Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/eap7-netty@4.1.86-1.Final_redhat_00001.1?arch=el7eap

Type rpm

Namespace redhat

Name eap7-netty

Version 4.1.86-1.Final_redhat_00001.1

Qualifiers

arch	el7eap

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-4s4f-emvn-9bhh

vulnerability_id

VCID-4s4f-emvn-9bhh

summary

Apache James MIME4J vulnerable to information disclosure to local users
Unproper laxist permissions on the temporary files used by MIME4J TempFileStorageProvider may lead to information disclosure to other local users. This issue affects Apache James MIME4J version 0.8.8 and prior versions. We recommend users to upgrade to MIME4j version 0.8.9 or later.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-45787.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-45787.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-45787

reference_id

reference_type

scores

value	9e-05
scoring_system	epss
scoring_elements	0.00892
published_at	2026-04-26T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00889
published_at	2026-04-29T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00888
published_at	2026-04-21T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00836
published_at	2026-04-16T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00835
published_at	2026-04-12T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00841
published_at	2026-04-18T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.0085
published_at	2026-04-09T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00853
published_at	2026-04-08T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00848
published_at	2026-04-07T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00847
published_at	2026-04-04T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00846
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-45787

reference_url

https://github.com/apache/james-mime4j

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/james-mime4j

reference_url

https://github.com/apache/james-mime4j/blob/master/CHANGELOG.md#089---2022-12-30

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/james-mime4j/blob/master/CHANGELOG.md#089---2022-12-30

reference_url

https://github.com/apache/james-mime4j/commit/021eb79ba312fe5a7f99fa867ee5350aa5533069

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/james-mime4j/commit/021eb79ba312fe5a7f99fa867ee5350aa5533069

reference_url

https://issues.apache.org/jira/browse/MIME4J-322

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://issues.apache.org/jira/browse/MIME4J-322

reference_url

https://lists.apache.org/thread/26s8p9stl1z261c4qw15bsq03tt7t0rj

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-09T19:31:06Z/

url

https://lists.apache.org/thread/26s8p9stl1z261c4qw15bsq03tt7t0rj

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-45787

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-45787

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2158916
reference_id	2158916
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2158916

reference_url

https://github.com/advisories/GHSA-q84x-3476-8ff2

reference_id

GHSA-q84x-3476-8ff2

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-q84x-3476-8ff2

reference_url	https://access.redhat.com/errata/RHSA-2023:2705
reference_id	RHSA-2023:2705
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2705

reference_url	https://access.redhat.com/errata/RHSA-2023:2706
reference_id	RHSA-2023:2706
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2706

reference_url	https://access.redhat.com/errata/RHSA-2023:2707
reference_id	RHSA-2023:2707
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2707

reference_url	https://access.redhat.com/errata/RHSA-2023:2710
reference_id	RHSA-2023:2710
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2710

reference_url	https://access.redhat.com/errata/RHSA-2023:2713
reference_id	RHSA-2023:2713
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2713

reference_url	https://access.redhat.com/errata/RHSA-2023:3815
reference_id	RHSA-2023:3815
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3815

fixed_packages

aliases

CVE-2022-45787, GHSA-q84x-3476-8ff2

risk_score

3.1

exploitability

0.5

weighted_severity

6.2

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-4s4f-emvn-9bhh

url

VCID-knw5-d2nn-vyhq

vulnerability_id

VCID-knw5-d2nn-vyhq

summary

HyperSQL DataBase vulnerable to remote code execution when processing untrusted input
Those using `java.sql.Statement` or `java.sql.PreparedStatement` in hsqldb (HyperSQL DataBase) to process untrusted input may be vulnerable to a remote code execution attack. By default it is allowed to call any static method of any Java class in the classpath resulting in code execution. The issue can be prevented by updating to 2.7.1 or by setting the system property "hsqldb.method_class_names" to classes which are allowed to be called. For example, `System.setProperty("hsqldb.method_class_names", "abc")` or Java argument `-Dhsqldb.method_class_names="abc"` can be used. From version 2.7.1 all classes by default are not accessible except those in `java.lang.Math` and need to be manually enabled.

references

reference_url

http://hsqldb.org/doc/2.0/guide/sqlroutines-chapt.html#src_jrt_access_control

reference_id

reference_type

scores

value	8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-21T13:37:02Z/

url

http://hsqldb.org/doc/2.0/guide/sqlroutines-chapt.html#src_jrt_access_control

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41853.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41853.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-41853

reference_id

reference_type

scores

value	0.70144
scoring_system	epss
scoring_elements	0.98689
published_at	2026-04-29T12:55:00Z

value	0.70144
scoring_system	epss
scoring_elements	0.98666
published_at	2026-04-02T12:55:00Z

value	0.70144
scoring_system	epss
scoring_elements	0.98669
published_at	2026-04-04T12:55:00Z

value	0.70144
scoring_system	epss
scoring_elements	0.98672
published_at	2026-04-07T12:55:00Z

value	0.70144
scoring_system	epss
scoring_elements	0.98673
published_at	2026-04-08T12:55:00Z

value	0.70144
scoring_system	epss
scoring_elements	0.98674
published_at	2026-04-09T12:55:00Z

value	0.70144
scoring_system	epss
scoring_elements	0.98676
published_at	2026-04-11T12:55:00Z

value	0.70144
scoring_system	epss
scoring_elements	0.98677
published_at	2026-04-12T12:55:00Z

value	0.70144
scoring_system	epss
scoring_elements	0.98678
published_at	2026-04-13T12:55:00Z

value	0.70144
scoring_system	epss
scoring_elements	0.98681
published_at	2026-04-16T12:55:00Z

value	0.70144
scoring_system	epss
scoring_elements	0.98682
published_at	2026-04-18T12:55:00Z

value	0.70144
scoring_system	epss
scoring_elements	0.98683
published_at	2026-04-21T12:55:00Z

value	0.70144
scoring_system	epss
scoring_elements	0.98687
published_at	2026-04-24T12:55:00Z

value	0.70144
scoring_system	epss
scoring_elements	0.98688
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-41853

reference_url

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50212#c7

reference_id

reference_type

scores

value	8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-21T13:37:02Z/

url

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50212#c7

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41853
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41853

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://lists.debian.org/debian-lts-announce/2022/12/msg00020.html

reference_id

reference_type

scores

value	8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-21T13:37:02Z/

url

https://lists.debian.org/debian-lts-announce/2022/12/msg00020.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-41853

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-41853

reference_url

https://sourceforge.net/projects/hsqldb

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://sourceforge.net/projects/hsqldb

reference_url

https://www.debian.org/security/2023/dsa-5313

reference_id

reference_type

scores

value	8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-21T13:37:02Z/

url

https://www.debian.org/security/2023/dsa-5313

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023573
reference_id	1023573
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023573

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2136141
reference_id	2136141
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2136141

reference_url

https://github.com/advisories/GHSA-77xx-rxvh-q682

reference_id

GHSA-77xx-rxvh-q682

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-77xx-rxvh-q682

reference_url	https://access.redhat.com/errata/RHSA-2022:8559
reference_id	RHSA-2022:8559
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8559

reference_url	https://access.redhat.com/errata/RHSA-2022:8560
reference_id	RHSA-2022:8560
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8560

reference_url	https://access.redhat.com/errata/RHSA-2022:8652
reference_id	RHSA-2022:8652
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8652

reference_url	https://access.redhat.com/errata/RHSA-2023:2100
reference_id	RHSA-2023:2100
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2100

fixed_packages

aliases

CVE-2022-41853, GHSA-77xx-rxvh-q682

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-knw5-d2nn-vyhq

url

VCID-qruf-r6dc-3ugj

vulnerability_id

VCID-qruf-r6dc-3ugj

summary

HAProxyMessageDecoder Stack Exhaustion DoS
### Impact
A StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion.

### Patches
Users should upgrade to 4.1.86.Final.

### Workarounds
There is no workaround, except using a custom HaProxyMessageDecoder.

### References
When parsing a TLV with type = PP2_TYPE_SSL, the value can be again a TLV with type = PP2_TYPE_SSL and so on.
The only limitation of the recursion is that the TLV length cannot be bigger than 0xffff because it is encoded in an unsigned short type.
Providing a TLV with a nesting level that is large enough will lead to raising of a StackOverflowError.
The StackOverflowError will be caught if HAProxyMessageDecoder is used as part of Netty’s ChannelPipeline, but using it directly without the ChannelPipeline will lead to a thrown exception / crash.


### For more information
If you have any questions or comments about this advisory:
* Open an issue in [netty](https://github.com/netty/netty)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41881.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41881.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-41881

reference_id

reference_type

scores

value	0.00138
scoring_system	epss
scoring_elements	0.33412
published_at	2026-04-26T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33431
published_at	2026-04-24T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33795
published_at	2026-04-21T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33827
published_at	2026-04-18T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.3384
published_at	2026-04-16T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33802
published_at	2026-04-13T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33826
published_at	2026-04-12T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33868
published_at	2026-04-11T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.3387
published_at	2026-04-09T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33838
published_at	2026-04-08T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33942
published_at	2026-04-04T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33796
published_at	2026-04-07T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33911
published_at	2026-04-02T12:55:00Z

value	0.00448
scoring_system	epss
scoring_elements	0.63589
published_at	2026-04-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-41881

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37136
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37136

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37137
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37137

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41881
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41881

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41915
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41915

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/netty/netty

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/netty/netty

reference_url

https://github.com/netty/netty/security/advisories/GHSA-fx2c-96vj-985v

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/netty/netty/security/advisories/GHSA-fx2c-96vj-985v

reference_url

https://lists.debian.org/debian-lts-announce/2023/01/msg00008.html

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2023/01/msg00008.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-41881

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-41881

reference_url

https://security.netapp.com/advisory/ntap-20230113-0004

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20230113-0004

reference_url	https://security.netapp.com/advisory/ntap-20230113-0004/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20230113-0004/

reference_url

https://www.debian.org/security/2023/dsa-5316

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.debian.org/security/2023/dsa-5316

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027180
reference_id	1027180
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027180

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2153379
reference_id	2153379
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2153379

reference_url

https://github.com/advisories/GHSA-fx2c-96vj-985v

reference_id

GHSA-fx2c-96vj-985v

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-fx2c-96vj-985v

reference_url	https://access.redhat.com/errata/RHSA-2023:0577
reference_id	RHSA-2023:0577
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0577

reference_url	https://access.redhat.com/errata/RHSA-2023:0713
reference_id	RHSA-2023:0713
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0713

reference_url	https://access.redhat.com/errata/RHSA-2023:0758
reference_id	RHSA-2023:0758
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0758

reference_url	https://access.redhat.com/errata/RHSA-2023:0888
reference_id	RHSA-2023:0888
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0888

reference_url	https://access.redhat.com/errata/RHSA-2023:2100
reference_id	RHSA-2023:2100
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2100

reference_url	https://access.redhat.com/errata/RHSA-2023:2705
reference_id	RHSA-2023:2705
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2705

reference_url	https://access.redhat.com/errata/RHSA-2023:2706
reference_id	RHSA-2023:2706
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2706

reference_url	https://access.redhat.com/errata/RHSA-2023:2707
reference_id	RHSA-2023:2707
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2707

reference_url	https://access.redhat.com/errata/RHSA-2023:2710
reference_id	RHSA-2023:2710
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2710

reference_url	https://access.redhat.com/errata/RHSA-2023:2713
reference_id	RHSA-2023:2713
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2713

reference_url	https://access.redhat.com/errata/RHSA-2023:3373
reference_id	RHSA-2023:3373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3373

reference_url	https://access.redhat.com/errata/RHSA-2023:3374
reference_id	RHSA-2023:3374
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3374

reference_url	https://access.redhat.com/errata/RHSA-2023:4627
reference_id	RHSA-2023:4627
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4627

reference_url	https://access.redhat.com/errata/RHSA-2025:1746
reference_id	RHSA-2025:1746
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:1746

reference_url	https://access.redhat.com/errata/RHSA-2025:1747
reference_id	RHSA-2025:1747
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:1747

reference_url	https://usn.ubuntu.com/6049-1/
reference_id	USN-6049-1
reference_type
scores
url	https://usn.ubuntu.com/6049-1/

fixed_packages

aliases

CVE-2022-41881, GHSA-fx2c-96vj-985v

risk_score

3.4

exploitability

0.5

weighted_severity

6.8

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-qruf-r6dc-3ugj

Fixing_vulnerabilities

Risk_score 4.5

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-netty@4.1.86-1.Final_redhat_00001.1%3Farch=el7eap

Package Instance