Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-8j88-zqx2-53hr

Summary

Uncontrolled Resource Consumption
A vulnerability in the JsonMapObjectReaderWriter of Apache CXF allows an attacker to submit malformed JSON to a web service, which results in the thread getting stuck in an infinite loop, consuming CPU indefinitely. This issue affects Apache CXF versions prior to 3.4.4; Apache CXF versions prior to 3.3.11.

Aliases

alias	CVE-2021-30468

alias	GHSA-g23v-p5jq-jvh4

Fixed_packages

url	pkg:maven/org.apache.cxf/apache-cxf@3.3.11
purl	pkg:maven/org.apache.cxf/apache-cxf@3.3.11
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/apache-cxf@3.3.11

url	pkg:maven/org.apache.cxf/apache-cxf@3.4.4
purl	pkg:maven/org.apache.cxf/apache-cxf@3.4.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/apache-cxf@3.4.4

url pkg:maven/org.apache.cxf/cxf@3.3.11

purl pkg:maven/org.apache.cxf/cxf@3.3.11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-xzs8-rbhd-mkbp

vulnerability	VCID-y8up-mkx2-abcn

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf@3.3.11

url pkg:maven/org.apache.cxf/cxf@3.4.4

purl pkg:maven/org.apache.cxf/cxf@3.4.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46y3-rx34-pyc6

vulnerability	VCID-xzs8-rbhd-mkbp

vulnerability	VCID-y8up-mkx2-abcn

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf@3.4.4

url	pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.3.11
purl	pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.3.11
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.3.11

url	pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.4.4
purl	pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.4.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.4.4

Affected_packages

url pkg:maven/org.apache.cxf/apache-cxf@3.4.0

purl pkg:maven/org.apache.cxf/apache-cxf@3.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

vulnerability	VCID-darq-bg13-x3fd

vulnerability	VCID-x3q1-vymh-jkew

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/apache-cxf@3.4.0

url pkg:maven/org.apache.cxf/cxf@3.4.0

purl pkg:maven/org.apache.cxf/cxf@3.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

vulnerability	VCID-darq-bg13-x3fd

vulnerability	VCID-x3q1-vymh-jkew

vulnerability	VCID-xzs8-rbhd-mkbp

vulnerability	VCID-y8up-mkx2-abcn

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf@3.4.0

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.0.7

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.0.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.0.7

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.0.8

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.0.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.0.8

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.0.9

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.0.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.0.9

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.0.10

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.0.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.0.10

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.0.11

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.0.11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.0.11

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.0.12

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.0.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.0.12

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.0.13

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.0.13

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.0.13

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.0.14

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.0.14

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.0.14

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.0.15

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.0.15

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.0.15

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.0.16

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.0.16

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.0.16

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.4

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.4

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.5

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.5

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.6

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.6

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.7

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.7

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.8

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.8

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.9

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.9

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.10

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.10

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.11

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.11

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.12

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.12

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.13

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.13

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.13

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.14

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.14

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.14

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.15

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.15

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.15

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.16

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.16

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.16

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.17

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.17

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.17

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.18

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.18

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.1.18

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.0

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.0

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.1

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.1

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.2

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.2

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.3

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.3

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.4

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.4

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.5

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.5

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.6

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.6

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.7

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.7

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.8

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.8

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.9

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.9

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.10

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.10

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.11

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.11

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.12

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.12

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.13

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.13

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.13

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.14

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.14

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.2.14

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.3.0

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.3.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.3.0

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.3.1

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.3.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.3.1

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.3.2

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.3.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.3.2

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.3.3

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.3.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.3.3

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.3.4

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.3.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.3.4

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.3.5

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.3.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.3.5

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.3.6

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.3.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.3.6

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.3.7

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.3.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.3.7

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.3.8

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.3.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.3.8

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.3.9

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.3.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.3.9

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.3.10

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.3.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.3.10

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.4.0

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.4.0

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.4.1

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.4.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.4.1

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.4.2

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.4.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.4.2

url pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.4.3

purl pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.4.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8j88-zqx2-53hr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.4.3

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30468.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30468.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-30468

reference_id

reference_type

scores

value	0.01898
scoring_system	epss
scoring_elements	0.83224
published_at	2026-04-13T12:55:00Z

value	0.01898
scoring_system	epss
scoring_elements	0.83228
published_at	2026-04-12T12:55:00Z

value	0.01898
scoring_system	epss
scoring_elements	0.83234
published_at	2026-04-11T12:55:00Z

value	0.01898
scoring_system	epss
scoring_elements	0.83158
published_at	2026-04-01T12:55:00Z

value	0.01898
scoring_system	epss
scoring_elements	0.83175
published_at	2026-04-02T12:55:00Z

value	0.01898
scoring_system	epss
scoring_elements	0.83188
published_at	2026-04-04T12:55:00Z

value	0.01898
scoring_system	epss
scoring_elements	0.83187
published_at	2026-04-07T12:55:00Z

value	0.01898
scoring_system	epss
scoring_elements	0.83218
published_at	2026-04-09T12:55:00Z

value	0.01898
scoring_system	epss
scoring_elements	0.83211
published_at	2026-04-08T12:55:00Z

value	0.01898
scoring_system	epss
scoring_elements	0.83262
published_at	2026-04-18T12:55:00Z

value	0.01898
scoring_system	epss
scoring_elements	0.83261
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-30468

reference_url

https://lists.apache.org/thread.html/r3f46ae38e4a6e80c069cdb320e0ce831b0a21a12ef0cc92c0943f34a@%3Ccommits.tomee.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r3f46ae38e4a6e80c069cdb320e0ce831b0a21a12ef0cc92c0943f34a@%3Ccommits.tomee.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r4771084730c4cf6e59eda60b4407122c86f174eb750b24f610ba9ff4@%3Ccommits.tomee.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r4771084730c4cf6e59eda60b4407122c86f174eb750b24f610ba9ff4@%3Ccommits.tomee.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r4a4b6bc0520b69c18d2a59daa6af84ae49f0c22164dccb8538794459@%3Cannounce.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r4a4b6bc0520b69c18d2a59daa6af84ae49f0c22164dccb8538794459@%3Cannounce.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r4a4b6bc0520b69c18d2a59daa6af84ae49f0c22164dccb8538794459@%3Cdev.cxf.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r4a4b6bc0520b69c18d2a59daa6af84ae49f0c22164dccb8538794459@%3Cdev.cxf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r4a4b6bc0520b69c18d2a59daa6af84ae49f0c22164dccb8538794459@%3Cusers.cxf.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r4a4b6bc0520b69c18d2a59daa6af84ae49f0c22164dccb8538794459@%3Cusers.cxf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r54c0f1cbbb9f381dfbedb9ea5e90ecb1c0a15371f40c4b10322ac737@%3Ccommits.tomee.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r54c0f1cbbb9f381dfbedb9ea5e90ecb1c0a15371f40c4b10322ac737@%3Ccommits.tomee.apache.org%3E

reference_url

https://lists.apache.org/thread.html/ra833f78b3fa577cb43558cf343859a1bf70b1c5ce2353b3877d96422@%3Ccommits.tomee.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/ra833f78b3fa577cb43558cf343859a1bf70b1c5ce2353b3877d96422@%3Ccommits.tomee.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rac07822057521dccf33ab5d136e0e8c599a6e2c8ac75e44ffbdc6e07@%3Ccommits.tomee.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rac07822057521dccf33ab5d136e0e8c599a6e2c8ac75e44ffbdc6e07@%3Ccommits.tomee.apache.org%3E

reference_url

https://lists.apache.org/thread.html/re5b2a2b77faa22684d47bd2ac6623135c615565328ff40a1ec705448@%3Ccommits.tomee.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/re5b2a2b77faa22684d47bd2ac6623135c615565328ff40a1ec705448@%3Ccommits.tomee.apache.org%3E

reference_url

https://lists.apache.org/thread.html/re9e05c6cab5f0dcc827eba4e6fcf26fa0b493e7ca84d62c867a80d03@%3Ccommits.tomee.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/re9e05c6cab5f0dcc827eba4e6fcf26fa0b493e7ca84d62c867a80d03@%3Ccommits.tomee.apache.org%3E

reference_url

https://security.netapp.com/advisory/ntap-20210917-0002

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20210917-0002

reference_url	https://security.netapp.com/advisory/ntap-20210917-0002/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20210917-0002/

reference_url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_url

http://www.openwall.com/lists/oss-security/2021/06/16/2

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2021/06/16/2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1973392
reference_id	1973392
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1973392

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-30468

reference_id

CVE-2021-30468

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-30468

reference_url

http://cxf.apache.org/security-advisories.data/CVE-2021-30468.txt.asc

reference_id

CVE-2021-30468.TXT.ASC

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://cxf.apache.org/security-advisories.data/CVE-2021-30468.txt.asc

reference_url

https://github.com/advisories/GHSA-g23v-p5jq-jvh4

reference_id

GHSA-g23v-p5jq-jvh4

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-g23v-p5jq-jvh4

reference_url	https://access.redhat.com/errata/RHSA-2021:3205
reference_id	RHSA-2021:3205
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3205

reference_url	https://access.redhat.com/errata/RHSA-2021:5134
reference_id	RHSA-2021:5134
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5134

reference_url	https://access.redhat.com/errata/RHSA-2022:7273
reference_id	RHSA-2022:7273
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7273

Weaknesses

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

cwe_id	400
name	Uncontrolled Resource Consumption
description	The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

cwe_id	835
name	Loop with Unreachable Exit Condition ('Infinite Loop')
description	The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

Exploits

Severity_range_score 7.0 - 8.9

Exploitability 0.5

Weighted_severity 8.0

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8j88-zqx2-53hr

Vulnerability Instance