Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-nnhm-vcmu-gkd7
Summary
Denial of service in Apache Xerces2
Apache Xerces2 Java Parser before 2.12.0 allows remote attackers to cause a denial of service (CPU consumption) via a crafted message to an XML service, which triggers hash table collisions.
Aliases
0
alias CVE-2012-0881
1
alias GHSA-vmqm-g3vh-847m
Fixed_packages
0
url pkg:maven/xerces/xercesImpl@2.12.0
purl pkg:maven/xerces/xercesImpl@2.12.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-c2s2-wsy6-sufn
1
vulnerability VCID-c3c2-b2bc-6bdh
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/xerces/xercesImpl@2.12.0
Affected_packages
0
url pkg:maven/xerces/xercesImpl@2.0.0
purl pkg:maven/xerces/xercesImpl@2.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2gpd-vwgb-67cn
1
vulnerability VCID-a6wc-3mp6-63ek
2
vulnerability VCID-c2s2-wsy6-sufn
3
vulnerability VCID-c3c2-b2bc-6bdh
4
vulnerability VCID-nnhm-vcmu-gkd7
5
vulnerability VCID-qfw9-f3rm-kfah
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/xerces/xercesImpl@2.0.0
1
url pkg:maven/xerces/xercesImpl@2.0.2
purl pkg:maven/xerces/xercesImpl@2.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2gpd-vwgb-67cn
1
vulnerability VCID-a6wc-3mp6-63ek
2
vulnerability VCID-c2s2-wsy6-sufn
3
vulnerability VCID-c3c2-b2bc-6bdh
4
vulnerability VCID-nnhm-vcmu-gkd7
5
vulnerability VCID-qfw9-f3rm-kfah
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/xerces/xercesImpl@2.0.2
2
url pkg:maven/xerces/xercesImpl@2.2.1
purl pkg:maven/xerces/xercesImpl@2.2.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2gpd-vwgb-67cn
1
vulnerability VCID-a6wc-3mp6-63ek
2
vulnerability VCID-c2s2-wsy6-sufn
3
vulnerability VCID-c3c2-b2bc-6bdh
4
vulnerability VCID-nnhm-vcmu-gkd7
5
vulnerability VCID-qfw9-f3rm-kfah
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/xerces/xercesImpl@2.2.1
3
url pkg:maven/xerces/xercesImpl@2.3.0
purl pkg:maven/xerces/xercesImpl@2.3.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2gpd-vwgb-67cn
1
vulnerability VCID-a6wc-3mp6-63ek
2
vulnerability VCID-c2s2-wsy6-sufn
3
vulnerability VCID-c3c2-b2bc-6bdh
4
vulnerability VCID-nnhm-vcmu-gkd7
5
vulnerability VCID-qfw9-f3rm-kfah
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/xerces/xercesImpl@2.3.0
4
url pkg:maven/xerces/xercesImpl@2.4.0
purl pkg:maven/xerces/xercesImpl@2.4.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2gpd-vwgb-67cn
1
vulnerability VCID-a6wc-3mp6-63ek
2
vulnerability VCID-c2s2-wsy6-sufn
3
vulnerability VCID-c3c2-b2bc-6bdh
4
vulnerability VCID-nnhm-vcmu-gkd7
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/xerces/xercesImpl@2.4.0
5
url pkg:maven/xerces/xercesImpl@2.5.0
purl pkg:maven/xerces/xercesImpl@2.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2gpd-vwgb-67cn
1
vulnerability VCID-a6wc-3mp6-63ek
2
vulnerability VCID-c2s2-wsy6-sufn
3
vulnerability VCID-c3c2-b2bc-6bdh
4
vulnerability VCID-nnhm-vcmu-gkd7
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/xerces/xercesImpl@2.5.0
6
url pkg:maven/xerces/xercesImpl@2.6.0
purl pkg:maven/xerces/xercesImpl@2.6.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2gpd-vwgb-67cn
1
vulnerability VCID-a6wc-3mp6-63ek
2
vulnerability VCID-c2s2-wsy6-sufn
3
vulnerability VCID-c3c2-b2bc-6bdh
4
vulnerability VCID-nnhm-vcmu-gkd7
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/xerces/xercesImpl@2.6.0
7
url pkg:maven/xerces/xercesImpl@2.6.1
purl pkg:maven/xerces/xercesImpl@2.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2gpd-vwgb-67cn
1
vulnerability VCID-a6wc-3mp6-63ek
2
vulnerability VCID-c2s2-wsy6-sufn
3
vulnerability VCID-c3c2-b2bc-6bdh
4
vulnerability VCID-nnhm-vcmu-gkd7
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/xerces/xercesImpl@2.6.1
8
url pkg:maven/xerces/xercesImpl@2.6.2
purl pkg:maven/xerces/xercesImpl@2.6.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2gpd-vwgb-67cn
1
vulnerability VCID-a6wc-3mp6-63ek
2
vulnerability VCID-c2s2-wsy6-sufn
3
vulnerability VCID-c3c2-b2bc-6bdh
4
vulnerability VCID-nnhm-vcmu-gkd7
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/xerces/xercesImpl@2.6.2
9
url pkg:maven/xerces/xercesImpl@2.6.2-jaxb-1.0.6
purl pkg:maven/xerces/xercesImpl@2.6.2-jaxb-1.0.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2gpd-vwgb-67cn
1
vulnerability VCID-a6wc-3mp6-63ek
2
vulnerability VCID-c2s2-wsy6-sufn
3
vulnerability VCID-c3c2-b2bc-6bdh
4
vulnerability VCID-nnhm-vcmu-gkd7
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/xerces/xercesImpl@2.6.2-jaxb-1.0.6
10
url pkg:maven/xerces/xercesImpl@2.7.1
purl pkg:maven/xerces/xercesImpl@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2gpd-vwgb-67cn
1
vulnerability VCID-a6wc-3mp6-63ek
2
vulnerability VCID-c2s2-wsy6-sufn
3
vulnerability VCID-c3c2-b2bc-6bdh
4
vulnerability VCID-nnhm-vcmu-gkd7
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/xerces/xercesImpl@2.7.1
11
url pkg:maven/xerces/xercesImpl@2.8.0
purl pkg:maven/xerces/xercesImpl@2.8.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2gpd-vwgb-67cn
1
vulnerability VCID-a6wc-3mp6-63ek
2
vulnerability VCID-c2s2-wsy6-sufn
3
vulnerability VCID-c3c2-b2bc-6bdh
4
vulnerability VCID-nnhm-vcmu-gkd7
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/xerces/xercesImpl@2.8.0
12
url pkg:maven/xerces/xercesImpl@2.8.1
purl pkg:maven/xerces/xercesImpl@2.8.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2gpd-vwgb-67cn
1
vulnerability VCID-a6wc-3mp6-63ek
2
vulnerability VCID-c2s2-wsy6-sufn
3
vulnerability VCID-c3c2-b2bc-6bdh
4
vulnerability VCID-nnhm-vcmu-gkd7
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/xerces/xercesImpl@2.8.1
13
url pkg:maven/xerces/xercesImpl@2.9.0
purl pkg:maven/xerces/xercesImpl@2.9.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2gpd-vwgb-67cn
1
vulnerability VCID-a6wc-3mp6-63ek
2
vulnerability VCID-c2s2-wsy6-sufn
3
vulnerability VCID-c3c2-b2bc-6bdh
4
vulnerability VCID-nnhm-vcmu-gkd7
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/xerces/xercesImpl@2.9.0
14
url pkg:maven/xerces/xercesImpl@2.9.1
purl pkg:maven/xerces/xercesImpl@2.9.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2gpd-vwgb-67cn
1
vulnerability VCID-a6wc-3mp6-63ek
2
vulnerability VCID-c2s2-wsy6-sufn
3
vulnerability VCID-c3c2-b2bc-6bdh
4
vulnerability VCID-nnhm-vcmu-gkd7
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/xerces/xercesImpl@2.9.1
15
url pkg:maven/xerces/xercesImpl@2.10.0
purl pkg:maven/xerces/xercesImpl@2.10.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-a6wc-3mp6-63ek
1
vulnerability VCID-c2s2-wsy6-sufn
2
vulnerability VCID-c3c2-b2bc-6bdh
3
vulnerability VCID-nnhm-vcmu-gkd7
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/xerces/xercesImpl@2.10.0
16
url pkg:maven/xerces/xercesImpl@2.11.0
purl pkg:maven/xerces/xercesImpl@2.11.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-a6wc-3mp6-63ek
1
vulnerability VCID-c2s2-wsy6-sufn
2
vulnerability VCID-c3c2-b2bc-6bdh
3
vulnerability VCID-nnhm-vcmu-gkd7
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/xerces/xercesImpl@2.11.0
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0881.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0881.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-0881
reference_id
reference_type
scores
0
value 0.02102
scoring_system epss
scoring_elements 0.84028
published_at 2026-04-04T12:55:00Z
1
value 0.02102
scoring_system epss
scoring_elements 0.84088
published_at 2026-04-16T12:55:00Z
2
value 0.02102
scoring_system epss
scoring_elements 0.84065
published_at 2026-04-13T12:55:00Z
3
value 0.02102
scoring_system epss
scoring_elements 0.8407
published_at 2026-04-12T12:55:00Z
4
value 0.02102
scoring_system epss
scoring_elements 0.84077
published_at 2026-04-11T12:55:00Z
5
value 0.02102
scoring_system epss
scoring_elements 0.8406
published_at 2026-04-09T12:55:00Z
6
value 0.02102
scoring_system epss
scoring_elements 0.84011
published_at 2026-04-02T12:55:00Z
7
value 0.02102
scoring_system epss
scoring_elements 0.83997
published_at 2026-04-01T12:55:00Z
8
value 0.02102
scoring_system epss
scoring_elements 0.84054
published_at 2026-04-08T12:55:00Z
9
value 0.02102
scoring_system epss
scoring_elements 0.8403
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-0881
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=787104
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=787104
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0881
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0881
4
reference_url https://github.com/apache/xerces2-j/commit/992b5d9c24102ad20330d36c0a71162753a37449
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/xerces2-j/commit/992b5d9c24102ad20330d36c0a71162753a37449
5
reference_url https://issues.apache.org/jira/browse/XERCESJ-1685
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/XERCESJ-1685
6
reference_url https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73@%3Cj-users.xerces.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73@%3Cj-users.xerces.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73%40%3Cj-users.xerces.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73%40%3Cj-users.xerces.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/rea7b831dceeb2a2fa817be6f63b08722042e3647fb2d47c144370a56@%3Ccommon-issues.hadoop.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rea7b831dceeb2a2fa817be6f63b08722042e3647fb2d47c144370a56@%3Ccommon-issues.hadoop.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/rea7b831dceeb2a2fa817be6f63b08722042e3647fb2d47c144370a56%40%3Ccommon-issues.hadoop.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rea7b831dceeb2a2fa817be6f63b08722042e3647fb2d47c144370a56%40%3Ccommon-issues.hadoop.apache.org%3E
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-0881
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:C
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-0881
21
reference_url https://www.openwall.com/lists/oss-security/2014/07/08/11
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.openwall.com/lists/oss-security/2014/07/08/11
22
reference_url https://www.oracle.com//security-alerts/cpujul2021.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com//security-alerts/cpujul2021.html
23
reference_url http://www.openwall.com/lists/oss-security/2014/07/08/11
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2014/07/08/11
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:xerces2_java:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:xerces2_java:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:xerces2_java:*:*:*:*:*:*:*:*
25
reference_url https://github.com/advisories/GHSA-vmqm-g3vh-847m
reference_id GHSA-vmqm-g3vh-847m
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vmqm-g3vh-847m
Weaknesses
0
cwe_id 400
name Uncontrolled Resource Consumption
description The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.
1
cwe_id 407
name Inefficient Algorithmic Complexity
description An algorithm in a product has an inefficient worst-case computational complexity that may be detrimental to system performance and can be triggered by an attacker, typically using crafted manipulations that ensure that the worst case is being reached.
2
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
3
cwe_id 399
name Resource Management Errors
description Weaknesses in this category are related to improper management of system resources.
4
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
Exploits
Severity_range_score7.0 - 8.9
Exploitability0.5
Weighted_severity8.0
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-nnhm-vcmu-gkd7