Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-5tzs-qhg5-rbbe

Summary

Improper Input Validation
The OWASP Java HTML Sanitizer does not properly enforce policies associated with the SELECT, STYLE, and OPTION elements.

Aliases

alias	CVE-2021-42575

alias	GHSA-3w73-fmf3-hg5c

Fixed_packages

url pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20211018.1

purl pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20211018.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tzs-qhg5-rbbe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20211018.1

url	pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20211018.2
purl	pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20211018.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20211018.2

Affected_packages

url pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@r136

purl pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@r136

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tzs-qhg5-rbbe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@r136

url pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@r156

purl pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@r156

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tzs-qhg5-rbbe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@r156

url pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@r163

purl pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@r163

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tzs-qhg5-rbbe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@r163

url pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@r164

purl pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@r164

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tzs-qhg5-rbbe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@r164

url pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@r173

purl pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@r173

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tzs-qhg5-rbbe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@r173

url pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@r198

purl pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@r198

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tzs-qhg5-rbbe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@r198

url pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@r209

purl pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@r209

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tzs-qhg5-rbbe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@r209

url pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@r223

purl pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@r223

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tzs-qhg5-rbbe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@r223

url pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@r232

purl pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@r232

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tzs-qhg5-rbbe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@r232

url pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@r239

purl pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@r239

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tzs-qhg5-rbbe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@r239

url pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@1.1

purl pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tzs-qhg5-rbbe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@1.1

url pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20150501.1

purl pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20150501.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tzs-qhg5-rbbe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20150501.1

url pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20151202.2

purl pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20151202.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tzs-qhg5-rbbe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20151202.2

url pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20160203.1

purl pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20160203.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tzs-qhg5-rbbe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20160203.1

url pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20160413.1

purl pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20160413.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tzs-qhg5-rbbe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20160413.1

url pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20160422.1

purl pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20160422.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tzs-qhg5-rbbe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20160422.1

url pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20160526.1

purl pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20160526.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tzs-qhg5-rbbe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20160526.1

url pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20160614.1

purl pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20160614.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tzs-qhg5-rbbe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20160614.1

url pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20160628.1

purl pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20160628.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tzs-qhg5-rbbe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20160628.1

url pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20160827.1

purl pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20160827.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tzs-qhg5-rbbe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20160827.1

url pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20160924.1

purl pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20160924.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tzs-qhg5-rbbe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20160924.1

url pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20170329.1

purl pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20170329.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tzs-qhg5-rbbe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20170329.1

url pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20170408.1

purl pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20170408.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tzs-qhg5-rbbe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20170408.1

url pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20170411.1

purl pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20170411.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tzs-qhg5-rbbe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20170411.1

url pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20170512.1

purl pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20170512.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tzs-qhg5-rbbe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20170512.1

url pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20170515.1

purl pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20170515.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tzs-qhg5-rbbe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20170515.1

url pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20171016.1

purl pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20171016.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tzs-qhg5-rbbe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20171016.1

url pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20180219.1

purl pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20180219.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tzs-qhg5-rbbe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20180219.1

url pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20181114.1

purl pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20181114.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tzs-qhg5-rbbe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20181114.1

url pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20190325.1

purl pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20190325.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tzs-qhg5-rbbe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20190325.1

url pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20190503.1

purl pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20190503.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tzs-qhg5-rbbe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20190503.1

url pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20190610.1

purl pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20190610.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tzs-qhg5-rbbe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20190610.1

url pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20191001.1

purl pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20191001.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tzs-qhg5-rbbe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20191001.1

url pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20200615.1

purl pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20200615.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tzs-qhg5-rbbe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20200615.1

url pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20200713.1

purl pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20200713.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tzs-qhg5-rbbe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20200713.1

url pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20211018.1

purl pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20211018.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tzs-qhg5-rbbe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer@20211018.1

url pkg:rpm/redhat/rh-sso7@1-5?arch=el9sso

purl pkg:rpm/redhat/rh-sso7@1-5?arch=el9sso

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tzs-qhg5-rbbe

vulnerability	VCID-7z49-f322-n7g8

vulnerability	VCID-93ut-2de3-ckc5

vulnerability	VCID-e3vc-jpft-gye7

vulnerability	VCID-jstt-6zs3-ybew

vulnerability	VCID-n23y-qjaf-tfcm

vulnerability	VCID-sk2v-nmmr-h7d1

vulnerability	VCID-swu5-a9h5-ffex

vulnerability	VCID-v45q-vzz5-4bgd

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-zy5r-wxv8-g3e8

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7@1-5%3Farch=el9sso

url pkg:rpm/redhat/rh-sso7-keycloak@18.0.3-1.redhat_00001.1?arch=el8sso

purl pkg:rpm/redhat/rh-sso7-keycloak@18.0.3-1.redhat_00001.1?arch=el8sso

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tzs-qhg5-rbbe

vulnerability	VCID-7z49-f322-n7g8

vulnerability	VCID-93ut-2de3-ckc5

vulnerability	VCID-e3vc-jpft-gye7

vulnerability	VCID-jstt-6zs3-ybew

vulnerability	VCID-n23y-qjaf-tfcm

vulnerability	VCID-sk2v-nmmr-h7d1

vulnerability	VCID-swu5-a9h5-ffex

vulnerability	VCID-v45q-vzz5-4bgd

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-zy5r-wxv8-g3e8

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@18.0.3-1.redhat_00001.1%3Farch=el8sso

url pkg:rpm/redhat/rh-sso7-keycloak@18.0.3-1.redhat_00001.1?arch=el9sso

purl pkg:rpm/redhat/rh-sso7-keycloak@18.0.3-1.redhat_00001.1?arch=el9sso

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tzs-qhg5-rbbe

vulnerability	VCID-7z49-f322-n7g8

vulnerability	VCID-93ut-2de3-ckc5

vulnerability	VCID-e3vc-jpft-gye7

vulnerability	VCID-jstt-6zs3-ybew

vulnerability	VCID-n23y-qjaf-tfcm

vulnerability	VCID-sk2v-nmmr-h7d1

vulnerability	VCID-swu5-a9h5-ffex

vulnerability	VCID-v45q-vzz5-4bgd

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-zy5r-wxv8-g3e8

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@18.0.3-1.redhat_00001.1%3Farch=el9sso

url pkg:rpm/redhat/rh-sso7-keycloak@18.0.3-1.redhat_00001.1?arch=el7sso

purl pkg:rpm/redhat/rh-sso7-keycloak@18.0.3-1.redhat_00001.1?arch=el7sso

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tzs-qhg5-rbbe

vulnerability	VCID-7z49-f322-n7g8

vulnerability	VCID-93ut-2de3-ckc5

vulnerability	VCID-e3vc-jpft-gye7

vulnerability	VCID-jstt-6zs3-ybew

vulnerability	VCID-n23y-qjaf-tfcm

vulnerability	VCID-sk2v-nmmr-h7d1

vulnerability	VCID-swu5-a9h5-ffex

vulnerability	VCID-v45q-vzz5-4bgd

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-zy5r-wxv8-g3e8

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@18.0.3-1.redhat_00001.1%3Farch=el7sso

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42575.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42575.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-42575

reference_id

reference_type

scores

value	0.00718
scoring_system	epss
scoring_elements	0.72492
published_at	2026-04-18T12:55:00Z

value	0.00718
scoring_system	epss
scoring_elements	0.72484
published_at	2026-04-16T12:55:00Z

value	0.00718
scoring_system	epss
scoring_elements	0.72442
published_at	2026-04-13T12:55:00Z

value	0.00718
scoring_system	epss
scoring_elements	0.72452
published_at	2026-04-12T12:55:00Z

value	0.00718
scoring_system	epss
scoring_elements	0.7247
published_at	2026-04-11T12:55:00Z

value	0.00718
scoring_system	epss
scoring_elements	0.72418
published_at	2026-04-04T12:55:00Z

value	0.00718
scoring_system	epss
scoring_elements	0.724
published_at	2026-04-02T12:55:00Z

value	0.00718
scoring_system	epss
scoring_elements	0.72434
published_at	2026-04-08T12:55:00Z

value	0.00718
scoring_system	epss
scoring_elements	0.72395
published_at	2026-04-07T12:55:00Z

value	0.00718
scoring_system	epss
scoring_elements	0.72446
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-42575

reference_url

https://docs.google.com/document/d/11SoX296sMS0XoQiQbpxc5pNxSdbJKDJkm5BDv0zrX50

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://docs.google.com/document/d/11SoX296sMS0XoQiQbpxc5pNxSdbJKDJkm5BDv0zrX50

reference_url	https://docs.google.com/document/d/11SoX296sMS0XoQiQbpxc5pNxSdbJKDJkm5BDv0zrX50/
reference_id
reference_type
scores
url	https://docs.google.com/document/d/11SoX296sMS0XoQiQbpxc5pNxSdbJKDJkm5BDv0zrX50/

reference_url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_url

https://www.oracle.com/security-alerts/cpujul2022.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujul2022.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2027195
reference_id	2027195
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2027195

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-42575

reference_id

CVE-2021-42575

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-42575

reference_url

https://github.com/advisories/GHSA-3w73-fmf3-hg5c

reference_id

GHSA-3w73-fmf3-hg5c

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-3w73-fmf3-hg5c

reference_url	https://access.redhat.com/errata/RHSA-2022:7409
reference_id	RHSA-2022:7409
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7409

reference_url	https://access.redhat.com/errata/RHSA-2022:7410
reference_id	RHSA-2022:7410
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7410

reference_url	https://access.redhat.com/errata/RHSA-2022:7411
reference_id	RHSA-2022:7411
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7411

reference_url	https://access.redhat.com/errata/RHSA-2022:7417
reference_id	RHSA-2022:7417
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7417

Weaknesses

cwe_id	20
name	Improper Input Validation
description	The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

Exploits

Severity_range_score 9.0 - 10.0

Exploitability 0.5

Weighted_severity 9.0

Risk_score 4.5

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5tzs-qhg5-rbbe

Vulnerability Instance