Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-anq8-9qpp-wuf5
SummaryVulnerability in the Java SE component of Oracle Java SE (subcomponent: Sound). The supported version that is affected is Java SE: 11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).
Aliases
0
alias CVE-2018-3157
Fixed_packages
0
url pkg:deb/debian/openjdk-11@11.0.1%2B13-1?distro=sid
purl pkg:deb/debian/openjdk-11@11.0.1%2B13-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.1%252B13-1%3Fdistro=sid
1
url pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1?distro=sid
purl pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1%3Fdistro=sid
2
url pkg:deb/debian/openjdk-11@11.0.31%2B11-1?distro=sid
purl pkg:deb/debian/openjdk-11@11.0.31%2B11-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31%252B11-1%3Fdistro=sid
3
url pkg:deb/debian/openjdk-11@11.0.32~3ea-1?distro=sid
purl pkg:deb/debian/openjdk-11@11.0.32~3ea-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.32~3ea-1%3Fdistro=sid
4
url pkg:ebuild/dev-java/oracle-jdk-bin@1.8.0.202
purl pkg:ebuild/dev-java/oracle-jdk-bin@1.8.0.202
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/oracle-jdk-bin@1.8.0.202
5
url pkg:ebuild/dev-java/oracle-jre-bin@1.8.0.202
purl pkg:ebuild/dev-java/oracle-jre-bin@1.8.0.202
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1dmq-7kkk-9ffr
1
vulnerability VCID-1ktz-k2r1-vka2
2
vulnerability VCID-2gtp-m43g-zqez
3
vulnerability VCID-3t92-bzzd-b3f8
4
vulnerability VCID-52ek-r9cb-6kd7
5
vulnerability VCID-5v9z-v7yf-bbef
6
vulnerability VCID-6qq5-5j5w-v3e5
7
vulnerability VCID-86r8-k7yd-mua5
8
vulnerability VCID-8cga-w5ms-mufw
9
vulnerability VCID-9h9j-2kzq-k3fv
10
vulnerability VCID-9z9j-fn2b-qkgn
11
vulnerability VCID-a2vb-fgag-43ht
12
vulnerability VCID-cvcj-7utn-fybb
13
vulnerability VCID-e173-kqas-cqcz
14
vulnerability VCID-fqga-u2mm-1ydn
15
vulnerability VCID-gyt8-tngh-fufb
16
vulnerability VCID-ra3y-ftm6-zqhe
17
vulnerability VCID-spbd-ep4q-t3cr
18
vulnerability VCID-vzbq-5pmc-mkbu
19
vulnerability VCID-y69k-6jjd-h3bk
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/oracle-jre-bin@1.8.0.202
Affected_packages
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-3157.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-3157.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-3157
reference_id
reference_type
scores
0
value 0.0076
scoring_system epss
scoring_elements 0.73708
published_at 2026-06-04T12:55:00Z
1
value 0.0076
scoring_system epss
scoring_elements 0.7372
published_at 2026-06-08T12:55:00Z
2
value 0.0076
scoring_system epss
scoring_elements 0.73745
published_at 2026-06-05T12:55:00Z
3
value 0.0076
scoring_system epss
scoring_elements 0.73748
published_at 2026-06-06T12:55:00Z
4
value 0.0076
scoring_system epss
scoring_elements 0.73734
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-3157
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3157
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3157
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url http://www.securitytracker.com/id/1041889
reference_id 1041889
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T18:07:49Z/
url http://www.securitytracker.com/id/1041889
5
reference_url http://www.securityfocus.com/bid/105595
reference_id 105595
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T18:07:49Z/
url http://www.securityfocus.com/bid/105595
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1642328
reference_id 1642328
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1642328
7
reference_url https://security.gentoo.org/glsa/201908-10
reference_id GLSA-201908-10
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T18:07:49Z/
url https://security.gentoo.org/glsa/201908-10
8
reference_url https://security.netapp.com/advisory/ntap-20181018-0001/
reference_id ntap-20181018-0001
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T18:07:49Z/
url https://security.netapp.com/advisory/ntap-20181018-0001/
Weaknesses
0
cwe_id 665
name Improper Initialization
description The product does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.
Exploits
Severity_range_score3.7 - 3.7
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-anq8-9qpp-wuf5