{"url":"http://public2.vulnerablecode.io/api/packages/102961?format=json","purl":"pkg:rpm/redhat/postgresql-jdbc@8.4.704-4?arch=el6_10","type":"rpm","namespace":"redhat","name":"postgresql-jdbc","version":"8.4.704-4","qualifiers":{"arch":"el6_10"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/12798?format=json","vulnerability_id":"VCID-vdtn-ek54-nqh6","summary":"Improper Restriction of XML External Entity Reference\nPostgreSQL JDBC Driver (aka PgJDBC) before 42.2.13 allows XXE.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13692.json","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13692.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13692","reference_id":"","reference_type":"","scores":[{"value":"0.07801","scoring_system":"epss","scoring_elements":"0.92001","published_at":"2026-05-05T12:55:00Z"},{"value":"0.07801","scoring_system":"epss","scoring_elements":"0.91992","published_at":"2026-04-24T12:55:00Z"},{"value":"0.07801","scoring_system":"epss","scoring_elements":"0.91994","published_at":"2026-04-16T12:55:00Z"},{"value":"0.07801","scoring_system":"epss","scoring_elements":"0.91975","published_at":"2026-04-13T12:55:00Z"},{"value":"0.07801","scoring_system":"epss","scoring_elements":"0.91978","published_at":"2026-04-12T12:55:00Z"},{"value":"0.07801","scoring_system":"epss","scoring_elements":"0.91979","published_at":"2026-04-11T12:55:00Z"},{"value":"0.07801","scoring_system":"epss","scoring_elements":"0.91976","published_at":"2026-04-09T12:55:00Z"},{"value":"0.07801","scoring_system":"epss","scoring_elements":"0.91971","published_at":"2026-04-08T12:55:00Z"},{"value":"0.07801","scoring_system":"epss","scoring_elements":"0.91958","published_at":"2026-04-07T12:55:00Z"},{"value":"0.07801","scoring_system":"epss","scoring_elements":"0.91952","published_at":"2026-04-04T12:55:00Z"},{"value":"0.07801","scoring_system":"epss","scoring_elements":"0.91944","published_at":"2026-04-02T12:55:00Z"},{"value":"0.07801","scoring_system":"epss","scoring_elements":"0.91936","published_at":"2026-04-01T12:55:00Z"},{"value":"0.07801","scoring_system":"epss","scoring_elements":"0.91988","published_at":"2026-04-29T12:55:00Z"},{"value":"0.07801","scoring_system":"epss","scoring_elements":"0.91991","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13692"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/pgjdbc/pgjdbc/commit/14b62aca4764d496813f55a43d050b017e01eb65","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pgjdbc/pgjdbc/commit/14b62aca4764d496813f55a43d050b017e01eb65"},{"reference_url":"https://jdbc.postgresql.org/documentation/changelog.html#version_42.2.13","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://jdbc.postgresql.org/documentation/changelog.html#version_42.2.13"},{"reference_url":"https://lists.apache.org/thread.html/r00bcc6b2da972e0d6332a4ebc7807e17305d8b8e7fb2ae63d2a3cbfb@%3Ccommits.camel.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r00bcc6b2da972e0d6332a4ebc7807e17305d8b8e7fb2ae63d2a3cbfb@%3Ccommits.camel.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r01ae1b3d981cf2e563e9b5b0a6ea54fb3cac8e9a0512ee5269e3420e@%3Ccommits.camel.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r01ae1b3d981cf2e563e9b5b0a6ea54fb3cac8e9a0512ee5269e3420e@%3Ccommits.camel.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r0478a1aa9ae0dbd79d8f7b38d0d93fa933ac232e2b430b6f31a103c0@%3Ccommits.camel.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r0478a1aa9ae0dbd79d8f7b38d0d93fa933ac232e2b430b6f31a103c0@%3Ccommits.camel.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r1aae77706aab7d89b4fe19be468fc3c73e9cc84ff79cc2c3bd07c05a@%3Ccommits.camel.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r1aae77706aab7d89b4fe19be468fc3c73e9cc84ff79cc2c3bd07c05a@%3Ccommits.camel.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r4bdea189c9991aae7a929d28f575ec46e49ed3d68fa5235825f38a4f@%3Cnotifications.netbeans.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r4bdea189c9991aae7a929d28f575ec46e49ed3d68fa5235825f38a4f@%3Cnotifications.netbeans.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r631f967db6260d6178740a3314a35d9421facd8212e62320275fa78e@%3Ccommits.camel.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r631f967db6260d6178740a3314a35d9421facd8212e62320275fa78e@%3Ccommits.camel.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r7f6d019839df17646ffd0046a99146cacf40492a6c92078f65fd32e0@%3Ccommits.camel.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r7f6d019839df17646ffd0046a99146cacf40492a6c92078f65fd32e0@%3Ccommits.camel.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rb89f92aba44f524d5c270e0c44ca7aec4704691c37fe106cf73ec977@%3Cnotifications.netbeans.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rb89f92aba44f524d5c270e0c44ca7aec4704691c37fe106cf73ec977@%3Cnotifications.netbeans.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfe363bf3a46d440ad57fd05c0e313025c7218364bbdc5fd8622ea7ae@%3Ccommits.camel.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rfe363bf3a46d440ad57fd05c0e313025c7218364bbdc5fd8622ea7ae@%3Ccommits.camel.apache.org%3E"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCCAPM6FSNOC272DLSNQ6YHXS3OMHGJC","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCCAPM6FSNOC272DLSNQ6YHXS3OMHGJC"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCCAPM6FSNOC272DLSNQ6YHXS3OMHGJC/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCCAPM6FSNOC272DLSNQ6YHXS3OMHGJC/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20200619-0005","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20200619-0005"},{"reference_url":"https://security.netapp.com/advisory/ntap-20200619-0005/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20200619-0005/"},{"reference_url":"https://www.debian.org/security/2022/dsa-5196","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2022/dsa-5196"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1852985","reference_id":"1852985","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1852985"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962828","reference_id":"962828","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962828"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-13692","reference_id":"CVE-2020-13692","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-13692"},{"reference_url":"https://github.com/advisories/GHSA-88cc-g835-76rp","reference_id":"GHSA-88cc-g835-76rp","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-88cc-g835-76rp"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3005","reference_id":"RHSA-2020:3005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3176","reference_id":"RHSA-2020:3176","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3176"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3209","reference_id":"RHSA-2020:3209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3209"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3248","reference_id":"RHSA-2020:3248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3248"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3283","reference_id":"RHSA-2020:3283","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3283"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3284","reference_id":"RHSA-2020:3284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3285","reference_id":"RHSA-2020:3285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3286","reference_id":"RHSA-2020:3286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3675","reference_id":"RHSA-2020:3675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3675"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3678","reference_id":"RHSA-2020:3678","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3678"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5568","reference_id":"RHSA-2020:5568","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5568"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0110","reference_id":"RHSA-2021:0110","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0110"},{"reference_url":"https://usn.ubuntu.com/USN-5238-1/","reference_id":"USN-USN-5238-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5238-1/"}],"fixed_packages":[],"aliases":["CVE-2020-13692","GHSA-88cc-g835-76rp"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vdtn-ek54-nqh6"}],"fixing_vulnerabilities":[],"risk_score":"4.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/postgresql-jdbc@8.4.704-4%3Farch=el6_10"}