reference_id RHSA-2023:0556
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0556
21
reference_url https://access.redhat.com/errata/RHSA-2023:2100
reference_id RHSA-2023:2100
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2100
22
reference_url https://access.redhat.com/errata/RHSA-2023:3223
reference_id RHSA-2023:3223
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3223
23
reference_url https://access.redhat.com/errata/RHSA-2023:3610
reference_id RHSA-2023:3610
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3610
24
reference_url https://access.redhat.com/errata/RHSA-2023:3663
reference_id RHSA-2023:3663
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3663
25
reference_url https://access.redhat.com/errata/RHSA-2025:4437
reference_id RHSA-2025:4437
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4437
26
reference_url https://usn.ubuntu.com/6177-1/
reference_id USN-6177-1
reference_type
scores
url https://usn.ubuntu.com/6177-1/
fixed_packages
aliases CVE-2022-40150, GHSA-x27m-9w8j-5vcw
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-myp4-24sf-9yfv
17
url VCID-netd-rr9e-wbg5
vulnerability_id VCID-netd-rr9e-wbg5
summary 
Unsafe deserialization in Apache MINA SSHD
Class org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider in Apache MINA SSHD <= 2.9.1 uses Java deserialization to load a serialized java.security.PrivateKey. The class is one of several implementations that an implementor using Apache MINA SSHD can choose for loading the host keys of an SSH server.

Until version 2.1.0, the code affected by this vulnerability appeared in `org.apache.sshd:sshd-core`. Version 2.1.0 contains a [commit](https://github.com/apache/mina-sshd/commit/10de190e7d3f9189deb76b8d08c72334a1fe2df0) where the code was moved to the package `org.apache.sshd:sshd-common`, which did not exist until version 2.1.0.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-45047.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-45047.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-45047
reference_id
reference_type
scores
0
value 0.05083
scoring_system epss
scoring_elements 0.8982
published_at 2026-04-16T12:55:00Z
1
value 0.05083
scoring_system epss
scoring_elements 0.89815
published_at 2026-04-11T12:55:00Z
2
value 0.05083
scoring_system epss
scoring_elements 0.89806
published_at 2026-04-13T12:55:00Z
3
value 0.05083
scoring_system epss
scoring_elements 0.89813
published_at 2026-04-12T12:55:00Z
4
value 0.05083
scoring_system epss
scoring_elements 0.89785
published_at 2026-04-07T12:55:00Z
5
value 0.05083
scoring_system epss
scoring_elements 0.89802
published_at 2026-04-08T12:55:00Z
6
value 0.05083
scoring_system epss
scoring_elements 0.89809
published_at 2026-04-09T12:55:00Z
7
value 0.05378
scoring_system epss
scoring_elements 0.90075
published_at 2026-04-04T12:55:00Z
8
value 0.05378
scoring_system epss
scoring_elements 0.90064
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-45047
2
reference_url https://github.com/apache/mina-sshd
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/mina-sshd
3
reference_url https://github.com/apache/mina-sshd/commit/03238d51586f6b3c0bdbb1a23cf16799344d6c32
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/mina-sshd/commit/03238d51586f6b3c0bdbb1a23cf16799344d6c32
4
reference_url https://github.com/apache/mina-sshd/commit/10de190e7d3f9189deb76b8d08c72334a1fe2df0
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/mina-sshd/commit/10de190e7d3f9189deb76b8d08c72334a1fe2df0
5
reference_url https://github.com/apache/mina-sshd/commit/5a8fe830b2a2308a2b24ac8115a391af477f64f5
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/mina-sshd/commit/5a8fe830b2a2308a2b24ac8115a391af477f64f5
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-45047
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-45047
7
reference_url https://www.mail-archive.com/dev@mina.apache.org/msg39312.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.mail-archive.com/dev@mina.apache.org/msg39312.html
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2145194
reference_id 2145194
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2145194
9
reference_url https://github.com/advisories/GHSA-fhw8-8j55-vwgq
reference_id GHSA-fhw8-8j55-vwgq
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fhw8-8j55-vwgq
10
reference_url https://access.redhat.com/errata/RHSA-2022:8957
reference_id RHSA-2022:8957
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8957
11
reference_url https://access.redhat.com/errata/RHSA-2023:0074
reference_id RHSA-2023:0074
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0074
12
reference_url https://access.redhat.com/errata/RHSA-2023:0552
reference_id RHSA-2023:0552
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0552
13
reference_url https://access.redhat.com/errata/RHSA-2023:0553
reference_id RHSA-2023:0553
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0553
14
reference_url https://access.redhat.com/errata/RHSA-2023:0554
reference_id RHSA-2023:0554
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0554
15
reference_url https://access.redhat.com/errata/RHSA-2023:0556
reference_id RHSA-2023:0556
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0556
16
reference_url https://access.redhat.com/errata/RHSA-2023:0560
reference_id RHSA-2023:0560
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0560
17
reference_url https://access.redhat.com/errata/RHSA-2023:0713
reference_id RHSA-2023:0713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0713
18
reference_url https://access.redhat.com/errata/RHSA-2023:0758
reference_id RHSA-2023:0758
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0758
19
reference_url https://access.redhat.com/errata/RHSA-2023:0777
reference_id RHSA-2023:0777
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0777
20
reference_url https://access.redhat.com/errata/RHSA-2023:1064
reference_id RHSA-2023:1064
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1064
21
reference_url https://access.redhat.com/errata/RHSA-2023:3198
reference_id RHSA-2023:3198
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3198
22
reference_url https://access.redhat.com/errata/RHSA-2023:3641
reference_id RHSA-2023:3641
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3641
23
reference_url https://access.redhat.com/errata/RHSA-2023:4983
reference_id RHSA-2023:4983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4983
24
reference_url https://access.redhat.com/errata/RHSA-2025:1746
reference_id RHSA-2025:1746
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1746
25
reference_url https://access.redhat.com/errata/RHSA-2025:1747
reference_id RHSA-2025:1747
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1747
fixed_packages
aliases CVE-2022-45047, GHSA-fhw8-8j55-vwgq
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-netd-rr9e-wbg5
18
url VCID-ptd4-8f7f-hyg6
vulnerability_id VCID-ptd4-8f7f-hyg6
summary 
Moment.js vulnerable to Inefficient Regular Expression Complexity
### Impact

* using string-to-date parsing in moment (more specifically rfc2822 parsing, which is tried by default) has quadratic (N^2) complexity on specific inputs
* noticeable slowdown is observed with inputs above 10k characters
* users who pass user-provided strings without sanity length checks to moment constructor are vulnerable to (Re)DoS attacks

### Patches
The problem is patched in 2.29.4, the patch can be applied to all affected versions with minimal tweaking.

### Workarounds
In general, given the proliferation of ReDoS attacks, it makes sense to limit the length of the user input to something sane, like 200 characters or less. I haven't seen legitimate cases of date-time strings longer than that, so all moment users who do pass a user-originating string to constructor are encouraged to apply such a rudimentary filter, that would help with this but also most future ReDoS vulnerabilities.

### References
There is an excellent writeup of the issue here: https://github.com/moment/moment/pull/6015#issuecomment-1152961973=

### Details
The issue is rooted in the code that removes legacy comments (stuff inside parenthesis) from strings during rfc2822 parsing. `moment("(".repeat(500000))` will take a few minutes to process, which is unacceptable.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31129.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31129.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-31129
reference_id
reference_type
scores
0
value 0.03435
scoring_system epss
scoring_elements 0.87494
published_at 2026-04-16T12:55:00Z
1
value 0.03435
scoring_system epss
scoring_elements 0.87433
published_at 2026-04-02T12:55:00Z
2
value 0.03435
scoring_system epss
scoring_elements 0.87448
published_at 2026-04-04T12:55:00Z
3
value 0.03435
scoring_system epss
scoring_elements 0.87449
published_at 2026-04-07T12:55:00Z
4
value 0.03435
scoring_system epss
scoring_elements 0.87469
published_at 2026-04-08T12:55:00Z
5
value 0.03435
scoring_system epss
scoring_elements 0.87475
published_at 2026-04-09T12:55:00Z
6
value 0.03435
scoring_system epss
scoring_elements 0.87487
published_at 2026-04-11T12:55:00Z
7
value 0.03435
scoring_system epss
scoring_elements 0.87482
published_at 2026-04-12T12:55:00Z
8
value 0.03435
scoring_system epss
scoring_elements 0.87479
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-31129
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31129
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31129
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/moment/moment
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moment/moment
5
reference_url https://github.com/moment/moment/commit/9a3b5894f3d5d602948ac8a02e4ee528a49ca3a3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:40:27Z/
url https://github.com/moment/moment/commit/9a3b5894f3d5d602948ac8a02e4ee528a49ca3a3
6
reference_url https://github.com/moment/moment/pull/6015/commits/4bbb9f3ccbe231de40207503f344fe5ce97584f4
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moment/moment/pull/6015/commits/4bbb9f3ccbe231de40207503f344fe5ce97584f4
7
reference_url https://github.com/moment/moment/pull/6015/commits/bfd4f2375d5c1a2106246721d693a9611dddfbfe
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moment/moment/pull/6015/commits/bfd4f2375d5c1a2106246721d693a9611dddfbfe
8
reference_url https://github.com/moment/moment/pull/6015/commits/dc0d180e90d8a84f7ff13572363330a22b3ea504
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moment/moment/pull/6015/commits/dc0d180e90d8a84f7ff13572363330a22b3ea504
9
reference_url https://github.com/moment/moment/pull/6015#issuecomment-1152961973
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:40:27Z/
url https://github.com/moment/moment/pull/6015#issuecomment-1152961973
10
reference_url https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:40:27Z/
url https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g
11
reference_url https://huntr.dev/bounties/f0952b67-f2ff-44a9-a9cd-99e0a87cb633
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://huntr.dev/bounties/f0952b67-f2ff-44a9-a9cd-99e0a87cb633
12
reference_url https://lists.debian.org/debian-lts-announce/2023/01/msg00035.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:40:27Z/
url https://lists.debian.org/debian-lts-announce/2023/01/msg00035.html
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWY24RJA3SBJGA5N4CU4VBPHJPPPJL5O
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWY24RJA3SBJGA5N4CU4VBPHJPPPJL5O
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZMX5YHELQVCGKKQVFXIYOTBMN23YYSRO
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZMX5YHELQVCGKKQVFXIYOTBMN23YYSRO
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IWY24RJA3SBJGA5N4CU4VBPHJPPPJL5O
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IWY24RJA3SBJGA5N4CU4VBPHJPPPJL5O
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5
20
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZMX5YHELQVCGKKQVFXIYOTBMN23YYSRO
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZMX5YHELQVCGKKQVFXIYOTBMN23YYSRO
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-31129
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-31129
22
reference_url https://security.netapp.com/advisory/ntap-20221014-0003
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20221014-0003
23
reference_url https://security.netapp.com/advisory/ntap-20241108-0002
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20241108-0002
24
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014845
reference_id 1014845
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014845
25
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2105075
reference_id 2105075
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2105075
26
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q/
reference_id 6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:40:27Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q/
27
reference_url https://huntr.dev/bounties/f0952b67-f2ff-44a9-a9cd-99e0a87cb633/
reference_id f0952b67-f2ff-44a9-a9cd-99e0a87cb633
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:40:27Z/
url https://huntr.dev/bounties/f0952b67-f2ff-44a9-a9cd-99e0a87cb633/
28
reference_url https://github.com/advisories/GHSA-wc69-rhjr-hc9g
reference_id GHSA-wc69-rhjr-hc9g
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wc69-rhjr-hc9g
29
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWY24RJA3SBJGA5N4CU4VBPHJPPPJL5O/
reference_id IWY24RJA3SBJGA5N4CU4VBPHJPPPJL5O
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:40:27Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWY24RJA3SBJGA5N4CU4VBPHJPPPJL5O/
30
reference_url https://security.netapp.com/advisory/ntap-20221014-0003/
reference_id ntap-20221014-0003
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:40:27Z/
url https://security.netapp.com/advisory/ntap-20221014-0003/
31
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5/
reference_id ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:40:27Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5/
32
reference_url https://access.redhat.com/errata/RHSA-2022:5913
reference_id RHSA-2022:5913
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5913
33
reference_url https://access.redhat.com/errata/RHSA-2022:5914
reference_id RHSA-2022:5914
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5914
34
reference_url https://access.redhat.com/errata/RHSA-2022:5915
reference_id RHSA-2022:5915
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5915
35
reference_url https://access.redhat.com/errata/RHSA-2022:6156
reference_id RHSA-2022:6156
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6156
36
reference_url https://access.redhat.com/errata/RHSA-2022:6271
reference_id RHSA-2022:6271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6271
37
reference_url https://access.redhat.com/errata/RHSA-2022:6272
reference_id RHSA-2022:6272
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6272
38
reference_url https://access.redhat.com/errata/RHSA-2022:6277
reference_id RHSA-2022:6277
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6277
39
reference_url https://access.redhat.com/errata/RHSA-2022:6392
reference_id RHSA-2022:6392
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6392
40
reference_url https://access.redhat.com/errata/RHSA-2022:6393
reference_id RHSA-2022:6393
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6393
41
reference_url https://access.redhat.com/errata/RHSA-2022:6835
reference_id RHSA-2022:6835
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6835
42
reference_url https://access.redhat.com/errata/RHSA-2022:8652
reference_id RHSA-2022:8652
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8652
43
reference_url https://access.redhat.com/errata/RHSA-2023:1486
reference_id RHSA-2023:1486
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1486
44
reference_url https://access.redhat.com/errata/RHSA-2023:3623
reference_id RHSA-2023:3623
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3623
45
reference_url https://usn.ubuntu.com/5559-1/
reference_id USN-5559-1
reference_type
scores
url https://usn.ubuntu.com/5559-1/
46
reference_url https://usn.ubuntu.com/6550-1/
reference_id USN-6550-1
reference_type
scores
url https://usn.ubuntu.com/6550-1/
47
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZMX5YHELQVCGKKQVFXIYOTBMN23YYSRO/
reference_id ZMX5YHELQVCGKKQVFXIYOTBMN23YYSRO
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:40:27Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZMX5YHELQVCGKKQVFXIYOTBMN23YYSRO/
fixed_packages
aliases CVE-2022-31129, GHSA-wc69-rhjr-hc9g
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ptd4-8f7f-hyg6
19
url VCID-qxfs-sq38-jfad
vulnerability_id VCID-qxfs-sq38-jfad
summary 
snakeYAML before 1.31 vulnerable to Denial of Service due to Out-of-bounds Write
Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38751.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38751.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-38751
reference_id
reference_type
scores
0
value 0.0021
scoring_system epss
scoring_elements 0.43507
published_at 2026-04-16T12:55:00Z
1
value 0.0021
scoring_system epss
scoring_elements 0.43475
published_at 2026-04-09T12:55:00Z
2
value 0.0021
scoring_system epss
scoring_elements 0.43447
published_at 2026-04-13T12:55:00Z
3
value 0.0021
scoring_system epss
scoring_elements 0.43462
published_at 2026-04-12T12:55:00Z
4
value 0.0021
scoring_system epss
scoring_elements 0.43493
published_at 2026-04-11T12:55:00Z
5
value 0.0021
scoring_system epss
scoring_elements 0.43461
published_at 2026-04-08T12:55:00Z
6
value 0.0021
scoring_system epss
scoring_elements 0.43445
published_at 2026-04-02T12:55:00Z
7
value 0.0021
scoring_system epss
scoring_elements 0.43472
published_at 2026-04-04T12:55:00Z
8
value 0.0021
scoring_system epss
scoring_elements 0.4341
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-38751
2
reference_url https://bitbucket.org/snakeyaml/snakeyaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bitbucket.org/snakeyaml/snakeyaml
3
reference_url https://bitbucket.org/snakeyaml/snakeyaml/issues/530/stackoverflow-oss-fuzz-47039
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:36:32Z/
url https://bitbucket.org/snakeyaml/snakeyaml/issues/530/stackoverflow-oss-fuzz-47039
4
reference_url https://bitbucket.org/snakeyaml/snakeyaml/src/master/src/test/java/org/yaml/snakeyaml/issues/issue530/Fuzzy47039Test.java
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bitbucket.org/snakeyaml/snakeyaml/src/master/src/test/java/org/yaml/snakeyaml/issues/issue530/Fuzzy47039Test.java
5
reference_url https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47039
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:36:32Z/
url https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47039
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38751
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38751
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://lists.debian.org/debian-lts-announce/2022/10/msg00001.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:36:32Z/
url https://lists.debian.org/debian-lts-announce/2022/10/msg00001.html
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-38751
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-38751
10
reference_url https://security.gentoo.org/glsa/202305-28
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:36:32Z/
url https://security.gentoo.org/glsa/202305-28
11
reference_url https://security.netapp.com/advisory/ntap-20240315-0010
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240315-0010
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2129709
reference_id 2129709
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2129709
13
reference_url https://github.com/advisories/GHSA-98wm-3w3q-mw94
reference_id GHSA-98wm-3w3q-mw94
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-98wm-3w3q-mw94
14
reference_url https://security.netapp.com/advisory/ntap-20240315-0010/
reference_id ntap-20240315-0010
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:36:32Z/
url https://security.netapp.com/advisory/ntap-20240315-0010/
15
reference_url https://access.redhat.com/errata/RHSA-2022:6757
reference_id RHSA-2022:6757
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6757
16
reference_url https://access.redhat.com/errata/RHSA-2022:8524
reference_id RHSA-2022:8524
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8524
17
reference_url https://access.redhat.com/errata/RHSA-2022:8876
reference_id RHSA-2022:8876
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8876
18
reference_url https://access.redhat.com/errata/RHSA-2023:2097
reference_id RHSA-2023:2097
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2097
19
reference_url https://access.redhat.com/errata/RHSA-2023:2100
reference_id RHSA-2023:2100
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2100
20
reference_url https://access.redhat.com/errata/RHSA-2023:3641
reference_id RHSA-2023:3641
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3641
21
reference_url https://usn.ubuntu.com/5944-1/
reference_id USN-5944-1
reference_type
scores
url https://usn.ubuntu.com/5944-1/
fixed_packages
aliases CVE-2022-38751, GHSA-98wm-3w3q-mw94
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qxfs-sq38-jfad
20
url VCID-sqx4-euc2-myew
vulnerability_id VCID-sqx4-euc2-myew
summary 
Jettison parser crash by stackoverflow
Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40149.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40149.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-40149
reference_id
reference_type
scores
0
value 0.0055
scoring_system epss
scoring_elements 0.67977
published_at 2026-04-16T12:55:00Z
1
value 0.0055
scoring_system epss
scoring_elements 0.67939
published_at 2026-04-13T12:55:00Z
2
value 0.0055
scoring_system epss
scoring_elements 0.67974
published_at 2026-04-12T12:55:00Z
3
value 0.0055
scoring_system epss
scoring_elements 0.67964
published_at 2026-04-09T12:55:00Z
4
value 0.0055
scoring_system epss
scoring_elements 0.67988
published_at 2026-04-11T12:55:00Z
5
value 0.0055
scoring_system epss
scoring_elements 0.6795
published_at 2026-04-08T12:55:00Z
6
value 0.0055
scoring_system epss
scoring_elements 0.67899
published_at 2026-04-07T12:55:00Z
7
value 0.0055
scoring_system epss
scoring_elements 0.6792
published_at 2026-04-04T12:55:00Z
8
value 0.0055
scoring_system epss
scoring_elements 0.67901
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-40149
2
reference_url https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46538
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:36:38Z/
url https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46538
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40149
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40149
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40150
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40150
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45685
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45685
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45693
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45693
7
reference_url https://github.com/jettison-json/jettison
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jettison-json/jettison
8
reference_url https://github.com/jettison-json/jettison/issues/45
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:36:38Z/
url https://github.com/jettison-json/jettison/issues/45
9
reference_url https://github.com/jettison-json/jettison/pull/49/files
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jettison-json/jettison/pull/49/files
10
reference_url https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1
11
reference_url https://lists.debian.org/debian-lts-announce/2022/11/msg00011.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:36:38Z/
url https://lists.debian.org/debian-lts-announce/2022/11/msg00011.html
12
reference_url https://www.debian.org/security/2023/dsa-5312
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:36:38Z/
url https://www.debian.org/security/2023/dsa-5312
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022554
reference_id 1022554
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022554
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2135771
reference_id 2135771
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2135771
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-40149
reference_id CVE-2022-40149
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-40149
16
reference_url https://github.com/advisories/GHSA-56h3-78gp-v83r
reference_id GHSA-56h3-78gp-v83r
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-56h3-78gp-v83r
17
reference_url https://access.redhat.com/errata/RHSA-2023:0469
reference_id RHSA-2023:0469
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0469
18
reference_url https://access.redhat.com/errata/RHSA-2023:0544
reference_id RHSA-2023:0544
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0544
19
reference_url https://access.redhat.com/errata/RHSA-2023:0552
reference_id RHSA-2023:0552
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0552
20
reference_url https://access.redhat.com/errata/RHSA-2023:0553
reference_id RHSA-2023:0553
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0553
21
reference_url https://access.redhat.com/errata/RHSA-2023:0554
reference_id RHSA-2023:0554
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0554
22
reference_url https://access.redhat.com/errata/RHSA-2023:0556
reference_id RHSA-2023:0556
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0556
23
reference_url https://access.redhat.com/errata/RHSA-2023:3223
reference_id RHSA-2023:3223
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3223
24
reference_url https://access.redhat.com/errata/RHSA-2023:3610
reference_id RHSA-2023:3610
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3610
25
reference_url https://access.redhat.com/errata/RHSA-2023:3663
reference_id RHSA-2023:3663
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3663
26
reference_url https://access.redhat.com/errata/RHSA-2025:4437
reference_id RHSA-2025:4437
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4437
27
reference_url https://usn.ubuntu.com/6177-1/
reference_id USN-6177-1
reference_type
scores
url https://usn.ubuntu.com/6177-1/
fixed_packages
aliases CVE-2022-40149, GHSA-56h3-78gp-v83r
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sqx4-euc2-myew
21
url VCID-turp-dju7-c7fx
vulnerability_id VCID-turp-dju7-c7fx
summary 
Prototype Pollution in minimist
Minimist <=1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey() (lines 69-95).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44906.json
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44906.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-44906
reference_id
reference_type
scores
0
value 0.00882
scoring_system epss
scoring_elements 0.75432
published_at 2026-04-16T12:55:00Z
1
value 0.00882
scoring_system epss
scoring_elements 0.75337
published_at 2026-04-01T12:55:00Z
2
value 0.00882
scoring_system epss
scoring_elements 0.75391
published_at 2026-04-13T12:55:00Z
3
value 0.00882
scoring_system epss
scoring_elements 0.75402
published_at 2026-04-12T12:55:00Z
4
value 0.00882
scoring_system epss
scoring_elements 0.75424
published_at 2026-04-11T12:55:00Z
5
value 0.00882
scoring_system epss
scoring_elements 0.75404
published_at 2026-04-09T12:55:00Z
6
value 0.00882
scoring_system epss
scoring_elements 0.7534
published_at 2026-04-02T12:55:00Z
7
value 0.00882
scoring_system epss
scoring_elements 0.75372
published_at 2026-04-04T12:55:00Z
8
value 0.00882
scoring_system epss
scoring_elements 0.75351
published_at 2026-04-07T12:55:00Z
9
value 0.00882
scoring_system epss
scoring_elements 0.75395
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-44906
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44906
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44906
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/Marynk/JavaScript-vulnerability-detection/blob/main/minimist%20PoC.zip
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/Marynk/JavaScript-vulnerability-detection/blob/main/minimist%20PoC.zip
5
reference_url https://github.com/minimistjs/minimist/commit/34e20b8461118608703d6485326abbb8e35e1703
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/minimistjs/minimist/commit/34e20b8461118608703d6485326abbb8e35e1703
6
reference_url https://github.com/minimistjs/minimist/commit/bc8ecee43875261f4f17eb20b1243d3ed15e70eb
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/minimistjs/minimist/commit/bc8ecee43875261f4f17eb20b1243d3ed15e70eb
7
reference_url https://github.com/minimistjs/minimist/commit/c2b981977fa834b223b408cfb860f933c9811e4d
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/minimistjs/minimist/commit/c2b981977fa834b223b408cfb860f933c9811e4d
8
reference_url https://github.com/minimistjs/minimist/commit/ef9153fc52b6cea0744b2239921c5dcae4697f11
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/minimistjs/minimist/commit/ef9153fc52b6cea0744b2239921c5dcae4697f11
9
reference_url https://github.com/minimistjs/minimist/commits/v0.2.4
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/minimistjs/minimist/commits/v0.2.4
10
reference_url https://github.com/minimistjs/minimist/issues/11
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/minimistjs/minimist/issues/11
11
reference_url https://github.com/minimistjs/minimist/pull/24
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/minimistjs/minimist/pull/24
12
reference_url https://github.com/substack/minimist
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/substack/minimist
13
reference_url https://github.com/substack/minimist/blob/master/index.js#L69
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/substack/minimist/blob/master/index.js#L69
14
reference_url https://github.com/substack/minimist/issues/164
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/substack/minimist/issues/164
15
reference_url https://security.netapp.com/advisory/ntap-20240621-0006
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240621-0006
16
reference_url https://snyk.io/vuln/SNYK-JS-MINIMIST-559764
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://snyk.io/vuln/SNYK-JS-MINIMIST-559764
17
reference_url https://stackoverflow.com/questions/8588563/adding-custom-properties-to-a-function/20278068#20278068
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://stackoverflow.com/questions/8588563/adding-custom-properties-to-a-function/20278068#20278068
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2066009
reference_id 2066009
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2066009
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-44906
reference_id CVE-2021-44906
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-44906
20
reference_url https://github.com/advisories/GHSA-xvch-5gv4-984h
reference_id GHSA-xvch-5gv4-984h
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xvch-5gv4-984h
21
reference_url https://access.redhat.com/errata/RHSA-2022:1739
reference_id RHSA-2022:1739
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1739
22
reference_url https://access.redhat.com/errata/RHSA-2022:4914
reference_id RHSA-2022:4914
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4914
23
reference_url https://access.redhat.com/errata/RHSA-2022:5069
reference_id RHSA-2022:5069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5069
24
reference_url https://access.redhat.com/errata/RHSA-2022:5892
reference_id RHSA-2022:5892
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5892
25
reference_url https://access.redhat.com/errata/RHSA-2022:5893
reference_id RHSA-2022:5893
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5893
26
reference_url https://access.redhat.com/errata/RHSA-2022:5894
reference_id RHSA-2022:5894
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5894
27
reference_url https://access.redhat.com/errata/RHSA-2022:5928
reference_id RHSA-2022:5928
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5928
28
reference_url https://access.redhat.com/errata/RHSA-2022:7044
reference_id RHSA-2022:7044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7044
29
reference_url https://access.redhat.com/errata/RHSA-2022:8652
reference_id RHSA-2022:8652
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8652
30
reference_url https://access.redhat.com/errata/RHSA-2022:9073
reference_id RHSA-2022:9073
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:9073
31
reference_url https://access.redhat.com/errata/RHSA-2023:0050
reference_id RHSA-2023:0050
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0050
32
reference_url https://access.redhat.com/errata/RHSA-2023:0321
reference_id RHSA-2023:0321
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0321
33
reference_url https://access.redhat.com/errata/RHSA-2023:0612
reference_id RHSA-2023:0612
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0612
34
reference_url https://access.redhat.com/errata/RHSA-2023:1533
reference_id RHSA-2023:1533
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1533
35
reference_url https://access.redhat.com/errata/RHSA-2023:1742
reference_id RHSA-2023:1742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1742
36
reference_url https://access.redhat.com/errata/RHSA-2025:1747
reference_id RHSA-2025:1747
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1747
fixed_packages
aliases CVE-2021-44906, GHSA-xvch-5gv4-984h
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-turp-dju7-c7fx
22
url VCID-v2pq-1qhm-4qb9
vulnerability_id VCID-v2pq-1qhm-4qb9
summary Multiple vulnerabilities have been found in FasterXML jackson-databind, the worst of which could result in denial of service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42004.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42004.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-42004
reference_id
reference_type
scores
0
value 0.00273
scoring_system epss
scoring_elements 0.50708
published_at 2026-04-04T12:55:00Z
1
value 0.00273
scoring_system epss
scoring_elements 0.50683
published_at 2026-04-02T12:55:00Z
2
value 0.00273
scoring_system epss
scoring_elements 0.5076
published_at 2026-04-16T12:55:00Z
3
value 0.00273
scoring_system epss
scoring_elements 0.50735
published_at 2026-04-12T12:55:00Z
4
value 0.00273
scoring_system epss
scoring_elements 0.50758
published_at 2026-04-11T12:55:00Z
5
value 0.00273
scoring_system epss
scoring_elements 0.50716
published_at 2026-04-09T12:55:00Z
6
value 0.00273
scoring_system epss
scoring_elements 0.50719
published_at 2026-04-13T12:55:00Z
7
value 0.00273
scoring_system epss
scoring_elements 0.50664
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-42004
2
reference_url https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50490
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50490
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36518
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36518
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42003
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42003
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42004
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42004
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://github.com/FasterXML/jackson-databind
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FasterXML/jackson-databind
8
reference_url https://github.com/FasterXML/jackson-databind/commit/063183589218fec19a9293ed2f17ec53ea80ba88
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FasterXML/jackson-databind/commit/063183589218fec19a9293ed2f17ec53ea80ba88
9
reference_url https://github.com/FasterXML/jackson-databind/commit/35de19e7144c4df8ab178b800ba86e80c3d84252
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FasterXML/jackson-databind/commit/35de19e7144c4df8ab178b800ba86e80c3d84252
10
reference_url https://github.com/FasterXML/jackson-databind/commit/cd090979b7ea78c75e4de8a4aed04f7e9fa8deea
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FasterXML/jackson-databind/commit/cd090979b7ea78c75e4de8a4aed04f7e9fa8deea
11
reference_url https://github.com/FasterXML/jackson-databind/issues/3582
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FasterXML/jackson-databind/issues/3582
12
reference_url https://lists.debian.org/debian-lts-announce/2022/11/msg00035.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/11/msg00035.html
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-42004
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-42004
14
reference_url https://security.netapp.com/advisory/ntap-20221118-0008
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20221118-0008
15
reference_url https://www.debian.org/security/2022/dsa-5283
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2022/dsa-5283
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2135247
reference_id 2135247
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2135247
17
reference_url https://github.com/advisories/GHSA-rgv9-q543-rqg4
reference_id GHSA-rgv9-q543-rqg4
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rgv9-q543-rqg4
18
reference_url https://security.gentoo.org/glsa/202210-21
reference_id GLSA-202210-21
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202210-21
19
reference_url https://access.redhat.com/errata/RHSA-2022:7435
reference_id RHSA-2022:7435
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7435
20
reference_url https://access.redhat.com/errata/RHSA-2022:8781
reference_id RHSA-2022:8781
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8781
21
reference_url https://access.redhat.com/errata/RHSA-2022:8876
reference_id RHSA-2022:8876
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8876
22
reference_url https://access.redhat.com/errata/RHSA-2022:8889
reference_id RHSA-2022:8889
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8889
23
reference_url https://access.redhat.com/errata/RHSA-2022:9023
reference_id RHSA-2022:9023
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:9023
24
reference_url https://access.redhat.com/errata/RHSA-2022:9032
reference_id RHSA-2022:9032
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:9032
25
reference_url https://access.redhat.com/errata/RHSA-2023:0189
reference_id RHSA-2023:0189
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0189
26
reference_url https://access.redhat.com/errata/RHSA-2023:0264
reference_id RHSA-2023:0264
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0264
27
reference_url https://access.redhat.com/errata/RHSA-2023:0469
reference_id RHSA-2023:0469
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0469
28
reference_url https://access.redhat.com/errata/RHSA-2023:0471
reference_id RHSA-2023:0471
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0471
29
reference_url https://access.redhat.com/errata/RHSA-2023:0552
reference_id RHSA-2023:0552
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0552
30
reference_url https://access.redhat.com/errata/RHSA-2023:0553
reference_id RHSA-2023:0553
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0553
31
reference_url https://access.redhat.com/errata/RHSA-2023:0554
reference_id RHSA-2023:0554
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0554
32
reference_url https://access.redhat.com/errata/RHSA-2023:0556
reference_id RHSA-2023:0556
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0556
33
reference_url https://access.redhat.com/errata/RHSA-2023:0713
reference_id RHSA-2023:0713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0713
34
reference_url https://access.redhat.com/errata/RHSA-2023:1006
reference_id RHSA-2023:1006
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1006
35
reference_url https://access.redhat.com/errata/RHSA-2023:1064
reference_id RHSA-2023:1064
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1064
36
reference_url https://access.redhat.com/errata/RHSA-2023:2097
reference_id RHSA-2023:2097
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2097
37
reference_url https://access.redhat.com/errata/RHSA-2023:2100
reference_id RHSA-2023:2100
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2100
38
reference_url https://access.redhat.com/errata/RHSA-2023:3223
reference_id RHSA-2023:3223
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3223
39
reference_url https://access.redhat.com/errata/RHSA-2023:3641
reference_id RHSA-2023:3641
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3641
40
reference_url https://access.redhat.com/errata/RHSA-2023:3663
reference_id RHSA-2023:3663
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3663
41
reference_url https://access.redhat.com/errata/RHSA-2025:1746
reference_id RHSA-2025:1746
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1746
42
reference_url https://access.redhat.com/errata/RHSA-2025:1747
reference_id RHSA-2025:1747
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1747
fixed_packages
aliases CVE-2022-42004, GHSA-rgv9-q543-rqg4
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v2pq-1qhm-4qb9
23
url VCID-vfsr-kypp-wbea
vulnerability_id VCID-vfsr-kypp-wbea
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
In Bootstrap, XSS is possible in the data-container property of tooltip.
references
0
reference_url http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14042.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14042.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-14042
reference_id
reference_type
scores
0
value 0.02276
scoring_system epss
scoring_elements 0.84624
published_at 2026-04-04T12:55:00Z
1
value 0.02276
scoring_system epss
scoring_elements 0.8459
published_at 2026-04-01T12:55:00Z
2
value 0.02276
scoring_system epss
scoring_elements 0.84604
published_at 2026-04-02T12:55:00Z
3
value 0.02281
scoring_system epss
scoring_elements 0.84684
published_at 2026-04-12T12:55:00Z
4
value 0.02281
scoring_system epss
scoring_elements 0.84679
published_at 2026-04-13T12:55:00Z
5
value 0.02331
scoring_system epss
scoring_elements 0.84819
published_at 2026-04-08T12:55:00Z
6
value 0.02331
scoring_system epss
scoring_elements 0.84825
published_at 2026-04-09T12:55:00Z
7
value 0.02331
scoring_system epss
scoring_elements 0.84844
published_at 2026-04-11T12:55:00Z
8
value 0.02331
scoring_system epss
scoring_elements 0.84797
published_at 2026-04-07T12:55:00Z
9
value 0.02343
scoring_system epss
scoring_elements 0.84897
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-14042
3
reference_url https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2
4
reference_url https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2/
reference_id
reference_type
scores
url https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2/
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14042
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14042
6
reference_url http://seclists.org/fulldisclosure/2019/May/10
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2019/May/10
7
reference_url http://seclists.org/fulldisclosure/2019/May/11
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2019/May/11
8
reference_url http://seclists.org/fulldisclosure/2019/May/13
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2019/May/13
9
reference_url https://github.com/twbs/bootstrap
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/twbs/bootstrap
10
reference_url https://github.com/twbs/bootstrap/commit/2a5ba23ce8f041f3548317acc992ed8a736b609d
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/twbs/bootstrap/commit/2a5ba23ce8f041f3548317acc992ed8a736b609d
11
reference_url https://github.com/twbs/bootstrap/commit/2d90d369bbc2bd2647620246c55cec8c4705e3d0
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/twbs/bootstrap/commit/2d90d369bbc2bd2647620246c55cec8c4705e3d0
12
reference_url https://github.com/twbs/bootstrap/issues/26423
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/twbs/bootstrap/issues/26423
13
reference_url https://github.com/twbs/bootstrap/issues/26428
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/twbs/bootstrap/issues/26428
14
reference_url https://github.com/twbs/bootstrap/issues/26628
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/twbs/bootstrap/issues/26628
15
reference_url https://github.com/twbs/bootstrap/pull/26630
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/twbs/bootstrap/pull/26630
16
reference_url https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e@%3Cdev.superset.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e@%3Cdev.superset.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e%40%3Cdev.superset.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e%40%3Cdev.superset.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714@%3Cissues.hbase.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714@%3Cissues.hbase.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714%40%3Cissues.hbase.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714%40%3Cissues.hbase.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26@%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26@%3Ccommits.pulsar.apache.org%3E
27
reference_url https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26%40%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26%40%3Ccommits.pulsar.apache.org%3E
28
reference_url https://seclists.org/bugtraq/2019/May/18
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/May/18
29
reference_url https://www.oracle.com/security-alerts/cpuApr2021.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuApr2021.html
30
reference_url https://www.tenable.com/security/tns-2021-14
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.tenable.com/security/tns-2021-14
31
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1601617
reference_id 1601617
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1601617
32
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=907414
reference_id 907414
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=907414
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha:*:*:*:*:*:*
reference_id cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha2:*:*:*:*:*:*
reference_id cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha2:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha3:*:*:*:*:*:*
reference_id cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha3:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha4:*:*:*:*:*:*
reference_id cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha4:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha5:*:*:*:*:*:*
reference_id cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha5:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha5:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha6:*:*:*:*:*:*
reference_id cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha6:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha6:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta:*:*:*:*:*:*
reference_id cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta2:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta3:*:*:*:*:*:*
reference_id cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta3:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-14042
reference_id CVE-2018-14042
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-14042
44
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap/CVE-2018-14042.yml
reference_id CVE-2018-14042.YML
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap/CVE-2018-14042.yml
45
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap-sass/CVE-2018-14042.yml
reference_id CVE-2018-14042.YML
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap-sass/CVE-2018-14042.yml
46
reference_url https://github.com/advisories/GHSA-7mvr-5x2g-wfc8
reference_id GHSA-7mvr-5x2g-wfc8
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7mvr-5x2g-wfc8
47
reference_url https://access.redhat.com/errata/RHSA-2020:3936
reference_id RHSA-2020:3936
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3936
48
reference_url https://access.redhat.com/errata/RHSA-2020:4670
reference_id RHSA-2020:4670
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4670
49
reference_url https://access.redhat.com/errata/RHSA-2020:4847
reference_id RHSA-2020:4847
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4847
50
reference_url https://access.redhat.com/errata/RHSA-2020:5571
reference_id RHSA-2020:5571
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5571
51
reference_url https://access.redhat.com/errata/RHSA-2023:0552
reference_id RHSA-2023:0552
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0552
52
reference_url https://access.redhat.com/errata/RHSA-2023:0553
reference_id RHSA-2023:0553
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0553
53
reference_url https://access.redhat.com/errata/RHSA-2023:0554
reference_id RHSA-2023:0554
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0554
54
reference_url https://access.redhat.com/errata/RHSA-2023:0556
reference_id RHSA-2023:0556
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0556
fixed_packages
aliases CVE-2018-14042, GHSA-7mvr-5x2g-wfc8
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vfsr-kypp-wbea
24
url VCID-wp9q-eurd-43dx
vulnerability_id VCID-wp9q-eurd-43dx
summary 
Jettison Out-of-bounds Write vulnerability
Jettison before v1.5.2 was discovered to contain a stack overflow via the map parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-45693.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-45693.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-45693
reference_id
reference_type
scores
0
value 0.00131
scoring_system epss
scoring_elements 0.32579
published_at 2026-04-13T12:55:00Z
1
value 0.00131
scoring_system epss
scoring_elements 0.32607
published_at 2026-04-12T12:55:00Z
2
value 0.00131
scoring_system epss
scoring_elements 0.32645
published_at 2026-04-11T12:55:00Z
3
value 0.00131
scoring_system epss
scoring_elements 0.32642
published_at 2026-04-09T12:55:00Z
4
value 0.00131
scoring_system epss
scoring_elements 0.32748
published_at 2026-04-04T12:55:00Z
5
value 0.00131
scoring_system epss
scoring_elements 0.32713
published_at 2026-04-02T12:55:00Z
6
value 0.00131
scoring_system epss
scoring_elements 0.32617
published_at 2026-04-08T12:55:00Z
7
value 0.00131
scoring_system epss
scoring_elements 0.32569
published_at 2026-04-07T12:55:00Z
8
value 0.00139
scoring_system epss
scoring_elements 0.3412
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-45693
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40149
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40149
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40150
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40150
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45685
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45685
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45693
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45693
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://github.com/jettison-json/jettison
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jettison-json/jettison
8
reference_url https://github.com/jettison-json/jettison/issues/52
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T14:58:02Z/
url https://github.com/jettison-json/jettison/issues/52
9
reference_url https://lists.debian.org/debian-lts-announce/2022/12/msg00045.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T14:58:02Z/
url https://lists.debian.org/debian-lts-announce/2022/12/msg00045.html
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-45693
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-45693
11
reference_url https://www.debian.org/security/2023/dsa-5312
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T14:58:02Z/
url https://www.debian.org/security/2023/dsa-5312
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2155970
reference_id 2155970
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2155970
13
reference_url https://github.com/advisories/GHSA-grr4-wv38-f68w
reference_id GHSA-grr4-wv38-f68w
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-grr4-wv38-f68w
14
reference_url https://access.redhat.com/errata/RHSA-2023:0544
reference_id RHSA-2023:0544
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0544
15
reference_url https://access.redhat.com/errata/RHSA-2023:0552
reference_id RHSA-2023:0552
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0552
16
reference_url https://access.redhat.com/errata/RHSA-2023:0553
reference_id RHSA-2023:0553
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0553
17
reference_url https://access.redhat.com/errata/RHSA-2023:0554
reference_id RHSA-2023:0554
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0554
18
reference_url https://access.redhat.com/errata/RHSA-2023:0556
reference_id RHSA-2023:0556
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0556
19
reference_url https://access.redhat.com/errata/RHSA-2023:3610
reference_id RHSA-2023:3610
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3610
20
reference_url https://access.redhat.com/errata/RHSA-2024:1027
reference_id RHSA-2024:1027
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1027
21
reference_url https://access.redhat.com/errata/RHSA-2025:1746
reference_id RHSA-2025:1746
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1746
22
reference_url https://access.redhat.com/errata/RHSA-2025:1747
reference_id RHSA-2025:1747
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1747
23
reference_url https://usn.ubuntu.com/6177-1/
reference_id USN-6177-1
reference_type
scores
url https://usn.ubuntu.com/6177-1/
fixed_packages
aliases CVE-2022-45693, GHSA-grr4-wv38-f68w
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wp9q-eurd-43dx
25
url VCID-xy58-u3se-wfdb
vulnerability_id VCID-xy58-u3se-wfdb
summary 
Keycloak vulnerable to user impersonation via stolen UUID code
Keycloak's OpenID Connect user authentication was found to incorrectly authenticate requests. An authenticated attacker who could also obtain a certain piece of info from a user request, from a victim within the same realm, could use that data to impersonate the victim and generate new session tokens.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0264.json
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0264.json
1
reference_url https://access.redhat.com/security/cve/CVE-2023-0264
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2023-0264
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-0264
reference_id
reference_type
scores
0
value 0.03942
scoring_system epss
scoring_elements 0.88358
published_at 2026-04-16T12:55:00Z
1
value 0.03942
scoring_system epss
scoring_elements 0.88299
published_at 2026-04-02T12:55:00Z
2
value 0.03942
scoring_system epss
scoring_elements 0.88313
published_at 2026-04-04T12:55:00Z
3
value 0.03942
scoring_system epss
scoring_elements 0.88317
published_at 2026-04-07T12:55:00Z
4
value 0.03942
scoring_system epss
scoring_elements 0.88337
published_at 2026-04-08T12:55:00Z
5
value 0.03942
scoring_system epss
scoring_elements 0.88343
published_at 2026-04-09T12:55:00Z
6
value 0.03942
scoring_system epss
scoring_elements 0.88353
published_at 2026-04-11T12:55:00Z
7
value 0.03942
scoring_system epss
scoring_elements 0.88345
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-0264
3
reference_url https://github.com/keycloak/keycloak
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak
4
reference_url https://github.com/keycloak/keycloak/commit/ec8109112e67208c13e13f6d1f8706a5a3ba8d4c
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/commit/ec8109112e67208c13e13f6d1f8706a5a3ba8d4c
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-0264
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-0264
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2160585
reference_id 2160585
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2160585
7
reference_url https://github.com/advisories/GHSA-9g98-5mj6-f9mv
reference_id GHSA-9g98-5mj6-f9mv
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9g98-5mj6-f9mv
8
reference_url https://github.com/keycloak/keycloak/security/advisories/GHSA-9g98-5mj6-f9mv
reference_id GHSA-9g98-5mj6-f9mv
reference_type
scores
0
value 8.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/security/advisories/GHSA-9g98-5mj6-f9mv
fixed_packages
aliases CVE-2023-0264, GHSA-9g98-5mj6-f9mv, GMS-2023-573
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xy58-u3se-wfdb
26
url VCID-xzs8-rbhd-mkbp
vulnerability_id VCID-xzs8-rbhd-mkbp
summary 
Apache CXF vulnerable to Exposure of Sensitive Information
A vulnerability in Apache CXF before versions 3.5.5 and 3.4.10 allows an attacker to perform a remote directory listing or code exfiltration. The vulnerability only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, and so the vulnerability can only arise if the CXF service is misconfigured.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46363.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46363.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-46363
reference_id
reference_type
scores
0
value 0.00089
scoring_system epss
scoring_elements 0.25411
published_at 2026-04-02T12:55:00Z
1
value 0.00139
scoring_system epss
scoring_elements 0.34031
published_at 2026-04-12T12:55:00Z
2
value 0.00139
scoring_system epss
scoring_elements 0.34074
published_at 2026-04-11T12:55:00Z
3
value 0.00139
scoring_system epss
scoring_elements 0.34002
published_at 2026-04-07T12:55:00Z
4
value 0.00139
scoring_system epss
scoring_elements 0.34008
published_at 2026-04-13T12:55:00Z
5
value 0.00139
scoring_system epss
scoring_elements 0.34076
published_at 2026-04-09T12:55:00Z
6
value 0.00139
scoring_system epss
scoring_elements 0.34142
published_at 2026-04-04T12:55:00Z
7
value 0.00139
scoring_system epss
scoring_elements 0.34045
published_at 2026-04-08T12:55:00Z
8
value 0.00148
scoring_system epss
scoring_elements 0.35319
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-46363
2
reference_url https://github.com/apache/cxf
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/cxf
3
reference_url https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T02:50:18Z/
url https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-46363
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-46363
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2155681
reference_id 2155681
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2155681
6
reference_url https://github.com/advisories/GHSA-3w37-5p3p-jv92
reference_id GHSA-3w37-5p3p-jv92
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3w37-5p3p-jv92
7
reference_url https://access.redhat.com/errata/RHSA-2023:0483
reference_id RHSA-2023:0483
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0483
8
reference_url https://access.redhat.com/errata/RHSA-2023:0544
reference_id RHSA-2023:0544
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0544
9
reference_url https://access.redhat.com/errata/RHSA-2023:0556
reference_id RHSA-2023:0556
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0556
10
reference_url https://access.redhat.com/errata/RHSA-2023:3641
reference_id RHSA-2023:3641
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3641
11
reference_url https://access.redhat.com/errata/RHSA-2025:1746
reference_id RHSA-2025:1746
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1746
12
reference_url https://access.redhat.com/errata/RHSA-2025:1747
reference_id RHSA-2025:1747
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1747
fixed_packages
aliases CVE-2022-46363, GHSA-3w37-5p3p-jv92
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xzs8-rbhd-mkbp
27
url VCID-y1np-kma2-ayfn
vulnerability_id VCID-y1np-kma2-ayfn
summary 
loader-utils is vulnerable to Regular Expression Denial of Service (ReDoS) via url variable
A Regular expression denial of service (ReDoS) flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the url variable in interpolateName.js. A badly or maliciously formed string could be used to send crafted requests that cause a system to crash or take a disproportional amount of time to process. This issue has been patched in versions 1.4.2, 2.0.4 and 3.2.1.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37603.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37603.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-37603
reference_id
reference_type
scores
0
value 0.01264
scoring_system epss
scoring_elements 0.79399
published_at 2026-04-02T12:55:00Z
1
value 0.01264
scoring_system epss
scoring_elements 0.79422
published_at 2026-04-04T12:55:00Z
2
value 0.01264
scoring_system epss
scoring_elements 0.79409
published_at 2026-04-07T12:55:00Z
3
value 0.01264
scoring_system epss
scoring_elements 0.79436
published_at 2026-04-08T12:55:00Z
4
value 0.01331
scoring_system epss
scoring_elements 0.79951
published_at 2026-04-13T12:55:00Z
5
value 0.01331
scoring_system epss
scoring_elements 0.79979
published_at 2026-04-16T12:55:00Z
6
value 0.01331
scoring_system epss
scoring_elements 0.79956
published_at 2026-04-09T12:55:00Z
7
value 0.01331
scoring_system epss
scoring_elements 0.79959
published_at 2026-04-12T12:55:00Z
8
value 0.01331
scoring_system epss
scoring_elements 0.79976
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-37603
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37603
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37603
3
reference_url https://github.com/webpack/loader-utils
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/webpack/loader-utils
4
reference_url https://github.com/webpack/loader-utils/blob/d9f4e23cf411d8556f8bac2d3bf05a6e0103b568/lib/interpolateName.js#L107
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:51:07Z/
url https://github.com/webpack/loader-utils/blob/d9f4e23cf411d8556f8bac2d3bf05a6e0103b568/lib/interpolateName.js#L107
5
reference_url https://github.com/webpack/loader-utils/blob/d9f4e23cf411d8556f8bac2d3bf05a6e0103b568/lib/interpolateName.js#L38
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:51:07Z/
url https://github.com/webpack/loader-utils/blob/d9f4e23cf411d8556f8bac2d3bf05a6e0103b568/lib/interpolateName.js#L38
6
reference_url https://github.com/webpack/loader-utils/commit/17cbf8fa8989c1cb45bdd2997aa524729475f1fa
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/webpack/loader-utils/commit/17cbf8fa8989c1cb45bdd2997aa524729475f1fa
7
reference_url https://github.com/webpack/loader-utils/commit/ac09944dfacd7c4497ef692894b09e63e09a5eeb
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/webpack/loader-utils/commit/ac09944dfacd7c4497ef692894b09e63e09a5eeb
8
reference_url https://github.com/webpack/loader-utils/commit/d2d752d59629daee38f34b24307221349c490eb1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/webpack/loader-utils/commit/d2d752d59629daee38f34b24307221349c490eb1
9
reference_url https://github.com/webpack/loader-utils/issues/213
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:51:07Z/
url https://github.com/webpack/loader-utils/issues/213
10
reference_url https://github.com/webpack/loader-utils/issues/216
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/webpack/loader-utils/issues/216
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ERN6YE3DS7NBW7UH44SCJBMNC2NWQ7SM
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ERN6YE3DS7NBW7UH44SCJBMNC2NWQ7SM
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ERN6YE3DS7NBW7UH44SCJBMNC2NWQ7SM/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ERN6YE3DS7NBW7UH44SCJBMNC2NWQ7SM/
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAC5KQ2SEWAMQ6UZAUBZ5KXKEOESH375
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAC5KQ2SEWAMQ6UZAUBZ5KXKEOESH375
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAC5KQ2SEWAMQ6UZAUBZ5KXKEOESH375/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAC5KQ2SEWAMQ6UZAUBZ5KXKEOESH375/
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VNV2GNZXOTEDAJRFH3ZYWRUBGIVL7BSU
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VNV2GNZXOTEDAJRFH3ZYWRUBGIVL7BSU
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VNV2GNZXOTEDAJRFH3ZYWRUBGIVL7BSU/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VNV2GNZXOTEDAJRFH3ZYWRUBGIVL7BSU/
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-37603
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-37603
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2140597
reference_id 2140597
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2140597
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ERN6YE3DS7NBW7UH44SCJBMNC2NWQ7SM/
reference_id ERN6YE3DS7NBW7UH44SCJBMNC2NWQ7SM
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:51:07Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ERN6YE3DS7NBW7UH44SCJBMNC2NWQ7SM/
20
reference_url https://github.com/advisories/GHSA-3rfm-jhwj-7488
reference_id GHSA-3rfm-jhwj-7488
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3rfm-jhwj-7488
21
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KAC5KQ2SEWAMQ6UZAUBZ5KXKEOESH375/
reference_id KAC5KQ2SEWAMQ6UZAUBZ5KXKEOESH375
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:51:07Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KAC5KQ2SEWAMQ6UZAUBZ5KXKEOESH375/
22
reference_url https://access.redhat.com/errata/RHSA-2022:8781
reference_id RHSA-2022:8781
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8781
23
reference_url https://access.redhat.com/errata/RHSA-2023:0471
reference_id RHSA-2023:0471
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0471
24
reference_url https://access.redhat.com/errata/RHSA-2023:0713
reference_id RHSA-2023:0713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0713
25
reference_url https://access.redhat.com/errata/RHSA-2023:0934
reference_id RHSA-2023:0934
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0934
26
reference_url https://access.redhat.com/errata/RHSA-2023:1428
reference_id RHSA-2023:1428
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1428
27
reference_url https://access.redhat.com/errata/RHSA-2023:3374
reference_id RHSA-2023:3374
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3374
28
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VNV2GNZXOTEDAJRFH3ZYWRUBGIVL7BSU/
reference_id VNV2GNZXOTEDAJRFH3ZYWRUBGIVL7BSU
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:51:07Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VNV2GNZXOTEDAJRFH3ZYWRUBGIVL7BSU/
fixed_packages
aliases CVE-2022-37603, GHSA-3rfm-jhwj-7488
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y1np-kma2-ayfn
28
url VCID-y3ey-aab7-q3fk
vulnerability_id VCID-y3ey-aab7-q3fk
summary 
Prototype Pollution in JSON5 via Parse Method
The `parse` method of the JSON5 library before and including version `2.2.1` does not restrict parsing of keys named `__proto__`, allowing specially crafted strings to pollute the prototype of the resulting object.

This vulnerability pollutes the prototype of the object returned by `JSON5.parse` and not the global Object prototype, which is the commonly understood definition of Prototype Pollution. However, polluting the prototype of a single object can have significant security impact for an application if the object is later used in trusted operations.

## Impact
This vulnerability could allow an attacker to set arbitrary and unexpected keys on the object returned from `JSON5.parse`. The actual impact will depend on how applications utilize the returned object and how they filter unwanted keys, but could include denial of service, cross-site scripting, elevation of privilege, and in extreme cases, remote code execution.

## Mitigation
This vulnerability is patched in json5 v2.2.2 and later. A patch has also been backported for json5 v1 in versions v1.0.2 and later.

## Details
 
Suppose a developer wants to allow users and admins to perform some risky operation, but they want to restrict what non-admins can do. To accomplish this, they accept a JSON blob from the user, parse it using `JSON5.parse`, confirm that the provided data does not set some sensitive keys, and then performs the risky operation using the validated data:
 
```js
const JSON5 = require('json5');

const doSomethingDangerous = (props) => {
  if (props.isAdmin) {
    console.log('Doing dangerous thing as admin.');
  } else {
    console.log('Doing dangerous thing as user.');
  }
};

const secCheckKeysSet = (obj, searchKeys) => {
  let searchKeyFound = false;
  Object.keys(obj).forEach((key) => {
    if (searchKeys.indexOf(key) > -1) {
      searchKeyFound = true;
    }
  });
  return searchKeyFound;
};

const props = JSON5.parse('{"foo": "bar"}');
if (!secCheckKeysSet(props, ['isAdmin', 'isMod'])) {
  doSomethingDangerous(props); // "Doing dangerous thing as user."
} else {
  throw new Error('Forbidden...');
}
```
 
If the user attempts to set the `isAdmin` key, their request will be rejected:
 
```js
const props = JSON5.parse('{"foo": "bar", "isAdmin": true}');
if (!secCheckKeysSet(props, ['isAdmin', 'isMod'])) {
  doSomethingDangerous(props);
} else {
  throw new Error('Forbidden...'); // Error: Forbidden...
}
```
 
However, users can instead set the `__proto__` key to `{"isAdmin": true}`. `JSON5` will parse this key and will set the `isAdmin` key on the prototype of the returned object, allowing the user to bypass the security check and run their request as an admin:
 
```js
const props = JSON5.parse('{"foo": "bar", "__proto__": {"isAdmin": true}}');
if (!secCheckKeysSet(props, ['isAdmin', 'isMod'])) {
  doSomethingDangerous(props); // "Doing dangerous thing as admin."
} else {
  throw new Error('Forbidden...');
}
 ```
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46175.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46175.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-46175
reference_id
reference_type
scores
0
value 0.46501
scoring_system epss
scoring_elements 0.97664
published_at 2026-04-16T12:55:00Z
1
value 0.46501
scoring_system epss
scoring_elements 0.97656
published_at 2026-04-13T12:55:00Z
2
value 0.46501
scoring_system epss
scoring_elements 0.97653
published_at 2026-04-11T12:55:00Z
3
value 0.46501
scoring_system epss
scoring_elements 0.97651
published_at 2026-04-09T12:55:00Z
4
value 0.46501
scoring_system epss
scoring_elements 0.97644
published_at 2026-04-07T12:55:00Z
5
value 0.46501
scoring_system epss
scoring_elements 0.97643
published_at 2026-04-04T12:55:00Z
6
value 0.46501
scoring_system epss
scoring_elements 0.97641
published_at 2026-04-02T12:55:00Z
7
value 0.46501
scoring_system epss
scoring_elements 0.97649
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-46175
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46175
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46175
3
reference_url https://github.com/json5/json5
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/json5/json5
4
reference_url https://github.com/json5/json5/commit/62a65408408d40aeea14c7869ed327acead12972
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/json5/json5/commit/62a65408408d40aeea14c7869ed327acead12972
5
reference_url https://github.com/json5/json5/commit/7774c1097993bc3ce9f0ac4b722a32bf7d6871c8
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/json5/json5/commit/7774c1097993bc3ce9f0ac4b722a32bf7d6871c8
6
reference_url https://github.com/json5/json5/issues/199
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/json5/json5/issues/199
7
reference_url https://github.com/json5/json5/issues/295
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/json5/json5/issues/295
8
reference_url https://github.com/json5/json5/pull/298
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/json5/json5/pull/298
9
reference_url https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h
10
reference_url https://lists.debian.org/debian-lts-announce/2023/11/msg00021.html
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2023/11/msg00021.html
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3S26TLPLVFAJTUN3VIXFDEBEXDYO22CE
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3S26TLPLVFAJTUN3VIXFDEBEXDYO22CE
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-46175
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-46175
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027145
reference_id 1027145
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027145
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2156263
reference_id 2156263
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2156263
15
reference_url https://github.com/advisories/GHSA-9c47-m6qq-7p4h
reference_id GHSA-9c47-m6qq-7p4h
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9c47-m6qq-7p4h
16
reference_url https://access.redhat.com/errata/RHSA-2023:0634
reference_id RHSA-2023:0634
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0634
17
reference_url https://access.redhat.com/errata/RHSA-2023:0934
reference_id RHSA-2023:0934
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0934
18
reference_url https://access.redhat.com/errata/RHSA-2023:1428
reference_id RHSA-2023:1428
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1428
19
reference_url https://access.redhat.com/errata/RHSA-2023:3742
reference_id RHSA-2023:3742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3742
20
reference_url https://access.redhat.com/errata/RHSA-2024:4631
reference_id RHSA-2024:4631
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4631
21
reference_url https://usn.ubuntu.com/6758-1/
reference_id USN-6758-1
reference_type
scores
url https://usn.ubuntu.com/6758-1/
fixed_packages
aliases CVE-2022-46175, GHSA-9c47-m6qq-7p4h
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y3ey-aab7-q3fk
29
url VCID-y8up-mkx2-abcn
vulnerability_id VCID-y8up-mkx2-abcn
summary 
Apache CXF Server-Side Request Forgery vulnerability
A SSRF vulnerability in parsing the href attribute of XOP:Include in MTOM requests in versions of Apache CXF before 3.5.5 and 3.4.10 allows an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46364.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46364.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-46364
reference_id
reference_type
scores
0
value 0.00118
scoring_system epss
scoring_elements 0.30863
published_at 2026-04-02T12:55:00Z
1
value 0.00118
scoring_system epss
scoring_elements 0.3082
published_at 2026-04-09T12:55:00Z
2
value 0.00118
scoring_system epss
scoring_elements 0.30788
published_at 2026-04-08T12:55:00Z
3
value 0.00118
scoring_system epss
scoring_elements 0.30729
published_at 2026-04-07T12:55:00Z
4
value 0.00118
scoring_system epss
scoring_elements 0.30909
published_at 2026-04-04T12:55:00Z
5
value 0.00135
scoring_system epss
scoring_elements 0.33218
published_at 2026-04-16T12:55:00Z
6
value 0.00135
scoring_system epss
scoring_elements 0.33241
published_at 2026-04-11T12:55:00Z
7
value 0.00135
scoring_system epss
scoring_elements 0.33201
published_at 2026-04-12T12:55:00Z
8
value 0.00135
scoring_system epss
scoring_elements 0.33177
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-46364
2
reference_url https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1&modificationDate=1670944472739&api=v2
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-22T02:48:12Z/
url https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1&modificationDate=1670944472739&api=v2
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-46364
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-46364
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2155682
reference_id 2155682
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2155682
5
reference_url https://github.com/advisories/GHSA-x3x3-qwjq-8gj4
reference_id GHSA-x3x3-qwjq-8gj4
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x3x3-qwjq-8gj4
6
reference_url https://access.redhat.com/errata/RHSA-2023:0163
reference_id RHSA-2023:0163
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0163
7
reference_url https://access.redhat.com/errata/RHSA-2023:0164
reference_id RHSA-2023:0164
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0164
8
reference_url https://access.redhat.com/errata/RHSA-2023:0483
reference_id RHSA-2023:0483
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0483
9
reference_url https://access.redhat.com/errata/RHSA-2023:0544
reference_id RHSA-2023:0544
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0544
10
reference_url https://access.redhat.com/errata/RHSA-2023:0556
reference_id RHSA-2023:0556
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0556
11
reference_url https://access.redhat.com/errata/RHSA-2023:1285
reference_id RHSA-2023:1285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1285
12
reference_url https://access.redhat.com/errata/RHSA-2023:1286
reference_id RHSA-2023:1286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1286
13
reference_url https://access.redhat.com/errata/RHSA-2023:2041
reference_id RHSA-2023:2041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2041
14
reference_url https://access.redhat.com/errata/RHSA-2023:3641
reference_id RHSA-2023:3641
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3641
fixed_packages
aliases CVE-2022-46364, GHSA-x3x3-qwjq-8gj4
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y8up-mkx2-abcn
30
url VCID-y9aa-2a31-ufa7
vulnerability_id VCID-y9aa-2a31-ufa7
summary 
glob-parent 6.0.0 vulnerable to Regular Expression Denial of Service
glob-parent 6.0.0 is vulnerable to Regular Expression Denial of Service (ReDoS). This issue is fixed in version 6.0.1.

This vulnerability is separate from [GHSA-ww39-953v-wcq6](https://github.com/advisories/GHSA-ww39-953v-wcq6).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35065.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35065.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-35065
reference_id
reference_type
scores
0
value 0.00431
scoring_system epss
scoring_elements 0.62599
published_at 2026-04-04T12:55:00Z
1
value 0.00431
scoring_system epss
scoring_elements 0.62567
published_at 2026-04-02T12:55:00Z
2
value 0.00431
scoring_system epss
scoring_elements 0.62509
published_at 2026-04-01T12:55:00Z
3
value 0.00624
scoring_system epss
scoring_elements 0.70175
published_at 2026-04-11T12:55:00Z
4
value 0.00624
scoring_system epss
scoring_elements 0.70152
published_at 2026-04-09T12:55:00Z
5
value 0.00624
scoring_system epss
scoring_elements 0.70089
published_at 2026-04-07T12:55:00Z
6
value 0.00624
scoring_system epss
scoring_elements 0.70136
published_at 2026-04-08T12:55:00Z
7
value 0.00624
scoring_system epss
scoring_elements 0.70191
published_at 2026-04-16T12:55:00Z
8
value 0.00624
scoring_system epss
scoring_elements 0.70148
published_at 2026-04-13T12:55:00Z
9
value 0.00624
scoring_system epss
scoring_elements 0.70161
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-35065
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35065
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35065
3
reference_url https://github.com/gulpjs/glob-parent
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/gulpjs/glob-parent
4
reference_url https://github.com/gulpjs/glob-parent/commit/32f6d52663b7addac38d0dff570d8127edf03f47
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/gulpjs/glob-parent/commit/32f6d52663b7addac38d0dff570d8127edf03f47
5
reference_url https://github.com/gulpjs/glob-parent/commit/3e9f04a3b4349db7e1962d87c9a7398cda51f339
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:52:03Z/
url https://github.com/gulpjs/glob-parent/commit/3e9f04a3b4349db7e1962d87c9a7398cda51f339
6
reference_url https://github.com/gulpjs/glob-parent/pull/36
reference_id
reference_type
scores
url https://github.com/gulpjs/glob-parent/pull/36
7
reference_url https://github.com/gulpjs/glob-parent/pull/49
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:52:03Z/
url https://github.com/gulpjs/glob-parent/pull/49
8
reference_url https://github.com/gulpjs/glob-parent/releases/tag/v5.1.2
reference_id
reference_type
scores
url https://github.com/gulpjs/glob-parent/releases/tag/v5.1.2
9
reference_url https://github.com/gulpjs/glob-parent/releases/tag/v6.0.1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/gulpjs/glob-parent/releases/tag/v6.0.1
10
reference_url https://github.com/opensearch-project/OpenSearch-Dashboards/issues/1103
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/opensearch-project/OpenSearch-Dashboards/issues/1103
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-35065
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-35065
12
reference_url https://security.netapp.com/advisory/ntap-20230214-0010
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20230214-0010
13
reference_url https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:52:03Z/
url https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294
14
reference_url https://www.mend.io/vulnerability-database/CVE-2021-35065
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.mend.io/vulnerability-database/CVE-2021-35065
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2156324
reference_id 2156324
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2156324
16
reference_url https://github.com/advisories/GHSA-cj88-88mr-972w
reference_id GHSA-cj88-88mr-972w
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cj88-88mr-972w
17
reference_url https://access.redhat.com/errata/RHSA-2023:0612
reference_id RHSA-2023:0612
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0612
18
reference_url https://access.redhat.com/errata/RHSA-2023:0634
reference_id RHSA-2023:0634
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0634
19
reference_url https://access.redhat.com/errata/RHSA-2023:0934
reference_id RHSA-2023:0934
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0934
20
reference_url https://access.redhat.com/errata/RHSA-2023:1533
reference_id RHSA-2023:1533
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1533
21
reference_url https://access.redhat.com/errata/RHSA-2023:1582
reference_id RHSA-2023:1582
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1582
22
reference_url https://access.redhat.com/errata/RHSA-2023:1583
reference_id RHSA-2023:1583
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1583
23
reference_url https://access.redhat.com/errata/RHSA-2023:1742
reference_id RHSA-2023:1742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1742
24
reference_url https://access.redhat.com/errata/RHSA-2023:1743
reference_id RHSA-2023:1743
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1743
25
reference_url https://access.redhat.com/errata/RHSA-2023:2654
reference_id RHSA-2023:2654
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2654
26
reference_url https://access.redhat.com/errata/RHSA-2023:2655
reference_id RHSA-2023:2655
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2655
fixed_packages
aliases CVE-2021-35065, GHSA-cj88-88mr-972w, GMS-2022-3113
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y9aa-2a31-ufa7
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1%3Farch=el7sso