Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/eap7-hal-console@3.2.18-1.Final_redhat_00001.1?arch=el7eap
Typerpm
Namespaceredhat
Nameeap7-hal-console
Version3.2.18-1.Final_redhat_00001.1
Qualifiers
arch el7eap
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-e3vc-jpft-gye7
vulnerability_id VCID-e3vc-jpft-gye7
summary 
XNIO `notifyReadClosed` method logging message to unexpected end
A flaw was found in XNIO, specifically in the `notifyReadClosed` method. The issue revealed this method was logging a message to another expected end. This flaw allows an attacker to send flawed requests to a server, possibly causing log contention-related performance concerns or an unwanted disk fill-up. A fix for this issue is available on the `3.x` branch of the repository.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0084.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0084.json
1
reference_url https://access.redhat.com/security/cve/CVE-2022-0084
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2022-0084
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-0084
reference_id
reference_type
scores
0
value 0.00465
scoring_system epss
scoring_elements 0.64386
published_at 2026-04-18T12:55:00Z
1
value 0.00465
scoring_system epss
scoring_elements 0.64374
published_at 2026-04-16T12:55:00Z
2
value 0.00465
scoring_system epss
scoring_elements 0.64338
published_at 2026-04-13T12:55:00Z
3
value 0.00465
scoring_system epss
scoring_elements 0.64379
published_at 2026-04-11T12:55:00Z
4
value 0.00465
scoring_system epss
scoring_elements 0.64367
published_at 2026-04-12T12:55:00Z
5
value 0.00465
scoring_system epss
scoring_elements 0.64346
published_at 2026-04-04T12:55:00Z
6
value 0.00465
scoring_system epss
scoring_elements 0.64397
published_at 2026-04-24T12:55:00Z
7
value 0.00465
scoring_system epss
scoring_elements 0.64377
published_at 2026-04-21T12:55:00Z
8
value 0.00465
scoring_system epss
scoring_elements 0.64318
published_at 2026-04-02T12:55:00Z
9
value 0.00465
scoring_system epss
scoring_elements 0.64304
published_at 2026-04-07T12:55:00Z
10
value 0.00465
scoring_system epss
scoring_elements 0.64352
published_at 2026-04-08T12:55:00Z
11
value 0.00465
scoring_system epss
scoring_elements 0.64261
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-0084
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2064226
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=2064226
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0084
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0084
5
reference_url https://github.com/xnio/xnio
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/xnio/xnio
6
reference_url https://github.com/xnio/xnio/commit/fdefb3b8b715d33387cadc4d48991fb1989b0c12
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/xnio/xnio/commit/fdefb3b8b715d33387cadc4d48991fb1989b0c12
7
reference_url https://github.com/xnio/xnio/pull/291
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/xnio/xnio/pull/291
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-0084
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-0084
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013280
reference_id 1013280
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013280
10
reference_url https://github.com/advisories/GHSA-76fg-mhrg-fmmg
reference_id GHSA-76fg-mhrg-fmmg
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-76fg-mhrg-fmmg
11
reference_url https://access.redhat.com/errata/RHSA-2022:2232
reference_id RHSA-2022:2232
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:2232
12
reference_url https://access.redhat.com/errata/RHSA-2022:4918
reference_id RHSA-2022:4918
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4918
13
reference_url https://access.redhat.com/errata/RHSA-2022:4919
reference_id RHSA-2022:4919
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4919
14
reference_url https://access.redhat.com/errata/RHSA-2022:4922
reference_id RHSA-2022:4922
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4922
15
reference_url https://access.redhat.com/errata/RHSA-2022:5532
reference_id RHSA-2022:5532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5532
16
reference_url https://access.redhat.com/errata/RHSA-2022:6782
reference_id RHSA-2022:6782
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6782
17
reference_url https://access.redhat.com/errata/RHSA-2022:6783
reference_id RHSA-2022:6783
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6783
18
reference_url https://access.redhat.com/errata/RHSA-2022:6787
reference_id RHSA-2022:6787
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6787
19
reference_url https://access.redhat.com/errata/RHSA-2022:7409
reference_id RHSA-2022:7409
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7409
20
reference_url https://access.redhat.com/errata/RHSA-2022:7410
reference_id RHSA-2022:7410
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7410
21
reference_url https://access.redhat.com/errata/RHSA-2022:7411
reference_id RHSA-2022:7411
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7411
22
reference_url https://access.redhat.com/errata/RHSA-2022:7417
reference_id RHSA-2022:7417
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7417
23
reference_url https://access.redhat.com/errata/RHSA-2025:4437
reference_id RHSA-2025:4437
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4437
fixed_packages
aliases CVE-2022-0084, GHSA-76fg-mhrg-fmmg
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e3vc-jpft-gye7
1
url VCID-hqzr-vc5w-9ff5
vulnerability_id VCID-hqzr-vc5w-9ff5
summary 
Denial of Service due to parser crash
Those using FasterXML/woodstox to seralize XML data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack.

This vulnerability is only relevant for users making use of the DTD parsing functionality.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40152.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40152.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-40152
reference_id
reference_type
scores
0
value 0.00803
scoring_system epss
scoring_elements 0.74176
published_at 2026-04-24T12:55:00Z
1
value 0.00803
scoring_system epss
scoring_elements 0.7414
published_at 2026-04-21T12:55:00Z
2
value 0.00803
scoring_system epss
scoring_elements 0.7415
published_at 2026-04-18T12:55:00Z
3
value 0.00803
scoring_system epss
scoring_elements 0.74141
published_at 2026-04-16T12:55:00Z
4
value 0.00803
scoring_system epss
scoring_elements 0.74102
published_at 2026-04-13T12:55:00Z
5
value 0.00803
scoring_system epss
scoring_elements 0.74109
published_at 2026-04-12T12:55:00Z
6
value 0.00803
scoring_system epss
scoring_elements 0.74126
published_at 2026-04-11T12:55:00Z
7
value 0.00803
scoring_system epss
scoring_elements 0.74105
published_at 2026-04-09T12:55:00Z
8
value 0.00803
scoring_system epss
scoring_elements 0.7409
published_at 2026-04-08T12:55:00Z
9
value 0.00803
scoring_system epss
scoring_elements 0.7406
published_at 2026-04-02T12:55:00Z
10
value 0.00803
scoring_system epss
scoring_elements 0.74057
published_at 2026-04-07T12:55:00Z
11
value 0.00803
scoring_system epss
scoring_elements 0.74086
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-40152
2
reference_url https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47434
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:39:21Z/
url https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47434
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40152
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40152
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/FasterXML/woodstox
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FasterXML/woodstox
6
reference_url https://github.com/FasterXML/woodstox/issues/157
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FasterXML/woodstox/issues/157
7
reference_url https://github.com/FasterXML/woodstox/issues/160
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FasterXML/woodstox/issues/160
8
reference_url https://github.com/FasterXML/woodstox/pull/159
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FasterXML/woodstox/pull/159
9
reference_url https://github.com/x-stream/xstream/issues/304
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:39:21Z/
url https://github.com/x-stream/xstream/issues/304
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-40152
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-40152
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032089
reference_id 1032089
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032089
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2134291
reference_id 2134291
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2134291
13
reference_url https://github.com/advisories/GHSA-3f7h-mf4q-vrm4
reference_id GHSA-3f7h-mf4q-vrm4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3f7h-mf4q-vrm4
14
reference_url https://access.redhat.com/errata/RHSA-2023:0469
reference_id RHSA-2023:0469
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0469
15
reference_url https://access.redhat.com/errata/RHSA-2023:0552
reference_id RHSA-2023:0552
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0552
16
reference_url https://access.redhat.com/errata/RHSA-2023:0553
reference_id RHSA-2023:0553
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0553
17
reference_url https://access.redhat.com/errata/RHSA-2023:0554
reference_id RHSA-2023:0554
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0554
18
reference_url https://access.redhat.com/errata/RHSA-2023:0556
reference_id RHSA-2023:0556
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0556
19
reference_url https://access.redhat.com/errata/RHSA-2023:2100
reference_id RHSA-2023:2100
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2100
20
reference_url https://access.redhat.com/errata/RHSA-2023:3299
reference_id RHSA-2023:3299
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3299
21
reference_url https://access.redhat.com/errata/RHSA-2023:3641
reference_id RHSA-2023:3641
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3641
22
reference_url https://access.redhat.com/errata/RHSA-2023:3815
reference_id RHSA-2023:3815
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3815
23
reference_url https://access.redhat.com/errata/RHSA-2023:4983
reference_id RHSA-2023:4983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4983
24
reference_url https://access.redhat.com/errata/RHSA-2025:4437
reference_id RHSA-2025:4437
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4437
fixed_packages
aliases CVE-2022-40152, GHSA-3f7h-mf4q-vrm4
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hqzr-vc5w-9ff5
2
url VCID-kexn-gjxj-uudm
vulnerability_id VCID-kexn-gjxj-uudm
summary 
Path Traversal: 'dir/../../filename' in moment.locale
This vulnerability impacts npm (server) users of moment.js, especially if user provided locale string, eg `fr` is directly used to switch moment locale.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24785.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24785.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-24785
reference_id
reference_type
scores
0
value 0.02256
scoring_system epss
scoring_elements 0.84651
published_at 2026-04-24T12:55:00Z
1
value 0.02256
scoring_system epss
scoring_elements 0.84592
published_at 2026-04-09T12:55:00Z
2
value 0.02256
scoring_system epss
scoring_elements 0.84611
published_at 2026-04-11T12:55:00Z
3
value 0.02256
scoring_system epss
scoring_elements 0.84624
published_at 2026-04-21T12:55:00Z
4
value 0.02256
scoring_system epss
scoring_elements 0.84622
published_at 2026-04-18T12:55:00Z
5
value 0.02256
scoring_system epss
scoring_elements 0.84606
published_at 2026-04-12T12:55:00Z
6
value 0.02256
scoring_system epss
scoring_elements 0.84601
published_at 2026-04-13T12:55:00Z
7
value 0.02256
scoring_system epss
scoring_elements 0.84621
published_at 2026-04-16T12:55:00Z
8
value 0.02256
scoring_system epss
scoring_elements 0.84564
published_at 2026-04-07T12:55:00Z
9
value 0.02256
scoring_system epss
scoring_elements 0.84585
published_at 2026-04-08T12:55:00Z
10
value 0.02256
scoring_system epss
scoring_elements 0.84539
published_at 2026-04-02T12:55:00Z
11
value 0.02256
scoring_system epss
scoring_elements 0.8456
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-24785
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24785
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24785
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/moment/moment
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moment/moment
5
reference_url https://github.com/moment/moment/commit/4211bfc8f15746be4019bba557e29a7ba83d54c5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:10Z/
url https://github.com/moment/moment/commit/4211bfc8f15746be4019bba557e29a7ba83d54c5
6
reference_url https://lists.debian.org/debian-lts-announce/2023/01/msg00035.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:10Z/
url https://lists.debian.org/debian-lts-announce/2023/01/msg00035.html
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5
11
reference_url https://security.netapp.com/advisory/ntap-20220513-0006
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220513-0006
12
reference_url https://security.netapp.com/advisory/ntap-20241108-0002
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20241108-0002
13
reference_url https://www.tenable.com/security/tns-2022-09
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:10Z/
url https://www.tenable.com/security/tns-2022-09
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009327
reference_id 1009327
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009327
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2072009
reference_id 2072009
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2072009
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q/
reference_id 6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:10Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q/
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-24785
reference_id CVE-2022-24785
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-24785
18
reference_url https://github.com/advisories/GHSA-8hfj-j24r-96c4
reference_id GHSA-8hfj-j24r-96c4
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8hfj-j24r-96c4
19
reference_url https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4
reference_id GHSA-8hfj-j24r-96c4
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:10Z/
url https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4
20
reference_url https://security.netapp.com/advisory/ntap-20220513-0006/
reference_id ntap-20220513-0006
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:10Z/
url https://security.netapp.com/advisory/ntap-20220513-0006/
21
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5/
reference_id ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:10Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5/
22
reference_url https://access.redhat.com/errata/RHSA-2022:4918
reference_id RHSA-2022:4918
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4918
23
reference_url https://access.redhat.com/errata/RHSA-2022:4919
reference_id RHSA-2022:4919
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4919
24
reference_url https://access.redhat.com/errata/RHSA-2022:4922
reference_id RHSA-2022:4922
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4922
25
reference_url https://access.redhat.com/errata/RHSA-2022:5006
reference_id RHSA-2022:5006
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5006
26
reference_url https://access.redhat.com/errata/RHSA-2022:6156
reference_id RHSA-2022:6156
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6156
27
reference_url https://access.redhat.com/errata/RHSA-2022:6272
reference_id RHSA-2022:6272
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6272
28
reference_url https://access.redhat.com/errata/RHSA-2022:6277
reference_id RHSA-2022:6277
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6277
29
reference_url https://access.redhat.com/errata/RHSA-2022:8652
reference_id RHSA-2022:8652
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8652
30
reference_url https://access.redhat.com/errata/RHSA-2023:0076
reference_id RHSA-2023:0076
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0076
31
reference_url https://access.redhat.com/errata/RHSA-2023:3642
reference_id RHSA-2023:3642
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3642
32
reference_url https://access.redhat.com/errata/RHSA-2025:4437
reference_id RHSA-2025:4437
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4437
33
reference_url https://usn.ubuntu.com/5559-1/
reference_id USN-5559-1
reference_type
scores
url https://usn.ubuntu.com/5559-1/
fixed_packages
aliases CVE-2022-24785, GHSA-8hfj-j24r-96c4
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kexn-gjxj-uudm
3
url VCID-mm3e-4pej-byed
vulnerability_id VCID-mm3e-4pej-byed
summary 
Uncontrolled Resource Consumption in snakeyaml
The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25857.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25857.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-25857
reference_id
reference_type
scores
0
value 0.00869
scoring_system epss
scoring_elements 0.75244
published_at 2026-04-24T12:55:00Z
1
value 0.00869
scoring_system epss
scoring_elements 0.75173
published_at 2026-04-13T12:55:00Z
2
value 0.00869
scoring_system epss
scoring_elements 0.75206
published_at 2026-04-21T12:55:00Z
3
value 0.00869
scoring_system epss
scoring_elements 0.75216
published_at 2026-04-18T12:55:00Z
4
value 0.00869
scoring_system epss
scoring_elements 0.7521
published_at 2026-04-16T12:55:00Z
5
value 0.00869
scoring_system epss
scoring_elements 0.75207
published_at 2026-04-11T12:55:00Z
6
value 0.00869
scoring_system epss
scoring_elements 0.75132
published_at 2026-04-02T12:55:00Z
7
value 0.00869
scoring_system epss
scoring_elements 0.75162
published_at 2026-04-04T12:55:00Z
8
value 0.00869
scoring_system epss
scoring_elements 0.75139
published_at 2026-04-07T12:55:00Z
9
value 0.00869
scoring_system epss
scoring_elements 0.75185
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-25857
2
reference_url https://bitbucket.org/snakeyaml/snakeyaml/commits/fc300780da21f4bb92c148bc90257201220cf174
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bitbucket.org/snakeyaml/snakeyaml/commits/fc300780da21f4bb92c148bc90257201220cf174
3
reference_url https://bitbucket.org/snakeyaml/snakeyaml/issues/525
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bitbucket.org/snakeyaml/snakeyaml/issues/525
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25857
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25857
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/jruby/jruby/issues/7342
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
url https://github.com/jruby/jruby/issues/7342
7
reference_url https://github.com/snakeyaml/snakeyaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/snakeyaml/snakeyaml
8
reference_url https://github.com/snakeyaml/snakeyaml/commit/fc300780da21f4bb92c148bc90257201220cf174
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/snakeyaml/snakeyaml/commit/fc300780da21f4bb92c148bc90257201220cf174
9
reference_url https://lists.debian.org/debian-lts-announce/2022/10/msg00001.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/10/msg00001.html
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-25857
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-25857
11
reference_url https://security.netapp.com/advisory/ntap-20240315-0010
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240315-0010
12
reference_url https://security.snyk.io/vuln/SNYK-JAVA-ORGYAML-2806360
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.snyk.io/vuln/SNYK-JAVA-ORGYAML-2806360
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019218
reference_id 1019218
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019218
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2126789
reference_id 2126789
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2126789
15
reference_url https://github.com/advisories/GHSA-3mc7-4q67-w48m
reference_id GHSA-3mc7-4q67-w48m
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3mc7-4q67-w48m
16
reference_url https://access.redhat.com/errata/RHSA-2022:6757
reference_id RHSA-2022:6757
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6757
17
reference_url https://access.redhat.com/errata/RHSA-2022:6820
reference_id RHSA-2022:6820
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6820
18
reference_url https://access.redhat.com/errata/RHSA-2022:6821
reference_id RHSA-2022:6821
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6821
19
reference_url https://access.redhat.com/errata/RHSA-2022:6822
reference_id RHSA-2022:6822
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6822
20
reference_url https://access.redhat.com/errata/RHSA-2022:6823
reference_id RHSA-2022:6823
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6823
21
reference_url https://access.redhat.com/errata/RHSA-2022:6825
reference_id RHSA-2022:6825
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6825
22
reference_url https://access.redhat.com/errata/RHSA-2022:6835
reference_id RHSA-2022:6835
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6835
23
reference_url https://access.redhat.com/errata/RHSA-2022:6941
reference_id RHSA-2022:6941
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6941
24
reference_url https://access.redhat.com/errata/RHSA-2022:8524
reference_id RHSA-2022:8524
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8524
25
reference_url https://access.redhat.com/errata/RHSA-2022:8652
reference_id RHSA-2022:8652
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8652
26
reference_url https://access.redhat.com/errata/RHSA-2022:8876
reference_id RHSA-2022:8876
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8876
27
reference_url https://access.redhat.com/errata/RHSA-2023:0560
reference_id RHSA-2023:0560
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0560
28
reference_url https://access.redhat.com/errata/RHSA-2023:0777
reference_id RHSA-2023:0777
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0777
29
reference_url https://access.redhat.com/errata/RHSA-2023:2097
reference_id RHSA-2023:2097
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2097
30
reference_url https://access.redhat.com/errata/RHSA-2023:2100
reference_id RHSA-2023:2100
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2100
31
reference_url https://access.redhat.com/errata/RHSA-2023:3198
reference_id RHSA-2023:3198
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3198
32
reference_url https://access.redhat.com/errata/RHSA-2023:3641
reference_id RHSA-2023:3641
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3641
33
reference_url https://access.redhat.com/errata/RHSA-2023:4983
reference_id RHSA-2023:4983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4983
34
reference_url https://access.redhat.com/errata/RHSA-2023:6172
reference_id RHSA-2023:6172
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6172
35
reference_url https://access.redhat.com/errata/RHSA-2023:6179
reference_id RHSA-2023:6179
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6179
36
reference_url https://access.redhat.com/errata/RHSA-2023:7288
reference_id RHSA-2023:7288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7288
37
reference_url https://access.redhat.com/errata/RHSA-2023:7697
reference_id RHSA-2023:7697
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7697
38
reference_url https://access.redhat.com/errata/RHSA-2024:0776
reference_id RHSA-2024:0776
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0776
39
reference_url https://access.redhat.com/errata/RHSA-2024:0777
reference_id RHSA-2024:0777
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0777
40
reference_url https://access.redhat.com/errata/RHSA-2024:0778
reference_id RHSA-2024:0778
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0778
41
reference_url https://access.redhat.com/errata/RHSA-2025:4437
reference_id RHSA-2025:4437
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4437
42
reference_url https://usn.ubuntu.com/5944-1/
reference_id USN-5944-1
reference_type
scores
url https://usn.ubuntu.com/5944-1/
fixed_packages
aliases CVE-2022-25857, GHSA-3mc7-4q67-w48m
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mm3e-4pej-byed
4
url VCID-myp4-24sf-9yfv
vulnerability_id VCID-myp4-24sf-9yfv
summary 
Jettison memory exhaustion
Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by Out of memory. This effect may support a denial of service attack.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40150.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40150.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-40150
reference_id
reference_type
scores
0
value 0.00065
scoring_system epss
scoring_elements 0.20276
published_at 2026-04-21T12:55:00Z
1
value 0.00065
scoring_system epss
scoring_elements 0.20277
published_at 2026-04-18T12:55:00Z
2
value 0.00065
scoring_system epss
scoring_elements 0.20272
published_at 2026-04-16T12:55:00Z
3
value 0.00065
scoring_system epss
scoring_elements 0.20284
published_at 2026-04-13T12:55:00Z
4
value 0.00065
scoring_system epss
scoring_elements 0.20343
published_at 2026-04-12T12:55:00Z
5
value 0.00065
scoring_system epss
scoring_elements 0.20388
published_at 2026-04-11T12:55:00Z
6
value 0.00065
scoring_system epss
scoring_elements 0.20358
published_at 2026-04-09T12:55:00Z
7
value 0.00065
scoring_system epss
scoring_elements 0.20299
published_at 2026-04-08T12:55:00Z
8
value 0.00065
scoring_system epss
scoring_elements 0.20219
published_at 2026-04-07T12:55:00Z
9
value 0.00065
scoring_system epss
scoring_elements 0.20493
published_at 2026-04-04T12:55:00Z
10
value 0.00065
scoring_system epss
scoring_elements 0.2043
published_at 2026-04-02T12:55:00Z
11
value 0.00069
scoring_system epss
scoring_elements 0.21086
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-40150
2
reference_url https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46549
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:36:35Z/
url https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46549
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40149
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40149
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40150
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40150
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45685
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45685
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45693
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45693
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://github.com/jettison-json/jettison
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jettison-json/jettison
9
reference_url https://github.com/jettison-json/jettison/issues/45
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:36:35Z/
url https://github.com/jettison-json/jettison/issues/45
10
reference_url https://lists.debian.org/debian-lts-announce/2022/12/msg00045.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:36:35Z/
url https://lists.debian.org/debian-lts-announce/2022/12/msg00045.html
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-40150
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-40150
12
reference_url https://www.debian.org/security/2023/dsa-5312
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:36:35Z/
url https://www.debian.org/security/2023/dsa-5312
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022553
reference_id 1022553
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022553
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2135770
reference_id 2135770
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2135770
15
reference_url https://github.com/advisories/GHSA-x27m-9w8j-5vcw
reference_id GHSA-x27m-9w8j-5vcw
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x27m-9w8j-5vcw
16
reference_url https://access.redhat.com/errata/RHSA-2023:0469
reference_id RHSA-2023:0469
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0469
17
reference_url https://access.redhat.com/errata/RHSA-2023:0552
reference_id RHSA-2023:0552
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0552
18
reference_url https://access.redhat.com/errata/RHSA-2023:0553
reference_id RHSA-2023:0553
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0553
19
reference_url https://access.redhat.com/errata/RHSA-2023:0554
reference_id RHSA-2023:0554
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0554
20
reference_url https://access.redhat.com/errata/RHSA-2023:0556
reference_id RHSA-2023:0556
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0556
21
reference_url https://access.redhat.com/errata/RHSA-2023:2100
reference_id RHSA-2023:2100
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2100
22
reference_url https://access.redhat.com/errata/RHSA-2023:3223
reference_id RHSA-2023:3223
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3223
23
reference_url https://access.redhat.com/errata/RHSA-2023:3610
reference_id RHSA-2023:3610
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3610
24
reference_url https://access.redhat.com/errata/RHSA-2023:3663
reference_id RHSA-2023:3663
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3663
25
reference_url https://access.redhat.com/errata/RHSA-2025:4437
reference_id RHSA-2025:4437
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4437
26
reference_url https://usn.ubuntu.com/6177-1/
reference_id USN-6177-1
reference_type
scores
url https://usn.ubuntu.com/6177-1/
fixed_packages
aliases CVE-2022-40150, GHSA-x27m-9w8j-5vcw
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-myp4-24sf-9yfv
5
url VCID-nfjb-tkzv-fudg
vulnerability_id VCID-nfjb-tkzv-fudg
summary The package com.google.code.gson:gson before 2.8.9 is vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25647.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25647.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-25647
reference_id
reference_type
scores
0
value 0.02798
scoring_system epss
scoring_elements 0.86124
published_at 2026-04-16T12:55:00Z
1
value 0.02798
scoring_system epss
scoring_elements 0.86142
published_at 2026-04-24T12:55:00Z
2
value 0.02798
scoring_system epss
scoring_elements 0.86122
published_at 2026-04-21T12:55:00Z
3
value 0.02798
scoring_system epss
scoring_elements 0.86129
published_at 2026-04-18T12:55:00Z
4
value 0.02798
scoring_system epss
scoring_elements 0.86053
published_at 2026-04-02T12:55:00Z
5
value 0.02798
scoring_system epss
scoring_elements 0.8607
published_at 2026-04-04T12:55:00Z
6
value 0.02798
scoring_system epss
scoring_elements 0.86069
published_at 2026-04-07T12:55:00Z
7
value 0.02798
scoring_system epss
scoring_elements 0.86089
published_at 2026-04-08T12:55:00Z
8
value 0.02798
scoring_system epss
scoring_elements 0.86099
published_at 2026-04-09T12:55:00Z
9
value 0.02798
scoring_system epss
scoring_elements 0.86114
published_at 2026-04-11T12:55:00Z
10
value 0.02798
scoring_system epss
scoring_elements 0.86111
published_at 2026-04-12T12:55:00Z
11
value 0.02798
scoring_system epss
scoring_elements 0.86106
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-25647
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25647
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25647
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/google/gson
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/google/gson
5
reference_url https://github.com/google/gson/pull/1991
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/google/gson/pull/1991
6
reference_url https://github.com/google/gson/pull/1991/commits
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/google/gson/pull/1991/commits
7
reference_url https://lists.debian.org/debian-lts-announce/2022/05/msg00015.html
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/05/msg00015.html
8
reference_url https://lists.debian.org/debian-lts-announce/2022/09/msg00009.html
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/09/msg00009.html
9
reference_url https://security.netapp.com/advisory/ntap-20220901-0009
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220901-0009
10
reference_url https://security.netapp.com/advisory/ntap-20220901-0009/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20220901-0009/
11
reference_url https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327
12
reference_url https://www.debian.org/security/2022/dsa-5227
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2022/dsa-5227
13
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2022.html
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010670
reference_id 1010670
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010670
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2080850
reference_id 2080850
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2080850
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-25647
reference_id CVE-2022-25647
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-25647
17
reference_url https://github.com/advisories/GHSA-4jrv-ppp4-jm57
reference_id GHSA-4jrv-ppp4-jm57
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4jrv-ppp4-jm57
18
reference_url https://access.redhat.com/errata/RHSA-2022:4985
reference_id RHSA-2022:4985
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4985
19
reference_url https://access.redhat.com/errata/RHSA-2022:5029
reference_id RHSA-2022:5029
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5029
20
reference_url https://access.redhat.com/errata/RHSA-2022:5892
reference_id RHSA-2022:5892
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5892
21
reference_url https://access.redhat.com/errata/RHSA-2022:5893
reference_id RHSA-2022:5893
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5893
22
reference_url https://access.redhat.com/errata/RHSA-2022:5894
reference_id RHSA-2022:5894
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5894
23
reference_url https://access.redhat.com/errata/RHSA-2022:5903
reference_id RHSA-2022:5903
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5903
24
reference_url https://access.redhat.com/errata/RHSA-2022:5928
reference_id RHSA-2022:5928
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5928
25
reference_url https://access.redhat.com/errata/RHSA-2022:6819
reference_id RHSA-2022:6819
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6819
26
reference_url https://access.redhat.com/errata/RHSA-2022:6835
reference_id RHSA-2022:6835
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6835
27
reference_url https://access.redhat.com/errata/RHSA-2023:3299
reference_id RHSA-2023:3299
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3299
28
reference_url https://access.redhat.com/errata/RHSA-2025:4437
reference_id RHSA-2025:4437
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4437
29
reference_url https://usn.ubuntu.com/6692-1/
reference_id USN-6692-1
reference_type
scores
url https://usn.ubuntu.com/6692-1/
fixed_packages
aliases CVE-2022-25647, GHSA-4jrv-ppp4-jm57
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nfjb-tkzv-fudg
6
url VCID-sqx4-euc2-myew
vulnerability_id VCID-sqx4-euc2-myew
summary 
Jettison parser crash by stackoverflow
Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40149.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40149.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-40149
reference_id
reference_type
scores
0
value 0.0055
scoring_system epss
scoring_elements 0.68015
published_at 2026-04-24T12:55:00Z
1
value 0.0055
scoring_system epss
scoring_elements 0.67972
published_at 2026-04-21T12:55:00Z
2
value 0.0055
scoring_system epss
scoring_elements 0.6799
published_at 2026-04-18T12:55:00Z
3
value 0.0055
scoring_system epss
scoring_elements 0.67901
published_at 2026-04-02T12:55:00Z
4
value 0.0055
scoring_system epss
scoring_elements 0.6795
published_at 2026-04-08T12:55:00Z
5
value 0.0055
scoring_system epss
scoring_elements 0.67899
published_at 2026-04-07T12:55:00Z
6
value 0.0055
scoring_system epss
scoring_elements 0.6792
published_at 2026-04-04T12:55:00Z
7
value 0.0055
scoring_system epss
scoring_elements 0.67977
published_at 2026-04-16T12:55:00Z
8
value 0.0055
scoring_system epss
scoring_elements 0.67939
published_at 2026-04-13T12:55:00Z
9
value 0.0055
scoring_system epss
scoring_elements 0.67974
published_at 2026-04-12T12:55:00Z
10
value 0.0055
scoring_system epss
scoring_elements 0.67988
published_at 2026-04-11T12:55:00Z
11
value 0.0055
scoring_system epss
scoring_elements 0.67964
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-40149
2
reference_url https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46538
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:36:38Z/
url https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46538
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40149
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40149
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40150
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40150
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45685
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45685
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45693
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45693
7
reference_url https://github.com/jettison-json/jettison
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jettison-json/jettison
8
reference_url https://github.com/jettison-json/jettison/issues/45
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:36:38Z/
url https://github.com/jettison-json/jettison/issues/45
9
reference_url https://github.com/jettison-json/jettison/pull/49/files
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jettison-json/jettison/pull/49/files
10
reference_url https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1
11
reference_url https://lists.debian.org/debian-lts-announce/2022/11/msg00011.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:36:38Z/
url https://lists.debian.org/debian-lts-announce/2022/11/msg00011.html
12
reference_url https://www.debian.org/security/2023/dsa-5312
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:36:38Z/
url https://www.debian.org/security/2023/dsa-5312
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022554
reference_id 1022554
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022554
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2135771
reference_id 2135771
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2135771
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-40149
reference_id CVE-2022-40149
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-40149
16
reference_url https://github.com/advisories/GHSA-56h3-78gp-v83r
reference_id GHSA-56h3-78gp-v83r
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-56h3-78gp-v83r
17
reference_url https://access.redhat.com/errata/RHSA-2023:0469
reference_id RHSA-2023:0469
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0469
18
reference_url https://access.redhat.com/errata/RHSA-2023:0544
reference_id RHSA-2023:0544
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0544
19
reference_url https://access.redhat.com/errata/RHSA-2023:0552
reference_id RHSA-2023:0552
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0552
20
reference_url https://access.redhat.com/errata/RHSA-2023:0553
reference_id RHSA-2023:0553
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0553
21
reference_url https://access.redhat.com/errata/RHSA-2023:0554
reference_id RHSA-2023:0554
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0554
22
reference_url https://access.redhat.com/errata/RHSA-2023:0556
reference_id RHSA-2023:0556
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0556
23
reference_url https://access.redhat.com/errata/RHSA-2023:3223
reference_id RHSA-2023:3223
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3223
24
reference_url https://access.redhat.com/errata/RHSA-2023:3610
reference_id RHSA-2023:3610
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3610
25
reference_url https://access.redhat.com/errata/RHSA-2023:3663
reference_id RHSA-2023:3663
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3663
26
reference_url https://access.redhat.com/errata/RHSA-2025:4437
reference_id RHSA-2025:4437
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4437
27
reference_url https://usn.ubuntu.com/6177-1/
reference_id USN-6177-1
reference_type
scores
url https://usn.ubuntu.com/6177-1/
fixed_packages
aliases CVE-2022-40149, GHSA-56h3-78gp-v83r
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sqx4-euc2-myew
7
url VCID-zy5r-wxv8-g3e8
vulnerability_id VCID-zy5r-wxv8-g3e8
summary 
Uncontrolled Resource Consumption
In Apache ActiveMQ Artemis, an attacker could partially disrupt availability (DoS) through uncontrolled resource consumption of memory.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23913.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23913.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23913
reference_id
reference_type
scores
0
value 0.02409
scoring_system epss
scoring_elements 0.85133
published_at 2026-04-24T12:55:00Z
1
value 0.02409
scoring_system epss
scoring_elements 0.85112
published_at 2026-04-18T12:55:00Z
2
value 0.02409
scoring_system epss
scoring_elements 0.8511
published_at 2026-04-21T12:55:00Z
3
value 0.02409
scoring_system epss
scoring_elements 0.85088
published_at 2026-04-13T12:55:00Z
4
value 0.02409
scoring_system epss
scoring_elements 0.85092
published_at 2026-04-12T12:55:00Z
5
value 0.02409
scoring_system epss
scoring_elements 0.85094
published_at 2026-04-11T12:55:00Z
6
value 0.02409
scoring_system epss
scoring_elements 0.85078
published_at 2026-04-09T12:55:00Z
7
value 0.02409
scoring_system epss
scoring_elements 0.8507
published_at 2026-04-08T12:55:00Z
8
value 0.02409
scoring_system epss
scoring_elements 0.85048
published_at 2026-04-07T12:55:00Z
9
value 0.02409
scoring_system epss
scoring_elements 0.85044
published_at 2026-04-04T12:55:00Z
10
value 0.02409
scoring_system epss
scoring_elements 0.85027
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23913
2
reference_url https://github.com/apache/activemq-artemis
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq-artemis
3
reference_url https://github.com/apache/activemq-artemis/pull/3862
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq-artemis/pull/3862
4
reference_url https://github.com/apache/activemq-artemis/pull/3862/commits/1f92368240229b8f5db92a92a72c703faf83e9b7
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq-artemis/pull/3862/commits/1f92368240229b8f5db92a92a72c703faf83e9b7
5
reference_url https://github.com/apache/activemq-artemis/pull/3871
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq-artemis/pull/3871
6
reference_url https://github.com/apache/activemq-artemis/pull/3871/commits/153d2e9a979aead8dff95fbc91d659ecc7d0fb82
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq-artemis/pull/3871/commits/153d2e9a979aead8dff95fbc91d659ecc7d0fb82
7
reference_url https://github.com/github/codeql-java-CVE-coverage/issues/1061
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/github/codeql-java-CVE-coverage/issues/1061
8
reference_url https://issues.apache.org/jira/browse/ARTEMIS-3593
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/ARTEMIS-3593
9
reference_url https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2
10
reference_url https://security.netapp.com/advisory/ntap-20220303-0003
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220303-0003
11
reference_url https://security.netapp.com/advisory/ntap-20220303-0003/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20220303-0003/
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2063601
reference_id 2063601
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2063601
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23913
reference_id CVE-2022-23913
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-23913
14
reference_url https://github.com/advisories/GHSA-pr38-qpxm-g88x
reference_id GHSA-pr38-qpxm-g88x
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pr38-qpxm-g88x
15
reference_url https://access.redhat.com/errata/RHSA-2022:4918
reference_id RHSA-2022:4918
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4918
16
reference_url https://access.redhat.com/errata/RHSA-2022:4919
reference_id RHSA-2022:4919
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4919
17
reference_url https://access.redhat.com/errata/RHSA-2022:4922
reference_id RHSA-2022:4922
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4922
18
reference_url https://access.redhat.com/errata/RHSA-2022:5101
reference_id RHSA-2022:5101
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5101
19
reference_url https://access.redhat.com/errata/RHSA-2022:5532
reference_id RHSA-2022:5532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5532
20
reference_url https://access.redhat.com/errata/RHSA-2022:7409
reference_id RHSA-2022:7409
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7409
21
reference_url https://access.redhat.com/errata/RHSA-2022:7410
reference_id RHSA-2022:7410
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7410
22
reference_url https://access.redhat.com/errata/RHSA-2022:7411
reference_id RHSA-2022:7411
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7411
23
reference_url https://access.redhat.com/errata/RHSA-2022:7417
reference_id RHSA-2022:7417
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7417
24
reference_url https://access.redhat.com/errata/RHSA-2025:4437
reference_id RHSA-2025:4437
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4437
fixed_packages
aliases CVE-2022-23913, GHSA-pr38-qpxm-g88x
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zy5r-wxv8-g3e8
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-hal-console@3.2.18-1.Final_redhat_00001.1%3Farch=el7eap