Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-yc3v-ejep-xydr

Summary JDK: XML4J xml entity expansion excessive memory use (XML)

Aliases

alias	CVE-2013-5372

Fixed_packages

Affected_packages

url pkg:rpm/redhat/java-1.5.0-ibm@1:1.5.0.16.4-1jpp.1?arch=el6_4

purl pkg:rpm/redhat/java-1.5.0-ibm@1:1.5.0.16.4-1jpp.1?arch=el6_4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gme-zs8y-bqec

vulnerability	VCID-2nc7-hgsm-9yd7

vulnerability	VCID-6dhw-uqtb-kua5

vulnerability	VCID-7bdw-8b72-5fhr

vulnerability	VCID-831v-7kmc-aucv

vulnerability	VCID-8faz-85u1-zbeq

vulnerability	VCID-98s6-fdp7-gkg6

vulnerability	VCID-dzaq-rw8t-wqba

vulnerability	VCID-e62p-4szd-3ubj

vulnerability	VCID-erxc-qxay-ayhr

vulnerability	VCID-f4d5-mkub-b3e1

vulnerability	VCID-ha9m-r5c1-2ffd

vulnerability	VCID-khuw-dsag-p7ey

vulnerability	VCID-kn39-nd68-a7c8

vulnerability	VCID-m2d2-shze-ybgs

vulnerability	VCID-msup-sd1d-j3b8

vulnerability	VCID-n7ju-v5t7-h3eq

vulnerability	VCID-pbdx-8nxr-nbew

vulnerability	VCID-q5c8-hwra-zyfr

vulnerability	VCID-qmvf-8y88-gqhh

vulnerability	VCID-r3jr-7dkg-5khb

vulnerability	VCID-twms-mj8q-pye1

vulnerability	VCID-uvbz-c5pd-a3hc

vulnerability	VCID-yc3v-ejep-xydr

vulnerability	VCID-z63k-wes3-gqgw

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.5.0-ibm@1:1.5.0.16.4-1jpp.1%3Farch=el6_4

url pkg:rpm/redhat/java-1.5.0-ibm@1:1.5.0.16.4-1jpp.1?arch=el5_10

purl pkg:rpm/redhat/java-1.5.0-ibm@1:1.5.0.16.4-1jpp.1?arch=el5_10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gme-zs8y-bqec

vulnerability	VCID-2nc7-hgsm-9yd7

vulnerability	VCID-6dhw-uqtb-kua5

vulnerability	VCID-7bdw-8b72-5fhr

vulnerability	VCID-831v-7kmc-aucv

vulnerability	VCID-8faz-85u1-zbeq

vulnerability	VCID-98s6-fdp7-gkg6

vulnerability	VCID-dzaq-rw8t-wqba

vulnerability	VCID-e62p-4szd-3ubj

vulnerability	VCID-erxc-qxay-ayhr

vulnerability	VCID-f4d5-mkub-b3e1

vulnerability	VCID-ha9m-r5c1-2ffd

vulnerability	VCID-khuw-dsag-p7ey

vulnerability	VCID-kn39-nd68-a7c8

vulnerability	VCID-m2d2-shze-ybgs

vulnerability	VCID-msup-sd1d-j3b8

vulnerability	VCID-n7ju-v5t7-h3eq

vulnerability	VCID-pbdx-8nxr-nbew

vulnerability	VCID-q5c8-hwra-zyfr

vulnerability	VCID-qmvf-8y88-gqhh

vulnerability	VCID-r3jr-7dkg-5khb

vulnerability	VCID-twms-mj8q-pye1

vulnerability	VCID-uvbz-c5pd-a3hc

vulnerability	VCID-yc3v-ejep-xydr

vulnerability	VCID-z63k-wes3-gqgw

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.5.0-ibm@1:1.5.0.16.4-1jpp.1%3Farch=el5_10

url pkg:rpm/redhat/java-1.6.0-ibm@1:1.6.0.15.0-1jpp.1?arch=el5

purl pkg:rpm/redhat/java-1.6.0-ibm@1:1.6.0.15.0-1jpp.1?arch=el5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17nn-wrs1-fkb6

vulnerability	VCID-2gme-zs8y-bqec

vulnerability	VCID-2jj1-ebr5-5bbj

vulnerability	VCID-2nc7-hgsm-9yd7

vulnerability	VCID-4j1g-wau3-3ya5

vulnerability	VCID-5fd6-geeb-fufj

vulnerability	VCID-6q4h-4h6p-nufq

vulnerability	VCID-7bdw-8b72-5fhr

vulnerability	VCID-831v-7kmc-aucv

vulnerability	VCID-8faz-85u1-zbeq

vulnerability	VCID-98s6-fdp7-gkg6

vulnerability	VCID-bkcn-7xu6-g7at

vulnerability	VCID-dzaq-rw8t-wqba

vulnerability	VCID-e62p-4szd-3ubj

vulnerability	VCID-erxc-qxay-ayhr

vulnerability	VCID-f4d5-mkub-b3e1

vulnerability	VCID-ha9m-r5c1-2ffd

vulnerability	VCID-j3es-uvqp-byes

vulnerability	VCID-jktb-47k1-rffu

vulnerability	VCID-khuw-dsag-p7ey

vulnerability	VCID-kn39-nd68-a7c8

vulnerability	VCID-m2d2-shze-ybgs

vulnerability	VCID-mmhg-araa-fkb8

vulnerability	VCID-msup-sd1d-j3b8

vulnerability	VCID-n6gc-cnsc-z7a6

vulnerability	VCID-n7ju-v5t7-h3eq

vulnerability	VCID-pbdx-8nxr-nbew

vulnerability	VCID-q5c8-hwra-zyfr

vulnerability	VCID-qmvf-8y88-gqhh

vulnerability	VCID-r3jr-7dkg-5khb

vulnerability	VCID-r6a5-wtaz-8bgu

vulnerability	VCID-sk3j-q3uf-5yfp

vulnerability	VCID-te2n-je4h-j7bc

vulnerability	VCID-twms-mj8q-pye1

vulnerability	VCID-uvbz-c5pd-a3hc

vulnerability	VCID-vf6r-a833-fbg6

vulnerability	VCID-wj8s-enzz-aka2

vulnerability	VCID-x65k-nney-23b5

vulnerability	VCID-yc3v-ejep-xydr

vulnerability	VCID-z63k-wes3-gqgw

vulnerability	VCID-zx4b-qwy1-fkf8

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.6.0-ibm@1:1.6.0.15.0-1jpp.1%3Farch=el5

url pkg:rpm/redhat/java-1.6.0-ibm@1:1.6.0.15.0-1jpp.1?arch=el6_4

purl pkg:rpm/redhat/java-1.6.0-ibm@1:1.6.0.15.0-1jpp.1?arch=el6_4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17nn-wrs1-fkb6

vulnerability	VCID-2gme-zs8y-bqec

vulnerability	VCID-2jj1-ebr5-5bbj

vulnerability	VCID-2nc7-hgsm-9yd7

vulnerability	VCID-4j1g-wau3-3ya5

vulnerability	VCID-5fd6-geeb-fufj

vulnerability	VCID-6q4h-4h6p-nufq

vulnerability	VCID-7bdw-8b72-5fhr

vulnerability	VCID-831v-7kmc-aucv

vulnerability	VCID-8faz-85u1-zbeq

vulnerability	VCID-98s6-fdp7-gkg6

vulnerability	VCID-bkcn-7xu6-g7at

vulnerability	VCID-dzaq-rw8t-wqba

vulnerability	VCID-e62p-4szd-3ubj

vulnerability	VCID-erxc-qxay-ayhr

vulnerability	VCID-f4d5-mkub-b3e1

vulnerability	VCID-ha9m-r5c1-2ffd

vulnerability	VCID-j3es-uvqp-byes

vulnerability	VCID-jktb-47k1-rffu

vulnerability	VCID-khuw-dsag-p7ey

vulnerability	VCID-kn39-nd68-a7c8

vulnerability	VCID-m2d2-shze-ybgs

vulnerability	VCID-mmhg-araa-fkb8

vulnerability	VCID-msup-sd1d-j3b8

vulnerability	VCID-n6gc-cnsc-z7a6

vulnerability	VCID-n7ju-v5t7-h3eq

vulnerability	VCID-pbdx-8nxr-nbew

vulnerability	VCID-q5c8-hwra-zyfr

vulnerability	VCID-qmvf-8y88-gqhh

vulnerability	VCID-r3jr-7dkg-5khb

vulnerability	VCID-r6a5-wtaz-8bgu

vulnerability	VCID-sk3j-q3uf-5yfp

vulnerability	VCID-te2n-je4h-j7bc

vulnerability	VCID-twms-mj8q-pye1

vulnerability	VCID-uvbz-c5pd-a3hc

vulnerability	VCID-vf6r-a833-fbg6

vulnerability	VCID-wj8s-enzz-aka2

vulnerability	VCID-x65k-nney-23b5

vulnerability	VCID-yc3v-ejep-xydr

vulnerability	VCID-z63k-wes3-gqgw

vulnerability	VCID-zx4b-qwy1-fkf8

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.6.0-ibm@1:1.6.0.15.0-1jpp.1%3Farch=el6_4

url pkg:rpm/redhat/java-1.6.0-ibm@1:1.6.0.15.0-1jpp.1?arch=el5_10

purl pkg:rpm/redhat/java-1.6.0-ibm@1:1.6.0.15.0-1jpp.1?arch=el5_10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17nn-wrs1-fkb6

vulnerability	VCID-2gme-zs8y-bqec

vulnerability	VCID-2jj1-ebr5-5bbj

vulnerability	VCID-2nc7-hgsm-9yd7

vulnerability	VCID-4j1g-wau3-3ya5

vulnerability	VCID-5fd6-geeb-fufj

vulnerability	VCID-6q4h-4h6p-nufq

vulnerability	VCID-7bdw-8b72-5fhr

vulnerability	VCID-831v-7kmc-aucv

vulnerability	VCID-8faz-85u1-zbeq

vulnerability	VCID-98s6-fdp7-gkg6

vulnerability	VCID-bkcn-7xu6-g7at

vulnerability	VCID-dzaq-rw8t-wqba

vulnerability	VCID-e62p-4szd-3ubj

vulnerability	VCID-erxc-qxay-ayhr

vulnerability	VCID-f4d5-mkub-b3e1

vulnerability	VCID-ha9m-r5c1-2ffd

vulnerability	VCID-j3es-uvqp-byes

vulnerability	VCID-jktb-47k1-rffu

vulnerability	VCID-khuw-dsag-p7ey

vulnerability	VCID-kn39-nd68-a7c8

vulnerability	VCID-m2d2-shze-ybgs

vulnerability	VCID-mmhg-araa-fkb8

vulnerability	VCID-msup-sd1d-j3b8

vulnerability	VCID-n6gc-cnsc-z7a6

vulnerability	VCID-n7ju-v5t7-h3eq

vulnerability	VCID-pbdx-8nxr-nbew

vulnerability	VCID-q5c8-hwra-zyfr

vulnerability	VCID-qmvf-8y88-gqhh

vulnerability	VCID-r3jr-7dkg-5khb

vulnerability	VCID-r6a5-wtaz-8bgu

vulnerability	VCID-sk3j-q3uf-5yfp

vulnerability	VCID-te2n-je4h-j7bc

vulnerability	VCID-twms-mj8q-pye1

vulnerability	VCID-uvbz-c5pd-a3hc

vulnerability	VCID-vf6r-a833-fbg6

vulnerability	VCID-wj8s-enzz-aka2

vulnerability	VCID-x65k-nney-23b5

vulnerability	VCID-yc3v-ejep-xydr

vulnerability	VCID-z63k-wes3-gqgw

vulnerability	VCID-zx4b-qwy1-fkf8

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.6.0-ibm@1:1.6.0.15.0-1jpp.1%3Farch=el5_10

url pkg:rpm/redhat/java-1.7.0-ibm@1:1.7.0.6.0-1jpp.1?arch=el5_10

purl pkg:rpm/redhat/java-1.7.0-ibm@1:1.7.0.6.0-1jpp.1?arch=el5_10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17nn-wrs1-fkb6

vulnerability	VCID-2gme-zs8y-bqec

vulnerability	VCID-2jj1-ebr5-5bbj

vulnerability	VCID-2nc7-hgsm-9yd7

vulnerability	VCID-393d-wgcy-dfc4

vulnerability	VCID-4j1g-wau3-3ya5

vulnerability	VCID-5fd6-geeb-fufj

vulnerability	VCID-6dhw-uqtb-kua5

vulnerability	VCID-6q4h-4h6p-nufq

vulnerability	VCID-7bdw-8b72-5fhr

vulnerability	VCID-7n2c-p6xz-97gw

vulnerability	VCID-831v-7kmc-aucv

vulnerability	VCID-8faz-85u1-zbeq

vulnerability	VCID-98s6-fdp7-gkg6

vulnerability	VCID-aqtv-nbes-33aw

vulnerability	VCID-bkcn-7xu6-g7at

vulnerability	VCID-dzaq-rw8t-wqba

vulnerability	VCID-e62p-4szd-3ubj

vulnerability	VCID-erxc-qxay-ayhr

vulnerability	VCID-eysz-1t1f-uyd6

vulnerability	VCID-f4d5-mkub-b3e1

vulnerability	VCID-ha9m-r5c1-2ffd

vulnerability	VCID-j3es-uvqp-byes

vulnerability	VCID-jktb-47k1-rffu

vulnerability	VCID-khuw-dsag-p7ey

vulnerability	VCID-kn39-nd68-a7c8

vulnerability	VCID-m2d2-shze-ybgs

vulnerability	VCID-mmhg-araa-fkb8

vulnerability	VCID-msup-sd1d-j3b8

vulnerability	VCID-n6gc-cnsc-z7a6

vulnerability	VCID-n7ju-v5t7-h3eq

vulnerability	VCID-pbdx-8nxr-nbew

vulnerability	VCID-q5c8-hwra-zyfr

vulnerability	VCID-qmvf-8y88-gqhh

vulnerability	VCID-r3jr-7dkg-5khb

vulnerability	VCID-r6a5-wtaz-8bgu

vulnerability	VCID-sk3j-q3uf-5yfp

vulnerability	VCID-te2n-je4h-j7bc

vulnerability	VCID-twms-mj8q-pye1

vulnerability	VCID-uvbz-c5pd-a3hc

vulnerability	VCID-vf6r-a833-fbg6

vulnerability	VCID-wj8s-enzz-aka2

vulnerability	VCID-x65k-nney-23b5

vulnerability	VCID-x72p-yry2-bugs

vulnerability	VCID-yc3v-ejep-xydr

vulnerability	VCID-z63k-wes3-gqgw

vulnerability	VCID-zx4b-qwy1-fkf8

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.7.0-ibm@1:1.7.0.6.0-1jpp.1%3Farch=el5_10

url pkg:rpm/redhat/java-1.7.0-ibm@1:1.7.0.6.0-1jpp.1?arch=el6_4

purl pkg:rpm/redhat/java-1.7.0-ibm@1:1.7.0.6.0-1jpp.1?arch=el6_4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17nn-wrs1-fkb6

vulnerability	VCID-2gme-zs8y-bqec

vulnerability	VCID-2jj1-ebr5-5bbj

vulnerability	VCID-2nc7-hgsm-9yd7

vulnerability	VCID-393d-wgcy-dfc4

vulnerability	VCID-4j1g-wau3-3ya5

vulnerability	VCID-5fd6-geeb-fufj

vulnerability	VCID-6dhw-uqtb-kua5

vulnerability	VCID-6q4h-4h6p-nufq

vulnerability	VCID-7bdw-8b72-5fhr

vulnerability	VCID-7n2c-p6xz-97gw

vulnerability	VCID-831v-7kmc-aucv

vulnerability	VCID-8faz-85u1-zbeq

vulnerability	VCID-98s6-fdp7-gkg6

vulnerability	VCID-aqtv-nbes-33aw

vulnerability	VCID-bkcn-7xu6-g7at

vulnerability	VCID-dzaq-rw8t-wqba

vulnerability	VCID-e62p-4szd-3ubj

vulnerability	VCID-erxc-qxay-ayhr

vulnerability	VCID-eysz-1t1f-uyd6

vulnerability	VCID-f4d5-mkub-b3e1

vulnerability	VCID-ha9m-r5c1-2ffd

vulnerability	VCID-j3es-uvqp-byes

vulnerability	VCID-jktb-47k1-rffu

vulnerability	VCID-khuw-dsag-p7ey

vulnerability	VCID-kn39-nd68-a7c8

vulnerability	VCID-m2d2-shze-ybgs

vulnerability	VCID-mmhg-araa-fkb8

vulnerability	VCID-msup-sd1d-j3b8

vulnerability	VCID-n6gc-cnsc-z7a6

vulnerability	VCID-n7ju-v5t7-h3eq

vulnerability	VCID-pbdx-8nxr-nbew

vulnerability	VCID-q5c8-hwra-zyfr

vulnerability	VCID-qmvf-8y88-gqhh

vulnerability	VCID-r3jr-7dkg-5khb

vulnerability	VCID-r6a5-wtaz-8bgu

vulnerability	VCID-sk3j-q3uf-5yfp

vulnerability	VCID-te2n-je4h-j7bc

vulnerability	VCID-twms-mj8q-pye1

vulnerability	VCID-uvbz-c5pd-a3hc

vulnerability	VCID-vf6r-a833-fbg6

vulnerability	VCID-wj8s-enzz-aka2

vulnerability	VCID-x65k-nney-23b5

vulnerability	VCID-x72p-yry2-bugs

vulnerability	VCID-yc3v-ejep-xydr

vulnerability	VCID-z63k-wes3-gqgw

vulnerability	VCID-zx4b-qwy1-fkf8

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.7.0-ibm@1:1.7.0.6.0-1jpp.1%3Farch=el6_4

References

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5372.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5372.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-5372

reference_id

reference_type

scores

value	0.01728
scoring_system	epss
scoring_elements	0.82368
published_at	2026-04-01T12:55:00Z

value	0.01728
scoring_system	epss
scoring_elements	0.82382
published_at	2026-04-02T12:55:00Z

value	0.01728
scoring_system	epss
scoring_elements	0.82399
published_at	2026-04-04T12:55:00Z

value	0.01728
scoring_system	epss
scoring_elements	0.82396
published_at	2026-04-07T12:55:00Z

value	0.01728
scoring_system	epss
scoring_elements	0.82424
published_at	2026-04-08T12:55:00Z

value	0.01728
scoring_system	epss
scoring_elements	0.82431
published_at	2026-04-09T12:55:00Z

value	0.01728
scoring_system	epss
scoring_elements	0.8245
published_at	2026-04-11T12:55:00Z

value	0.01728
scoring_system	epss
scoring_elements	0.82446
published_at	2026-04-12T12:55:00Z

value	0.01728
scoring_system	epss
scoring_elements	0.82441
published_at	2026-04-13T12:55:00Z

value	0.01728
scoring_system	epss
scoring_elements	0.82476
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-5372

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1027825
reference_id	1027825
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1027825

reference_url	https://access.redhat.com/errata/RHSA-2013:1507
reference_id	RHSA-2013:1507
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1507

reference_url	https://access.redhat.com/errata/RHSA-2013:1508
reference_id	RHSA-2013:1508
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1508

reference_url	https://access.redhat.com/errata/RHSA-2013:1509
reference_id	RHSA-2013:1509
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1509

reference_url	https://access.redhat.com/errata/RHSA-2013:1793
reference_id	RHSA-2013:1793
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1793

Weaknesses

Exploits

Severity_range_score null

Exploitability 0.5

Weighted_severity 0.0

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yc3v-ejep-xydr

Vulnerability Instance