Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/54191?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54191?format=api", "vulnerability_id": "VCID-d3yv-dzar-s3f6", "summary": "Uncontrolled Resource Consumption\nIf was found that the NetTest web service can be used to overload the bandwidth of a Apache OpenMeetings server.", "aliases": [ { "alias": "CVE-2021-27576" }, { "alias": "GHSA-px9f-597f-wmcf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/527041?format=api", "purl": "pkg:maven/org.apache.openmeetings/openmeetings-parent@6.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3xum-p9mm-kbc3" }, { "vulnerability": "VCID-556q-4wch-sfde" }, { "vulnerability": "VCID-6fca-mmbn-k7b7" }, { "vulnerability": "VCID-vbkk-qkme-uyh9" }, { "vulnerability": "VCID-vfk3-wtbw-kuf9" }, { "vulnerability": "VCID-vm9c-dvcd-3khf" }, { "vulnerability": "VCID-xsja-94mz-hqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.openmeetings/openmeetings-parent@6.2.0" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60579?format=api", "purl": "pkg:maven/org.apache.openmeetings/openmeetings-parent@4.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3xum-p9mm-kbc3" }, { "vulnerability": "VCID-556q-4wch-sfde" }, { "vulnerability": "VCID-6fca-mmbn-k7b7" }, { "vulnerability": "VCID-7cjy-cp47-gfdj" }, { "vulnerability": "VCID-bpy2-2bjy-tyhp" }, { "vulnerability": "VCID-d3yv-dzar-s3f6" }, { "vulnerability": "VCID-vfk3-wtbw-kuf9" }, { "vulnerability": "VCID-vm9c-dvcd-3khf" }, { "vulnerability": "VCID-xsja-94mz-hqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.openmeetings/openmeetings-parent@4.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/55104?format=api", "purl": "pkg:maven/org.apache.openmeetings/openmeetings-parent@4.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3xum-p9mm-kbc3" }, { "vulnerability": "VCID-556q-4wch-sfde" }, { "vulnerability": "VCID-6fca-mmbn-k7b7" }, { "vulnerability": "VCID-7cjy-cp47-gfdj" }, { "vulnerability": "VCID-bpy2-2bjy-tyhp" }, { "vulnerability": "VCID-d3yv-dzar-s3f6" }, { "vulnerability": "VCID-vfk3-wtbw-kuf9" }, { "vulnerability": "VCID-vm9c-dvcd-3khf" }, { "vulnerability": "VCID-xsja-94mz-hqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.openmeetings/openmeetings-parent@4.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/55105?format=api", "purl": "pkg:maven/org.apache.openmeetings/openmeetings-parent@4.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3xum-p9mm-kbc3" }, { "vulnerability": "VCID-556q-4wch-sfde" }, { "vulnerability": "VCID-6fca-mmbn-k7b7" }, { "vulnerability": "VCID-bpy2-2bjy-tyhp" }, { "vulnerability": "VCID-d3yv-dzar-s3f6" }, { "vulnerability": "VCID-vfk3-wtbw-kuf9" }, { "vulnerability": "VCID-vm9c-dvcd-3khf" }, { "vulnerability": "VCID-xsja-94mz-hqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.openmeetings/openmeetings-parent@4.0.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/527029?format=api", "purl": "pkg:maven/org.apache.openmeetings/openmeetings-parent@4.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3xum-p9mm-kbc3" }, { "vulnerability": "VCID-556q-4wch-sfde" }, { "vulnerability": "VCID-6fca-mmbn-k7b7" }, { "vulnerability": "VCID-bpy2-2bjy-tyhp" }, { "vulnerability": "VCID-d3yv-dzar-s3f6" }, { "vulnerability": "VCID-vfk3-wtbw-kuf9" }, { "vulnerability": "VCID-vm9c-dvcd-3khf" }, { "vulnerability": "VCID-xsja-94mz-hqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.openmeetings/openmeetings-parent@4.0.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/527030?format=api", "purl": "pkg:maven/org.apache.openmeetings/openmeetings-parent@4.0.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3xum-p9mm-kbc3" }, { "vulnerability": "VCID-556q-4wch-sfde" }, { "vulnerability": "VCID-6fca-mmbn-k7b7" }, { "vulnerability": "VCID-bpy2-2bjy-tyhp" }, { "vulnerability": "VCID-d3yv-dzar-s3f6" }, { "vulnerability": "VCID-vfk3-wtbw-kuf9" }, { "vulnerability": "VCID-vm9c-dvcd-3khf" }, { "vulnerability": "VCID-xsja-94mz-hqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.openmeetings/openmeetings-parent@4.0.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/527031?format=api", "purl": "pkg:maven/org.apache.openmeetings/openmeetings-parent@4.0.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3xum-p9mm-kbc3" }, { "vulnerability": "VCID-556q-4wch-sfde" }, { "vulnerability": "VCID-6fca-mmbn-k7b7" }, { "vulnerability": "VCID-bpy2-2bjy-tyhp" }, { "vulnerability": "VCID-d3yv-dzar-s3f6" }, { "vulnerability": "VCID-vfk3-wtbw-kuf9" }, { "vulnerability": "VCID-vm9c-dvcd-3khf" }, { "vulnerability": "VCID-xsja-94mz-hqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.openmeetings/openmeetings-parent@4.0.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/527032?format=api", "purl": "pkg:maven/org.apache.openmeetings/openmeetings-parent@4.0.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3xum-p9mm-kbc3" }, { "vulnerability": "VCID-556q-4wch-sfde" }, { "vulnerability": "VCID-6fca-mmbn-k7b7" }, { "vulnerability": "VCID-bpy2-2bjy-tyhp" }, { "vulnerability": "VCID-d3yv-dzar-s3f6" }, { "vulnerability": "VCID-vfk3-wtbw-kuf9" }, { "vulnerability": "VCID-vm9c-dvcd-3khf" }, { "vulnerability": "VCID-xsja-94mz-hqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.openmeetings/openmeetings-parent@4.0.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/527033?format=api", "purl": "pkg:maven/org.apache.openmeetings/openmeetings-parent@4.0.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3xum-p9mm-kbc3" }, { "vulnerability": "VCID-556q-4wch-sfde" }, { "vulnerability": "VCID-6fca-mmbn-k7b7" }, { "vulnerability": "VCID-bpy2-2bjy-tyhp" }, { "vulnerability": "VCID-d3yv-dzar-s3f6" }, { "vulnerability": "VCID-vfk3-wtbw-kuf9" }, { "vulnerability": "VCID-vm9c-dvcd-3khf" }, { "vulnerability": "VCID-xsja-94mz-hqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.openmeetings/openmeetings-parent@4.0.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/527034?format=api", "purl": "pkg:maven/org.apache.openmeetings/openmeetings-parent@4.0.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3xum-p9mm-kbc3" }, { "vulnerability": "VCID-556q-4wch-sfde" }, { "vulnerability": "VCID-6fca-mmbn-k7b7" }, { "vulnerability": "VCID-bpy2-2bjy-tyhp" }, { "vulnerability": "VCID-d3yv-dzar-s3f6" }, { "vulnerability": "VCID-vfk3-wtbw-kuf9" }, { "vulnerability": "VCID-vm9c-dvcd-3khf" }, { "vulnerability": "VCID-xsja-94mz-hqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.openmeetings/openmeetings-parent@4.0.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/527035?format=api", "purl": "pkg:maven/org.apache.openmeetings/openmeetings-parent@4.0.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3xum-p9mm-kbc3" }, { "vulnerability": "VCID-556q-4wch-sfde" }, { "vulnerability": "VCID-6fca-mmbn-k7b7" }, { "vulnerability": "VCID-bpy2-2bjy-tyhp" }, { "vulnerability": "VCID-d3yv-dzar-s3f6" }, { "vulnerability": "VCID-vfk3-wtbw-kuf9" }, { "vulnerability": "VCID-vm9c-dvcd-3khf" }, { "vulnerability": "VCID-xsja-94mz-hqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.openmeetings/openmeetings-parent@4.0.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/527036?format=api", "purl": "pkg:maven/org.apache.openmeetings/openmeetings-parent@5.0.0-M1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3xum-p9mm-kbc3" }, { "vulnerability": "VCID-556q-4wch-sfde" }, { "vulnerability": "VCID-6fca-mmbn-k7b7" }, { "vulnerability": "VCID-bpy2-2bjy-tyhp" }, { "vulnerability": "VCID-d3yv-dzar-s3f6" }, { "vulnerability": "VCID-vfk3-wtbw-kuf9" }, { "vulnerability": "VCID-vm9c-dvcd-3khf" }, { "vulnerability": "VCID-xsja-94mz-hqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.openmeetings/openmeetings-parent@5.0.0-M1" }, { "url": "http://public2.vulnerablecode.io/api/packages/527037?format=api", "purl": "pkg:maven/org.apache.openmeetings/openmeetings-parent@5.0.0-M2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3xum-p9mm-kbc3" }, { "vulnerability": "VCID-556q-4wch-sfde" }, { "vulnerability": "VCID-6fca-mmbn-k7b7" }, { "vulnerability": "VCID-bpy2-2bjy-tyhp" }, { "vulnerability": "VCID-d3yv-dzar-s3f6" }, { "vulnerability": "VCID-vfk3-wtbw-kuf9" }, { "vulnerability": "VCID-vm9c-dvcd-3khf" }, { "vulnerability": "VCID-xsja-94mz-hqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.openmeetings/openmeetings-parent@5.0.0-M2" }, { "url": "http://public2.vulnerablecode.io/api/packages/527038?format=api", "purl": "pkg:maven/org.apache.openmeetings/openmeetings-parent@5.0.0-M3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3xum-p9mm-kbc3" }, { "vulnerability": "VCID-556q-4wch-sfde" }, { "vulnerability": "VCID-6fca-mmbn-k7b7" }, { "vulnerability": "VCID-bpy2-2bjy-tyhp" }, { "vulnerability": "VCID-d3yv-dzar-s3f6" }, { "vulnerability": "VCID-vfk3-wtbw-kuf9" }, { "vulnerability": "VCID-vm9c-dvcd-3khf" }, { "vulnerability": "VCID-xsja-94mz-hqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.openmeetings/openmeetings-parent@5.0.0-M3" }, { "url": "http://public2.vulnerablecode.io/api/packages/527039?format=api", "purl": "pkg:maven/org.apache.openmeetings/openmeetings-parent@5.0.0-M4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3xum-p9mm-kbc3" }, { "vulnerability": "VCID-556q-4wch-sfde" }, { "vulnerability": "VCID-6fca-mmbn-k7b7" }, { "vulnerability": "VCID-bpy2-2bjy-tyhp" }, { "vulnerability": "VCID-d3yv-dzar-s3f6" }, { "vulnerability": "VCID-vfk3-wtbw-kuf9" }, { "vulnerability": "VCID-vm9c-dvcd-3khf" }, { "vulnerability": "VCID-xsja-94mz-hqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.openmeetings/openmeetings-parent@5.0.0-M4" }, { "url": "http://public2.vulnerablecode.io/api/packages/527040?format=api", "purl": "pkg:maven/org.apache.openmeetings/openmeetings-parent@5.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3xum-p9mm-kbc3" }, { "vulnerability": "VCID-556q-4wch-sfde" }, { "vulnerability": "VCID-6fca-mmbn-k7b7" }, { "vulnerability": "VCID-bpy2-2bjy-tyhp" }, { "vulnerability": "VCID-d3yv-dzar-s3f6" }, { "vulnerability": "VCID-vfk3-wtbw-kuf9" }, { "vulnerability": "VCID-vm9c-dvcd-3khf" }, { "vulnerability": "VCID-xsja-94mz-hqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.openmeetings/openmeetings-parent@5.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/60580?format=api", "purl": "pkg:maven/org.apache.openmeetings/openmeetings-parent@5.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3xum-p9mm-kbc3" }, { "vulnerability": "VCID-556q-4wch-sfde" }, { "vulnerability": "VCID-6fca-mmbn-k7b7" }, { "vulnerability": "VCID-d3yv-dzar-s3f6" }, { "vulnerability": "VCID-vfk3-wtbw-kuf9" }, { "vulnerability": "VCID-vm9c-dvcd-3khf" }, { "vulnerability": "VCID-xsja-94mz-hqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.openmeetings/openmeetings-parent@5.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/78818?format=api", "purl": "pkg:maven/org.apache.openmeetings/openmeetings-server@4.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bpy2-2bjy-tyhp" }, { "vulnerability": "VCID-d3yv-dzar-s3f6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.openmeetings/openmeetings-server@4.0.0" } ], "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-27576", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04499", "scoring_system": "epss", "scoring_elements": "0.89314", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.04499", "scoring_system": "epss", "scoring_elements": "0.89334", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.04499", "scoring_system": "epss", "scoring_elements": "0.89332", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-27576" }, { "reference_url": "https://github.com/apache/openmeetings/commit/060a3114ad759931aeb42cd9afa9d1ebb39d3075", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/openmeetings/commit/060a3114ad759931aeb42cd9afa9d1ebb39d3075" }, { "reference_url": "https://github.com/apache/openmeetings/commit/afe26c950b127776f2dfe920abff41a584874de8", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/openmeetings/commit/afe26c950b127776f2dfe920abff41a584874de8" }, { "reference_url": "https://github.com/apache/openmeetings/commit/cbdfd2f9731a8fe3daa9b4adf5da4a063fde161d", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/openmeetings/commit/cbdfd2f9731a8fe3daa9b4adf5da4a063fde161d" }, { "reference_url": "https://issues.apache.org/jira/browse/OPENMEETINGS-2551", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://issues.apache.org/jira/browse/OPENMEETINGS-2551" }, { "reference_url": "https://lists.apache.org/thread.html/r9bb615bd70a0197368f5f3ffc887162686caeb0b5fc30592a7a871e9%40%3Cuser.openmeetings.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r9bb615bd70a0197368f5f3ffc887162686caeb0b5fc30592a7a871e9%40%3Cuser.openmeetings.apache.org%3E" }, { "reference_url": "https://openmeetings.apache.org/security.html#cve-2021-27576---apache-openmeetings-bandwidth-can", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://openmeetings.apache.org/security.html#cve-2021-27576---apache-openmeetings-bandwidth-can" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-27576", "reference_id": "CVE-2021-27576", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-27576" }, { "reference_url": "https://github.com/advisories/GHSA-px9f-597f-wmcf", "reference_id": "GHSA-px9f-597f-wmcf", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-px9f-597f-wmcf" } ], "weaknesses": [ { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 400, "name": "Uncontrolled Resource Consumption", "description": "The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources." } ], "exploits": [], "severity_range_score": "7.0 - 8.9", "exploitability": "0.5", "weighted_severity": "8.0", "risk_score": 4.0, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d3yv-dzar-s3f6" }