Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/ceph@2:17.2.6-70?arch=el9cp
Typerpm
Namespaceredhat
Nameceph
Version2:17.2.6-70
Qualifiers
arch el9cp
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-ptd4-8f7f-hyg6
vulnerability_id VCID-ptd4-8f7f-hyg6
summary 
Moment.js vulnerable to Inefficient Regular Expression Complexity
### Impact

* using string-to-date parsing in moment (more specifically rfc2822 parsing, which is tried by default) has quadratic (N^2) complexity on specific inputs
* noticeable slowdown is observed with inputs above 10k characters
* users who pass user-provided strings without sanity length checks to moment constructor are vulnerable to (Re)DoS attacks

### Patches
The problem is patched in 2.29.4, the patch can be applied to all affected versions with minimal tweaking.

### Workarounds
In general, given the proliferation of ReDoS attacks, it makes sense to limit the length of the user input to something sane, like 200 characters or less. I haven't seen legitimate cases of date-time strings longer than that, so all moment users who do pass a user-originating string to constructor are encouraged to apply such a rudimentary filter, that would help with this but also most future ReDoS vulnerabilities.

### References
There is an excellent writeup of the issue here: https://github.com/moment/moment/pull/6015#issuecomment-1152961973=

### Details
The issue is rooted in the code that removes legacy comments (stuff inside parenthesis) from strings during rfc2822 parsing. `moment("(".repeat(500000))` will take a few minutes to process, which is unacceptable.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31129.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31129.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-31129
reference_id
reference_type
scores
0
value 0.03435
scoring_system epss
scoring_elements 0.87496
published_at 2026-04-18T12:55:00Z
1
value 0.03435
scoring_system epss
scoring_elements 0.87433
published_at 2026-04-02T12:55:00Z
2
value 0.03435
scoring_system epss
scoring_elements 0.87487
published_at 2026-04-11T12:55:00Z
3
value 0.03435
scoring_system epss
scoring_elements 0.87475
published_at 2026-04-09T12:55:00Z
4
value 0.03435
scoring_system epss
scoring_elements 0.87448
published_at 2026-04-04T12:55:00Z
5
value 0.03435
scoring_system epss
scoring_elements 0.87449
published_at 2026-04-07T12:55:00Z
6
value 0.03435
scoring_system epss
scoring_elements 0.87469
published_at 2026-04-08T12:55:00Z
7
value 0.03435
scoring_system epss
scoring_elements 0.87494
published_at 2026-04-21T12:55:00Z
8
value 0.03435
scoring_system epss
scoring_elements 0.87479
published_at 2026-04-13T12:55:00Z
9
value 0.03435
scoring_system epss
scoring_elements 0.87482
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-31129
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31129
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31129
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/moment/moment
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moment/moment
5
reference_url https://github.com/moment/moment/commit/9a3b5894f3d5d602948ac8a02e4ee528a49ca3a3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:40:27Z/
url https://github.com/moment/moment/commit/9a3b5894f3d5d602948ac8a02e4ee528a49ca3a3
6
reference_url https://github.com/moment/moment/pull/6015/commits/4bbb9f3ccbe231de40207503f344fe5ce97584f4
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moment/moment/pull/6015/commits/4bbb9f3ccbe231de40207503f344fe5ce97584f4
7
reference_url https://github.com/moment/moment/pull/6015/commits/bfd4f2375d5c1a2106246721d693a9611dddfbfe
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moment/moment/pull/6015/commits/bfd4f2375d5c1a2106246721d693a9611dddfbfe
8
reference_url https://github.com/moment/moment/pull/6015/commits/dc0d180e90d8a84f7ff13572363330a22b3ea504
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moment/moment/pull/6015/commits/dc0d180e90d8a84f7ff13572363330a22b3ea504
9
reference_url https://github.com/moment/moment/pull/6015#issuecomment-1152961973
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:40:27Z/
url https://github.com/moment/moment/pull/6015#issuecomment-1152961973
10
reference_url https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:40:27Z/
url https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g
11
reference_url https://huntr.dev/bounties/f0952b67-f2ff-44a9-a9cd-99e0a87cb633
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://huntr.dev/bounties/f0952b67-f2ff-44a9-a9cd-99e0a87cb633
12
reference_url https://lists.debian.org/debian-lts-announce/2023/01/msg00035.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:40:27Z/
url https://lists.debian.org/debian-lts-announce/2023/01/msg00035.html
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWY24RJA3SBJGA5N4CU4VBPHJPPPJL5O
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWY24RJA3SBJGA5N4CU4VBPHJPPPJL5O
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZMX5YHELQVCGKKQVFXIYOTBMN23YYSRO
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZMX5YHELQVCGKKQVFXIYOTBMN23YYSRO
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IWY24RJA3SBJGA5N4CU4VBPHJPPPJL5O
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IWY24RJA3SBJGA5N4CU4VBPHJPPPJL5O
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5
20
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZMX5YHELQVCGKKQVFXIYOTBMN23YYSRO
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZMX5YHELQVCGKKQVFXIYOTBMN23YYSRO
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-31129
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-31129
22
reference_url https://security.netapp.com/advisory/ntap-20221014-0003
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20221014-0003
23
reference_url https://security.netapp.com/advisory/ntap-20241108-0002
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20241108-0002
24
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014845
reference_id 1014845
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014845
25
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2105075
reference_id 2105075
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2105075
26
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q/
reference_id 6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:40:27Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q/
27
reference_url https://huntr.dev/bounties/f0952b67-f2ff-44a9-a9cd-99e0a87cb633/
reference_id f0952b67-f2ff-44a9-a9cd-99e0a87cb633
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:40:27Z/
url https://huntr.dev/bounties/f0952b67-f2ff-44a9-a9cd-99e0a87cb633/
28
reference_url https://github.com/advisories/GHSA-wc69-rhjr-hc9g
reference_id GHSA-wc69-rhjr-hc9g
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wc69-rhjr-hc9g
29
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWY24RJA3SBJGA5N4CU4VBPHJPPPJL5O/
reference_id IWY24RJA3SBJGA5N4CU4VBPHJPPPJL5O
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:40:27Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWY24RJA3SBJGA5N4CU4VBPHJPPPJL5O/
30
reference_url https://security.netapp.com/advisory/ntap-20221014-0003/
reference_id ntap-20221014-0003
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:40:27Z/
url https://security.netapp.com/advisory/ntap-20221014-0003/
31
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5/
reference_id ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:40:27Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5/
32
reference_url https://access.redhat.com/errata/RHSA-2022:5913
reference_id RHSA-2022:5913
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5913
33
reference_url https://access.redhat.com/errata/RHSA-2022:5914
reference_id RHSA-2022:5914
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5914
34
reference_url https://access.redhat.com/errata/RHSA-2022:5915
reference_id RHSA-2022:5915
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5915
35
reference_url https://access.redhat.com/errata/RHSA-2022:6156
reference_id RHSA-2022:6156
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6156
36
reference_url https://access.redhat.com/errata/RHSA-2022:6271
reference_id RHSA-2022:6271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6271
37
reference_url https://access.redhat.com/errata/RHSA-2022:6272
reference_id RHSA-2022:6272
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6272
38
reference_url https://access.redhat.com/errata/RHSA-2022:6277
reference_id RHSA-2022:6277
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6277
39
reference_url https://access.redhat.com/errata/RHSA-2022:6392
reference_id RHSA-2022:6392
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6392
40
reference_url https://access.redhat.com/errata/RHSA-2022:6393
reference_id RHSA-2022:6393
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6393
41
reference_url https://access.redhat.com/errata/RHSA-2022:6835
reference_id RHSA-2022:6835
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6835
42
reference_url https://access.redhat.com/errata/RHSA-2022:8652
reference_id RHSA-2022:8652
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8652
43
reference_url https://access.redhat.com/errata/RHSA-2023:1486
reference_id RHSA-2023:1486
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1486
44
reference_url https://access.redhat.com/errata/RHSA-2023:3623
reference_id RHSA-2023:3623
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3623
45
reference_url https://usn.ubuntu.com/5559-1/
reference_id USN-5559-1
reference_type
scores
url https://usn.ubuntu.com/5559-1/
46
reference_url https://usn.ubuntu.com/6550-1/
reference_id USN-6550-1
reference_type
scores
url https://usn.ubuntu.com/6550-1/
47
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZMX5YHELQVCGKKQVFXIYOTBMN23YYSRO/
reference_id ZMX5YHELQVCGKKQVFXIYOTBMN23YYSRO
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:40:27Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZMX5YHELQVCGKKQVFXIYOTBMN23YYSRO/
fixed_packages
aliases CVE-2022-31129, GHSA-wc69-rhjr-hc9g
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ptd4-8f7f-hyg6
1
url VCID-zhc9-ck6c-r7es
vulnerability_id VCID-zhc9-ck6c-r7es
summary 
Angular vulnerable to Cross-site Scripting
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4231.json
reference_id
reference_type
scores
0
value 3.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4231.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-4231
reference_id
reference_type
scores
0
value 0.01341
scoring_system epss
scoring_elements 0.80046
published_at 2026-04-21T12:55:00Z
1
value 0.01341
scoring_system epss
scoring_elements 0.79965
published_at 2026-04-01T12:55:00Z
2
value 0.01341
scoring_system epss
scoring_elements 0.79972
published_at 2026-04-02T12:55:00Z
3
value 0.01341
scoring_system epss
scoring_elements 0.79994
published_at 2026-04-04T12:55:00Z
4
value 0.01341
scoring_system epss
scoring_elements 0.79984
published_at 2026-04-07T12:55:00Z
5
value 0.01341
scoring_system epss
scoring_elements 0.80012
published_at 2026-04-08T12:55:00Z
6
value 0.01341
scoring_system epss
scoring_elements 0.80021
published_at 2026-04-09T12:55:00Z
7
value 0.01341
scoring_system epss
scoring_elements 0.80041
published_at 2026-04-11T12:55:00Z
8
value 0.01341
scoring_system epss
scoring_elements 0.80025
published_at 2026-04-12T12:55:00Z
9
value 0.01341
scoring_system epss
scoring_elements 0.80017
published_at 2026-04-13T12:55:00Z
10
value 0.01341
scoring_system epss
scoring_elements 0.80045
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-4231
2
reference_url https://github.com/angular/angular
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/angular/angular
3
reference_url https://github.com/angular/angular/commit/0aa220bc0000fc4d1651ec388975bbf5baa1da36
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/angular/angular/commit/0aa220bc0000fc4d1651ec388975bbf5baa1da36
4
reference_url https://github.com/angular/angular/commit/47d9b6d72dab9d60c96bc1c3604219f6385649ea
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/angular/angular/commit/47d9b6d72dab9d60c96bc1c3604219f6385649ea
5
reference_url https://github.com/angular/angular/commit/ba8da742e3b243e8f43d4c63aa842b44e14f2b09
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
1
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:14:41Z/
url https://github.com/angular/angular/commit/ba8da742e3b243e8f43d4c63aa842b44e14f2b09
6
reference_url https://github.com/angular/angular/issues/40136
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
1
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:14:41Z/
url https://github.com/angular/angular/issues/40136
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-4231
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-4231
8
reference_url https://security.snyk.io/vuln/SNYK-JS-ANGULARCORE-1070902
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
1
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:14:41Z/
url https://security.snyk.io/vuln/SNYK-JS-ANGULARCORE-1070902
9
reference_url https://vuldb.com/?id.181356
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
1
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:14:41Z/
url https://vuldb.com/?id.181356
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2094052
reference_id 2094052
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2094052
11
reference_url https://github.com/advisories/GHSA-c75v-2vq8-878f
reference_id GHSA-c75v-2vq8-878f
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-c75v-2vq8-878f
12
reference_url https://access.redhat.com/errata/RHSA-2023:3623
reference_id RHSA-2023:3623
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3623
fixed_packages
aliases CVE-2021-4231, GHSA-c75v-2vq8-878f
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zhc9-ck6c-r7es
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ceph@2:17.2.6-70%3Farch=el9cp