Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-83wv-cnn4-a7he

Summary JDK: buffer overflow in jio_snprintf() and jio_vsnprintf()

Aliases

alias	CVE-2018-12547

Fixed_packages

Affected_packages

url pkg:rpm/redhat/java-1.7.1-ibm@1:1.7.1.4.40-1jpp.1?arch=el6_10

purl pkg:rpm/redhat/java-1.7.1-ibm@1:1.7.1.4.40-1jpp.1?arch=el6_10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2eke-m7j3-1qc5

vulnerability	VCID-7g71-5e73-wbdm

vulnerability	VCID-83wv-cnn4-a7he

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.7.1-ibm@1:1.7.1.4.40-1jpp.1%3Farch=el6_10

url pkg:rpm/redhat/java-1.7.1-ibm@1:1.7.1.4.40-1jpp.1?arch=el7

purl pkg:rpm/redhat/java-1.7.1-ibm@1:1.7.1.4.40-1jpp.1?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2eke-m7j3-1qc5

vulnerability	VCID-7g71-5e73-wbdm

vulnerability	VCID-83wv-cnn4-a7he

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.7.1-ibm@1:1.7.1.4.40-1jpp.1%3Farch=el7

url pkg:rpm/redhat/java-1.8.0-ibm@1:1.8.0.5.30-1jpp.1?arch=el6_10

purl pkg:rpm/redhat/java-1.8.0-ibm@1:1.8.0.5.30-1jpp.1?arch=el6_10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2eke-m7j3-1qc5

vulnerability	VCID-73ad-ngrz-6uee

vulnerability	VCID-7g71-5e73-wbdm

vulnerability	VCID-83wv-cnn4-a7he

vulnerability	VCID-n54z-r9zz-tkee

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.8.0-ibm@1:1.8.0.5.30-1jpp.1%3Farch=el6_10

url pkg:rpm/redhat/java-1.8.0-ibm@1:1.8.0.5.30-1jpp.1?arch=el7

purl pkg:rpm/redhat/java-1.8.0-ibm@1:1.8.0.5.30-1jpp.1?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2eke-m7j3-1qc5

vulnerability	VCID-73ad-ngrz-6uee

vulnerability	VCID-7g71-5e73-wbdm

vulnerability	VCID-83wv-cnn4-a7he

vulnerability	VCID-n54z-r9zz-tkee

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.8.0-ibm@1:1.8.0.5.30-1jpp.1%3Farch=el7

url pkg:rpm/redhat/java-1.8.0-ibm@1:1.8.0.5.35-3?arch=el8_0

purl pkg:rpm/redhat/java-1.8.0-ibm@1:1.8.0.5.35-3?arch=el8_0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2eke-m7j3-1qc5

vulnerability	VCID-6mq4-munv-sffc

vulnerability	VCID-73ad-ngrz-6uee

vulnerability	VCID-7g71-5e73-wbdm

vulnerability	VCID-83wv-cnn4-a7he

vulnerability	VCID-k87f-hwsu-pycr

vulnerability	VCID-kptw-3u1d-3ugk

vulnerability	VCID-msra-64g9-huah

vulnerability	VCID-n54z-r9zz-tkee

vulnerability	VCID-s36j-5xfr-8qhk

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.8.0-ibm@1:1.8.0.5.35-3%3Farch=el8_0

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12547.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12547.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-12547

reference_id

reference_type

scores

value	0.00782
scoring_system	epss
scoring_elements	0.73671
published_at	2026-04-01T12:55:00Z

value	0.00782
scoring_system	epss
scoring_elements	0.73769
published_at	2026-04-18T12:55:00Z

value	0.00782
scoring_system	epss
scoring_elements	0.73727
published_at	2026-04-12T12:55:00Z

value	0.00782
scoring_system	epss
scoring_elements	0.73719
published_at	2026-04-13T12:55:00Z

value	0.00782
scoring_system	epss
scoring_elements	0.73761
published_at	2026-04-21T12:55:00Z

value	0.00782
scoring_system	epss
scoring_elements	0.7368
published_at	2026-04-02T12:55:00Z

value	0.00782
scoring_system	epss
scoring_elements	0.73703
published_at	2026-04-04T12:55:00Z

value	0.00782
scoring_system	epss
scoring_elements	0.73676
published_at	2026-04-07T12:55:00Z

value	0.00782
scoring_system	epss
scoring_elements	0.73711
published_at	2026-04-08T12:55:00Z

value	0.00782
scoring_system	epss
scoring_elements	0.73724
published_at	2026-04-09T12:55:00Z

value	0.00782
scoring_system	epss
scoring_elements	0.73745
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-12547

reference_url	https://bugs.eclipse.org/bugs/show_bug.cgi?id=543659
reference_id
reference_type
scores
url	https://bugs.eclipse.org/bugs/show_bug.cgi?id=543659

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1685611
reference_id	1685611
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1685611

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:openj9::::::::
reference_id	cpe:2.3:a:eclipse:openj9::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:openj9::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.8:::::::*
reference_id	cpe:2.3:a:redhat:satellite:5.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-12547

reference_id

CVE-2018-12547

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-12547

reference_url	https://access.redhat.com/errata/RHSA-2019:0469
reference_id	RHSA-2019:0469
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0469

reference_url	https://access.redhat.com/errata/RHSA-2019:0472
reference_id	RHSA-2019:0472
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0472

reference_url	https://access.redhat.com/errata/RHSA-2019:0473
reference_id	RHSA-2019:0473
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0473

reference_url	https://access.redhat.com/errata/RHSA-2019:0474
reference_id	RHSA-2019:0474
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0474

reference_url	https://access.redhat.com/errata/RHSA-2019:0640
reference_id	RHSA-2019:0640
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0640

reference_url	https://access.redhat.com/errata/RHSA-2019:1238
reference_id	RHSA-2019:1238
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1238

Weaknesses

cwe_id	120
name	Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
description	The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

cwe_id	20
name	Improper Input Validation
description	The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

cwe_id	119
name	Improper Restriction of Operations within the Bounds of a Memory Buffer
description	The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

Exploits

Severity_range_score 7.5 - 9.8

Exploitability 0.5

Weighted_severity 8.8

Risk_score 4.4

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-83wv-cnn4-a7he

Vulnerability Instance