Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-un8z-57ev-gbcj

Summary OpenJDK: segmentation fault in ciMethodBlocks

Aliases

alias	CVE-2022-40433

Fixed_packages

Affected_packages

url pkg:rpm/redhat/java-1.8.0-openjdk@1:1.8.0.392.b08-2?arch=el8_6

purl pkg:rpm/redhat/java-1.8.0-openjdk@1:1.8.0.392.b08-2?arch=el8_6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-a282-ksr4-j3cu

vulnerability	VCID-kh6a-4hzc-27bw

vulnerability	VCID-un8z-57ev-gbcj

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.8.0-openjdk@1:1.8.0.392.b08-2%3Farch=el8_6

url pkg:rpm/redhat/java-1.8.0-openjdk@1:1.8.0.392.b08-2?arch=el8_2

purl pkg:rpm/redhat/java-1.8.0-openjdk@1:1.8.0.392.b08-2?arch=el8_2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-a282-ksr4-j3cu

vulnerability	VCID-kh6a-4hzc-27bw

vulnerability	VCID-un8z-57ev-gbcj

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.8.0-openjdk@1:1.8.0.392.b08-2%3Farch=el8_2

url pkg:rpm/redhat/java-1.8.0-openjdk@1:1.8.0.392.b08-2?arch=el9_0

purl pkg:rpm/redhat/java-1.8.0-openjdk@1:1.8.0.392.b08-2?arch=el9_0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-a282-ksr4-j3cu

vulnerability	VCID-kh6a-4hzc-27bw

vulnerability	VCID-un8z-57ev-gbcj

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.8.0-openjdk@1:1.8.0.392.b08-2%3Farch=el9_0

url pkg:rpm/redhat/java-1.8.0-openjdk@1:1.8.0.392.b08-2?arch=el8_4

purl pkg:rpm/redhat/java-1.8.0-openjdk@1:1.8.0.392.b08-2?arch=el8_4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-a282-ksr4-j3cu

vulnerability	VCID-kh6a-4hzc-27bw

vulnerability	VCID-un8z-57ev-gbcj

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.8.0-openjdk@1:1.8.0.392.b08-2%3Farch=el8_4

url pkg:rpm/redhat/java-1.8.0-openjdk@1:1.8.0.392.b08-2?arch=el8_1

purl pkg:rpm/redhat/java-1.8.0-openjdk@1:1.8.0.392.b08-2?arch=el8_1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-a282-ksr4-j3cu

vulnerability	VCID-kh6a-4hzc-27bw

vulnerability	VCID-un8z-57ev-gbcj

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.8.0-openjdk@1:1.8.0.392.b08-2%3Farch=el8_1

url pkg:rpm/redhat/java-1.8.0-openjdk@1:1.8.0.392.b08-3?arch=el9

purl pkg:rpm/redhat/java-1.8.0-openjdk@1:1.8.0.392.b08-3?arch=el9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-a282-ksr4-j3cu

vulnerability	VCID-kh6a-4hzc-27bw

vulnerability	VCID-un8z-57ev-gbcj

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.8.0-openjdk@1:1.8.0.392.b08-3%3Farch=el9

url pkg:rpm/redhat/java-1.8.0-openjdk@1:1.8.0.392.b08-4?arch=el8

purl pkg:rpm/redhat/java-1.8.0-openjdk@1:1.8.0.392.b08-4?arch=el8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-a282-ksr4-j3cu

vulnerability	VCID-kh6a-4hzc-27bw

vulnerability	VCID-un8z-57ev-gbcj

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.8.0-openjdk@1:1.8.0.392.b08-4%3Farch=el8

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40433.json

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40433.json

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2237709
reference_id	2237709
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2237709

reference_url	https://access.redhat.com/errata/RHSA-2023:5725
reference_id	RHSA-2023:5725
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5725

reference_url	https://access.redhat.com/errata/RHSA-2023:5727
reference_id	RHSA-2023:5727
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5727

reference_url	https://access.redhat.com/errata/RHSA-2023:5728
reference_id	RHSA-2023:5728
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5728

reference_url	https://access.redhat.com/errata/RHSA-2023:5729
reference_id	RHSA-2023:5729
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5729

reference_url	https://access.redhat.com/errata/RHSA-2023:5730
reference_id	RHSA-2023:5730
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5730

reference_url	https://access.redhat.com/errata/RHSA-2023:5731
reference_id	RHSA-2023:5731
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5731

reference_url	https://access.redhat.com/errata/RHSA-2023:5732
reference_id	RHSA-2023:5732
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5732

reference_url	https://access.redhat.com/errata/RHSA-2023:5733
reference_id	RHSA-2023:5733
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5733

reference_url	https://usn.ubuntu.com/6528-1/
reference_id	USN-6528-1
reference_type
scores
url	https://usn.ubuntu.com/6528-1/

Weaknesses

cwe_id	400
name	Uncontrolled Resource Consumption
description	The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

Exploits

Severity_range_score 4.9 - 7.5

Exploitability 0.5

Weighted_severity 4.4

Risk_score 2.2

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-un8z-57ev-gbcj

Vulnerability Instance