Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/libjettison-java@1.5.3-1~deb11u1?distro=trixie
Typedeb
Namespacedebian
Namelibjettison-java
Version1.5.3-1~deb11u1
Qualifiers
distro trixie
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.5.4-1
Latest_non_vulnerable_version1.5.4-1
Affected_by_vulnerabilities
0
url VCID-3z2h-qhb2-muhn
vulnerability_id VCID-3z2h-qhb2-muhn
summary 
Jettison vulnerable to infinite recursion
An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads to a StackOverflowError exception being thrown.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1436.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1436.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-1436
reference_id
reference_type
scores
0
value 0.00122
scoring_system epss
scoring_elements 0.30732
published_at 2026-06-09T12:55:00Z
1
value 0.00122
scoring_system epss
scoring_elements 0.30742
published_at 2026-06-04T12:55:00Z
2
value 0.00122
scoring_system epss
scoring_elements 0.30814
published_at 2026-06-05T12:55:00Z
3
value 0.00122
scoring_system epss
scoring_elements 0.30781
published_at 2026-06-06T12:55:00Z
4
value 0.00122
scoring_system epss
scoring_elements 0.30747
published_at 2026-06-07T12:55:00Z
5
value 0.00122
scoring_system epss
scoring_elements 0.30715
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-1436
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1436
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1436
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/jettison-json/jettison
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jettison-json/jettison
5
reference_url https://github.com/jettison-json/jettison/issues/60
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jettison-json/jettison/issues/60
6
reference_url https://github.com/jettison-json/jettison/pull/62
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jettison-json/jettison/pull/62
7
reference_url https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.4
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.4
8
reference_url https://research.jfrog.com/vulnerabilities/jettison-json-array-dos-xray-427911
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://research.jfrog.com/vulnerabilities/jettison-json-array-dos-xray-427911
9
reference_url https://research.jfrog.com/vulnerabilities/jettison-json-array-dos-xray-427911/
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T15:02:11Z/
url https://research.jfrog.com/vulnerabilities/jettison-json-array-dos-xray-427911/
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033846
reference_id 1033846
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033846
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2182788
reference_id 2182788
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2182788
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-1436
reference_id CVE-2023-1436
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-1436
13
reference_url https://github.com/advisories/GHSA-q6g2-g7f3-rr83
reference_id GHSA-q6g2-g7f3-rr83
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q6g2-g7f3-rr83
14
reference_url https://access.redhat.com/errata/RHSA-2023:2100
reference_id RHSA-2023:2100
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2100
15
reference_url https://access.redhat.com/errata/RHSA-2023:3622
reference_id RHSA-2023:3622
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3622
16
reference_url https://access.redhat.com/errata/RHSA-2023:3641
reference_id RHSA-2023:3641
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3641
17
reference_url https://access.redhat.com/errata/RHSA-2023:3663
reference_id RHSA-2023:3663
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3663
18
reference_url https://access.redhat.com/errata/RHSA-2023:3667
reference_id RHSA-2023:3667
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3667
19
reference_url https://access.redhat.com/errata/RHSA-2023:7670
reference_id RHSA-2023:7670
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7670
20
reference_url https://access.redhat.com/errata/RHSA-2024:1027
reference_id RHSA-2024:1027
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1027
21
reference_url https://usn.ubuntu.com/6179-1/
reference_id USN-6179-1
reference_type
scores
url https://usn.ubuntu.com/6179-1/
fixed_packages
0
url pkg:deb/debian/libjettison-java@1.5.4-1?distro=trixie
purl pkg:deb/debian/libjettison-java@1.5.4-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libjettison-java@1.5.4-1%3Fdistro=trixie
aliases CVE-2023-1436, GHSA-q6g2-g7f3-rr83
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3z2h-qhb2-muhn
Fixing_vulnerabilities
0
url VCID-5r6b-8ze2-ruhw
vulnerability_id VCID-5r6b-8ze2-ruhw
summary Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40149.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40149.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-40149
reference_id
reference_type
scores
0
value 0.0055
scoring_system epss
scoring_elements 0.68355
published_at 2026-06-09T12:55:00Z
1
value 0.0055
scoring_system epss
scoring_elements 0.68312
published_at 2026-06-04T12:55:00Z
2
value 0.0055
scoring_system epss
scoring_elements 0.68354
published_at 2026-06-07T12:55:00Z
3
value 0.0055
scoring_system epss
scoring_elements 0.68361
published_at 2026-06-06T12:55:00Z
4
value 0.0055
scoring_system epss
scoring_elements 0.68338
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-40149
2
reference_url https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46538
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:36:38Z/
url https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46538
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40149
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40149
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40150
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40150
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45685
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45685
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45693
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45693
7
reference_url https://github.com/jettison-json/jettison
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jettison-json/jettison
8
reference_url https://github.com/jettison-json/jettison/issues/45
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:36:38Z/
url https://github.com/jettison-json/jettison/issues/45
9
reference_url https://github.com/jettison-json/jettison/pull/49/files
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jettison-json/jettison/pull/49/files
10
reference_url https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1
11
reference_url https://lists.debian.org/debian-lts-announce/2022/11/msg00011.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:36:38Z/
url https://lists.debian.org/debian-lts-announce/2022/11/msg00011.html
12
reference_url https://www.debian.org/security/2023/dsa-5312
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:36:38Z/
url https://www.debian.org/security/2023/dsa-5312
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022554
reference_id 1022554
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022554
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2135771
reference_id 2135771
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2135771
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-40149
reference_id CVE-2022-40149
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-40149
16
reference_url https://github.com/advisories/GHSA-56h3-78gp-v83r
reference_id GHSA-56h3-78gp-v83r
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-56h3-78gp-v83r
17
reference_url https://access.redhat.com/errata/RHSA-2023:0469
reference_id RHSA-2023:0469
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0469
18
reference_url https://access.redhat.com/errata/RHSA-2023:0544
reference_id RHSA-2023:0544
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0544
19
reference_url https://access.redhat.com/errata/RHSA-2023:0552
reference_id RHSA-2023:0552
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0552
20
reference_url https://access.redhat.com/errata/RHSA-2023:0553
reference_id RHSA-2023:0553
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0553
21
reference_url https://access.redhat.com/errata/RHSA-2023:0554
reference_id RHSA-2023:0554
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0554
22
reference_url https://access.redhat.com/errata/RHSA-2023:0556
reference_id RHSA-2023:0556
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0556
23
reference_url https://access.redhat.com/errata/RHSA-2023:2135
reference_id RHSA-2023:2135
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2135
24
reference_url https://access.redhat.com/errata/RHSA-2023:3223
reference_id RHSA-2023:3223
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3223
25
reference_url https://access.redhat.com/errata/RHSA-2023:3610
reference_id RHSA-2023:3610
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3610
26
reference_url https://access.redhat.com/errata/RHSA-2023:3663
reference_id RHSA-2023:3663
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3663
27
reference_url https://access.redhat.com/errata/RHSA-2025:4437
reference_id RHSA-2025:4437
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4437
28
reference_url https://usn.ubuntu.com/6177-1/
reference_id USN-6177-1
reference_type
scores
url https://usn.ubuntu.com/6177-1/
fixed_packages
0
url pkg:deb/debian/libjettison-java@1.5.1-1?distro=trixie
purl pkg:deb/debian/libjettison-java@1.5.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libjettison-java@1.5.1-1%3Fdistro=trixie
1
url pkg:deb/debian/libjettison-java@1.5.3-1~deb11u1?distro=trixie
purl pkg:deb/debian/libjettison-java@1.5.3-1~deb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3z2h-qhb2-muhn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libjettison-java@1.5.3-1~deb11u1%3Fdistro=trixie
2
url pkg:deb/debian/libjettison-java@1.5.3-1?distro=trixie
purl pkg:deb/debian/libjettison-java@1.5.3-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3z2h-qhb2-muhn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libjettison-java@1.5.3-1%3Fdistro=trixie
3
url pkg:deb/debian/libjettison-java@1.5.4-1?distro=trixie
purl pkg:deb/debian/libjettison-java@1.5.4-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libjettison-java@1.5.4-1%3Fdistro=trixie
aliases CVE-2022-40149, GHSA-56h3-78gp-v83r
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5r6b-8ze2-ruhw
1
url VCID-d23m-jtb2-akap
vulnerability_id VCID-d23m-jtb2-akap
summary A stack overflow in Jettison before v1.5.2 allows attackers to cause a Denial of Service (DoS) via crafted JSON data.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-45685.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-45685.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-45685
reference_id
reference_type
scores
0
value 0.0025
scoring_system epss
scoring_elements 0.48424
published_at 2026-06-04T12:55:00Z
1
value 0.0025
scoring_system epss
scoring_elements 0.48486
published_at 2026-06-05T12:55:00Z
2
value 0.0025
scoring_system epss
scoring_elements 0.48492
published_at 2026-06-06T12:55:00Z
3
value 0.0025
scoring_system epss
scoring_elements 0.48474
published_at 2026-06-07T12:55:00Z
4
value 0.00263
scoring_system epss
scoring_elements 0.49978
published_at 2026-06-09T12:55:00Z
5
value 0.00263
scoring_system epss
scoring_elements 0.49959
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-45685
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40149
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40149
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40150
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40150
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45685
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45685
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45693
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45693
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://github.com/jettison-json/jettison
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jettison-json/jettison
8
reference_url https://github.com/jettison-json/jettison/issues/54
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T03:12:49Z/
url https://github.com/jettison-json/jettison/issues/54
9
reference_url https://lists.debian.org/debian-lts-announce/2022/12/msg00045.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T03:12:49Z/
url https://lists.debian.org/debian-lts-announce/2022/12/msg00045.html
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-45685
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-45685
11
reference_url https://www.debian.org/security/2023/dsa-5312
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T03:12:49Z/
url https://www.debian.org/security/2023/dsa-5312
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2214825
reference_id 2214825
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2214825
13
reference_url https://github.com/advisories/GHSA-7rf3-mqpx-h7xg
reference_id GHSA-7rf3-mqpx-h7xg
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7rf3-mqpx-h7xg
14
reference_url https://access.redhat.com/errata/RHSA-2024:3708
reference_id RHSA-2024:3708
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3708
15
reference_url https://usn.ubuntu.com/6177-1/
reference_id USN-6177-1
reference_type
scores
url https://usn.ubuntu.com/6177-1/
fixed_packages
0
url pkg:deb/debian/libjettison-java@1.5.3-1~deb11u1?distro=trixie
purl pkg:deb/debian/libjettison-java@1.5.3-1~deb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3z2h-qhb2-muhn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libjettison-java@1.5.3-1~deb11u1%3Fdistro=trixie
1
url pkg:deb/debian/libjettison-java@1.5.3-1?distro=trixie
purl pkg:deb/debian/libjettison-java@1.5.3-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3z2h-qhb2-muhn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libjettison-java@1.5.3-1%3Fdistro=trixie
2
url pkg:deb/debian/libjettison-java@1.5.4-1?distro=trixie
purl pkg:deb/debian/libjettison-java@1.5.4-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libjettison-java@1.5.4-1%3Fdistro=trixie
aliases CVE-2022-45685, GHSA-7rf3-mqpx-h7xg
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d23m-jtb2-akap
2
url VCID-mev9-tsyk-2ubf
vulnerability_id VCID-mev9-tsyk-2ubf
summary Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by Out of memory. This effect may support a denial of service attack.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40150.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40150.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-40150
reference_id
reference_type
scores
0
value 0.00065
scoring_system epss
scoring_elements 0.20429
published_at 2026-06-09T12:55:00Z
1
value 0.00065
scoring_system epss
scoring_elements 0.20469
published_at 2026-06-04T12:55:00Z
2
value 0.00065
scoring_system epss
scoring_elements 0.20542
published_at 2026-06-05T12:55:00Z
3
value 0.00065
scoring_system epss
scoring_elements 0.20529
published_at 2026-06-06T12:55:00Z
4
value 0.00065
scoring_system epss
scoring_elements 0.20489
published_at 2026-06-07T12:55:00Z
5
value 0.00065
scoring_system epss
scoring_elements 0.20421
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-40150
2
reference_url https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46549
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:36:35Z/
url https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46549
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40149
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40149
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40150
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40150
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45685
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45685
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45693
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45693
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://github.com/jettison-json/jettison
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jettison-json/jettison
9
reference_url https://github.com/jettison-json/jettison/issues/45
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:36:35Z/
url https://github.com/jettison-json/jettison/issues/45
10
reference_url https://lists.debian.org/debian-lts-announce/2022/12/msg00045.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:36:35Z/
url https://lists.debian.org/debian-lts-announce/2022/12/msg00045.html
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-40150
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-40150
12
reference_url https://www.debian.org/security/2023/dsa-5312
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:36:35Z/
url https://www.debian.org/security/2023/dsa-5312
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022553
reference_id 1022553
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022553
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2135770
reference_id 2135770
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2135770
15
reference_url https://github.com/advisories/GHSA-x27m-9w8j-5vcw
reference_id GHSA-x27m-9w8j-5vcw
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x27m-9w8j-5vcw
16
reference_url https://access.redhat.com/errata/RHSA-2023:0469
reference_id RHSA-2023:0469
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0469
17
reference_url https://access.redhat.com/errata/RHSA-2023:0552
reference_id RHSA-2023:0552
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0552
18
reference_url https://access.redhat.com/errata/RHSA-2023:0553
reference_id RHSA-2023:0553
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0553
19
reference_url https://access.redhat.com/errata/RHSA-2023:0554
reference_id RHSA-2023:0554
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0554
20
reference_url https://access.redhat.com/errata/RHSA-2023:0556
reference_id RHSA-2023:0556
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0556
21
reference_url https://access.redhat.com/errata/RHSA-2023:2100
reference_id RHSA-2023:2100
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2100
22
reference_url https://access.redhat.com/errata/RHSA-2023:2135
reference_id RHSA-2023:2135
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2135
23
reference_url https://access.redhat.com/errata/RHSA-2023:3223
reference_id RHSA-2023:3223
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3223
24
reference_url https://access.redhat.com/errata/RHSA-2023:3610
reference_id RHSA-2023:3610
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3610
25
reference_url https://access.redhat.com/errata/RHSA-2023:3663
reference_id RHSA-2023:3663
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3663
26
reference_url https://access.redhat.com/errata/RHSA-2025:4437
reference_id RHSA-2025:4437
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4437
27
reference_url https://usn.ubuntu.com/6177-1/
reference_id USN-6177-1
reference_type
scores
url https://usn.ubuntu.com/6177-1/
fixed_packages
0
url pkg:deb/debian/libjettison-java@1.5.3-1~deb11u1?distro=trixie
purl pkg:deb/debian/libjettison-java@1.5.3-1~deb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3z2h-qhb2-muhn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libjettison-java@1.5.3-1~deb11u1%3Fdistro=trixie
1
url pkg:deb/debian/libjettison-java@1.5.3-1?distro=trixie
purl pkg:deb/debian/libjettison-java@1.5.3-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3z2h-qhb2-muhn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libjettison-java@1.5.3-1%3Fdistro=trixie
2
url pkg:deb/debian/libjettison-java@1.5.4-1?distro=trixie
purl pkg:deb/debian/libjettison-java@1.5.4-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libjettison-java@1.5.4-1%3Fdistro=trixie
aliases CVE-2022-40150, GHSA-x27m-9w8j-5vcw
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mev9-tsyk-2ubf
3
url VCID-yywj-jh4h-qbhw
vulnerability_id VCID-yywj-jh4h-qbhw
summary Jettison before v1.5.2 was discovered to contain a stack overflow via the map parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-45693.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-45693.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-45693
reference_id
reference_type
scores
0
value 0.00149
scoring_system epss
scoring_elements 0.3507
published_at 2026-06-04T12:55:00Z
1
value 0.00149
scoring_system epss
scoring_elements 0.35165
published_at 2026-06-05T12:55:00Z
2
value 0.00149
scoring_system epss
scoring_elements 0.35181
published_at 2026-06-06T12:55:00Z
3
value 0.00149
scoring_system epss
scoring_elements 0.35143
published_at 2026-06-07T12:55:00Z
4
value 0.00157
scoring_system epss
scoring_elements 0.36213
published_at 2026-06-09T12:55:00Z
5
value 0.00157
scoring_system epss
scoring_elements 0.36201
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-45693
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40149
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40149
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40150
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40150
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45685
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45685
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45693
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45693
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://github.com/jettison-json/jettison
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jettison-json/jettison
8
reference_url https://github.com/jettison-json/jettison/issues/52
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T14:58:02Z/
url https://github.com/jettison-json/jettison/issues/52
9
reference_url https://lists.debian.org/debian-lts-announce/2022/12/msg00045.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T14:58:02Z/
url https://lists.debian.org/debian-lts-announce/2022/12/msg00045.html
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-45693
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-45693
11
reference_url https://www.debian.org/security/2023/dsa-5312
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T14:58:02Z/
url https://www.debian.org/security/2023/dsa-5312
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2155970
reference_id 2155970
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2155970
13
reference_url https://github.com/advisories/GHSA-grr4-wv38-f68w
reference_id GHSA-grr4-wv38-f68w
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-grr4-wv38-f68w
14
reference_url https://access.redhat.com/errata/RHSA-2023:0544
reference_id RHSA-2023:0544
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0544
15
reference_url https://access.redhat.com/errata/RHSA-2023:0552
reference_id RHSA-2023:0552
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0552
16
reference_url https://access.redhat.com/errata/RHSA-2023:0553
reference_id RHSA-2023:0553
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0553
17
reference_url https://access.redhat.com/errata/RHSA-2023:0554
reference_id RHSA-2023:0554
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0554
18
reference_url https://access.redhat.com/errata/RHSA-2023:0556
reference_id RHSA-2023:0556
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0556
19
reference_url https://access.redhat.com/errata/RHSA-2023:2135
reference_id RHSA-2023:2135
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2135
20
reference_url https://access.redhat.com/errata/RHSA-2023:3610
reference_id RHSA-2023:3610
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3610
21
reference_url https://access.redhat.com/errata/RHSA-2024:1027
reference_id RHSA-2024:1027
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1027
22
reference_url https://access.redhat.com/errata/RHSA-2025:1746
reference_id RHSA-2025:1746
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1746
23
reference_url https://access.redhat.com/errata/RHSA-2025:1747
reference_id RHSA-2025:1747
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1747
24
reference_url https://usn.ubuntu.com/6177-1/
reference_id USN-6177-1
reference_type
scores
url https://usn.ubuntu.com/6177-1/
fixed_packages
0
url pkg:deb/debian/libjettison-java@1.5.3-1~deb11u1?distro=trixie
purl pkg:deb/debian/libjettison-java@1.5.3-1~deb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3z2h-qhb2-muhn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libjettison-java@1.5.3-1~deb11u1%3Fdistro=trixie
1
url pkg:deb/debian/libjettison-java@1.5.3-1?distro=trixie
purl pkg:deb/debian/libjettison-java@1.5.3-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3z2h-qhb2-muhn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libjettison-java@1.5.3-1%3Fdistro=trixie
2
url pkg:deb/debian/libjettison-java@1.5.4-1?distro=trixie
purl pkg:deb/debian/libjettison-java@1.5.4-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libjettison-java@1.5.4-1%3Fdistro=trixie
aliases CVE-2022-45693, GHSA-grr4-wv38-f68w
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yywj-jh4h-qbhw
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/libjettison-java@1.5.3-1~deb11u1%3Fdistro=trixie