Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/jbossas-domain@7.5.24-2.Final_redhat_00001.1.ep6?arch=el6
Typerpm
Namespaceredhat
Namejbossas-domain
Version7.5.24-2.Final_redhat_00001.1.ep6
Qualifiers
arch el6
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-4kg8-pt48-sqdw
vulnerability_id VCID-4kg8-pt48-sqdw
summary 
Deserialization of Untrusted Data
JMSAppender in Log4j is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide `TopicBindingName` and `TopicConnectionFactoryBindingName` configurations causing JMSAppender to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-44228. Note this issue only affects Log4j when specifically configured to use JMSAppender, which is not the default. Apache Log4j reached end of life in August Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4104.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4104.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-4104
reference_id
reference_type
scores
0
value 0.72202
scoring_system epss
scoring_elements 0.98775
published_at 2026-06-06T12:55:00Z
1
value 0.72202
scoring_system epss
scoring_elements 0.98773
published_at 2026-06-09T12:55:00Z
2
value 0.72202
scoring_system epss
scoring_elements 0.98774
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-4104
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4104
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4104
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/apache/logging-log4j2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/logging-log4j2
5
reference_url https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-20T16:29:18Z/
url https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126
6
reference_url https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0033
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-20T16:29:18Z/
url https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0033
7
reference_url https://security.gentoo.org/glsa/202209-02
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-20T16:29:18Z/
url https://security.gentoo.org/glsa/202209-02
8
reference_url https://security.gentoo.org/glsa/202310-16
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-20T16:29:18Z/
url https://security.gentoo.org/glsa/202310-16
9
reference_url https://security.gentoo.org/glsa/202312-02
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-20T16:29:18Z/
url https://security.gentoo.org/glsa/202312-02
10
reference_url https://security.gentoo.org/glsa/202312-04
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-20T16:29:18Z/
url https://security.gentoo.org/glsa/202312-04
11
reference_url https://security.netapp.com/advisory/ntap-20211223-0007
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20211223-0007
12
reference_url https://security.netapp.com/advisory/ntap-20211223-0007/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-20T16:29:18Z/
url https://security.netapp.com/advisory/ntap-20211223-0007/
13
reference_url https://www.cve.org/CVERecord?id=CVE-2021-44228
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-20T16:29:18Z/
url https://www.cve.org/CVERecord?id=CVE-2021-44228
14
reference_url https://www.kb.cert.org/vuls/id/930724
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-20T16:29:18Z/
url https://www.kb.cert.org/vuls/id/930724
15
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-20T16:29:18Z/
url https://www.oracle.com/security-alerts/cpuapr2022.html
16
reference_url https://www.oracle.com/security-alerts/cpujan2022.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-20T16:29:18Z/
url https://www.oracle.com/security-alerts/cpujan2022.html
17
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-20T16:29:18Z/
url https://www.oracle.com/security-alerts/cpujul2022.html
18
reference_url http://www.openwall.com/lists/oss-security/2022/01/18/3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-20T16:29:18Z/
url http://www.openwall.com/lists/oss-security/2022/01/18/3
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2031667
reference_id 2031667
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2031667
20
reference_url https://access.redhat.com/security/cve/CVE-2021-4104
reference_id CVE-2021-4104
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-20T16:29:18Z/
url https://access.redhat.com/security/cve/CVE-2021-4104
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-4104
reference_id CVE-2021-4104
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-4104
22
reference_url https://github.com/advisories/GHSA-fp5r-v3w9-4333
reference_id GHSA-fp5r-v3w9-4333
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fp5r-v3w9-4333
23
reference_url https://access.redhat.com/errata/RHSA-2021:5107
reference_id RHSA-2021:5107
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5107
24
reference_url https://access.redhat.com/errata/RHSA-2021:5141
reference_id RHSA-2021:5141
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5141
25
reference_url https://access.redhat.com/errata/RHSA-2021:5148
reference_id RHSA-2021:5148
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5148
26
reference_url https://access.redhat.com/errata/RHSA-2021:5183
reference_id RHSA-2021:5183
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5183
27
reference_url https://access.redhat.com/errata/RHSA-2021:5184
reference_id RHSA-2021:5184
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5184
28
reference_url https://access.redhat.com/errata/RHSA-2021:5186
reference_id RHSA-2021:5186
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5186
29
reference_url https://access.redhat.com/errata/RHSA-2021:5206
reference_id RHSA-2021:5206
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5206
30
reference_url https://access.redhat.com/errata/RHSA-2021:5269
reference_id RHSA-2021:5269
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5269
31
reference_url https://access.redhat.com/errata/RHSA-2022:0289
reference_id RHSA-2022:0289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0289
32
reference_url https://access.redhat.com/errata/RHSA-2022:0290
reference_id RHSA-2022:0290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0290
33
reference_url https://access.redhat.com/errata/RHSA-2022:0291
reference_id RHSA-2022:0291
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0291
34
reference_url https://access.redhat.com/errata/RHSA-2022:0294
reference_id RHSA-2022:0294
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0294
35
reference_url https://access.redhat.com/errata/RHSA-2022:0430
reference_id RHSA-2022:0430
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0430
36
reference_url https://access.redhat.com/errata/RHSA-2022:0435
reference_id RHSA-2022:0435
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0435
37
reference_url https://access.redhat.com/errata/RHSA-2022:0436
reference_id RHSA-2022:0436
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0436
38
reference_url https://access.redhat.com/errata/RHSA-2022:0437
reference_id RHSA-2022:0437
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0437
39
reference_url https://access.redhat.com/errata/RHSA-2022:0438
reference_id RHSA-2022:0438
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0438
40
reference_url https://access.redhat.com/errata/RHSA-2022:0444
reference_id RHSA-2022:0444
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0444
41
reference_url https://access.redhat.com/errata/RHSA-2022:0445
reference_id RHSA-2022:0445
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0445
42
reference_url https://access.redhat.com/errata/RHSA-2022:0446
reference_id RHSA-2022:0446
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0446
43
reference_url https://access.redhat.com/errata/RHSA-2022:0447
reference_id RHSA-2022:0447
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0447
44
reference_url https://access.redhat.com/errata/RHSA-2022:0448
reference_id RHSA-2022:0448
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0448
45
reference_url https://access.redhat.com/errata/RHSA-2022:0449
reference_id RHSA-2022:0449
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0449
46
reference_url https://access.redhat.com/errata/RHSA-2022:0450
reference_id RHSA-2022:0450
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0450
47
reference_url https://access.redhat.com/errata/RHSA-2022:0475
reference_id RHSA-2022:0475
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0475
48
reference_url https://access.redhat.com/errata/RHSA-2022:0497
reference_id RHSA-2022:0497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0497
49
reference_url https://access.redhat.com/errata/RHSA-2022:0507
reference_id RHSA-2022:0507
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0507
50
reference_url https://access.redhat.com/errata/RHSA-2022:0524
reference_id RHSA-2022:0524
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0524
51
reference_url https://access.redhat.com/errata/RHSA-2022:0527
reference_id RHSA-2022:0527
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0527
52
reference_url https://access.redhat.com/errata/RHSA-2022:0553
reference_id RHSA-2022:0553
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0553
53
reference_url https://access.redhat.com/errata/RHSA-2022:0661
reference_id RHSA-2022:0661
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0661
54
reference_url https://access.redhat.com/errata/RHSA-2022:1296
reference_id RHSA-2022:1296
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1296
55
reference_url https://access.redhat.com/errata/RHSA-2022:1297
reference_id RHSA-2022:1297
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1297
56
reference_url https://access.redhat.com/errata/RHSA-2022:1299
reference_id RHSA-2022:1299
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1299
57
reference_url https://access.redhat.com/errata/RHSA-2022:5458
reference_id RHSA-2022:5458
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5458
58
reference_url https://access.redhat.com/errata/RHSA-2022:5459
reference_id RHSA-2022:5459
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5459
59
reference_url https://access.redhat.com/errata/RHSA-2022:5460
reference_id RHSA-2022:5460
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5460
60
reference_url https://access.redhat.com/errata/RHSA-2024:5856
reference_id RHSA-2024:5856
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5856
61
reference_url https://usn.ubuntu.com/5223-1/
reference_id USN-5223-1
reference_type
scores
url https://usn.ubuntu.com/5223-1/
62
reference_url https://usn.ubuntu.com/USN-5223-2/
reference_id USN-USN-5223-2
reference_type
scores
url https://usn.ubuntu.com/USN-5223-2/
fixed_packages
aliases CVE-2021-4104, GHSA-fp5r-v3w9-4333
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4kg8-pt48-sqdw
1
url VCID-d1ur-tzx5-qkgj
vulnerability_id VCID-d1ur-tzx5-qkgj
summary 
Deserialization of Untrusted Data in Log4j 1.x
JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to. The attacker can provide a TopicConnectionFactoryBindingName configuration causing JMSSink to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-4104. Note this issue only affects Log4j 1.x when specifically configured to use JMSSink, which is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23302.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23302.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23302
reference_id
reference_type
scores
0
value 0.00785
scoring_system epss
scoring_elements 0.74175
published_at 2026-06-09T12:55:00Z
1
value 0.00785
scoring_system epss
scoring_elements 0.74141
published_at 2026-06-04T12:55:00Z
2
value 0.00785
scoring_system epss
scoring_elements 0.74174
published_at 2026-06-05T12:55:00Z
3
value 0.00785
scoring_system epss
scoring_elements 0.74179
published_at 2026-06-06T12:55:00Z
4
value 0.00785
scoring_system epss
scoring_elements 0.74166
published_at 2026-06-07T12:55:00Z
5
value 0.00785
scoring_system epss
scoring_elements 0.74148
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23302
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23302
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23302
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/apache/logging-log4j1
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/logging-log4j1
5
reference_url https://lists.apache.org/thread/bsr3l5qz4g0myrjhy9h67bcxodpkwj4w
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-22T13:40:24Z/
url https://lists.apache.org/thread/bsr3l5qz4g0myrjhy9h67bcxodpkwj4w
6
reference_url https://logging.apache.org/log4j/1.2/index.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-22T13:40:24Z/
url https://logging.apache.org/log4j/1.2/index.html
7
reference_url https://security.netapp.com/advisory/ntap-20220217-0006
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220217-0006
8
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-22T13:40:24Z/
url https://www.oracle.com/security-alerts/cpuapr2022.html
9
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-22T13:40:24Z/
url https://www.oracle.com/security-alerts/cpujul2022.html
10
reference_url http://www.openwall.com/lists/oss-security/2022/01/18/3
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-22T13:40:24Z/
url http://www.openwall.com/lists/oss-security/2022/01/18/3
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004482
reference_id 1004482
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004482
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2041949
reference_id 2041949
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2041949
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23302
reference_id CVE-2022-23302
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-23302
14
reference_url https://www.vicarius.io/vsociety/posts/cve-2022-23302-detect-log4j-1217-vulnerability
reference_id CVE-2022-23302-DETECT-LOG4J-1217-VULNERABILITY
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.vicarius.io/vsociety/posts/cve-2022-23302-detect-log4j-1217-vulnerability
15
reference_url https://www.vicarius.io/vsociety/posts/cve-2022-23302-mitigate-log4j-1217-vulnerability
reference_id CVE-2022-23302-MITIGATE-LOG4J-1217-VULNERABILITY
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.vicarius.io/vsociety/posts/cve-2022-23302-mitigate-log4j-1217-vulnerability
16
reference_url https://github.com/advisories/GHSA-w9p3-5cr8-m3jj
reference_id GHSA-w9p3-5cr8-m3jj
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w9p3-5cr8-m3jj
17
reference_url https://security.gentoo.org/glsa/202402-16
reference_id GLSA-202402-16
reference_type
scores
url https://security.gentoo.org/glsa/202402-16
18
reference_url https://security.netapp.com/advisory/ntap-20220217-0006/
reference_id ntap-20220217-0006
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-22T13:40:24Z/
url https://security.netapp.com/advisory/ntap-20220217-0006/
19
reference_url https://access.redhat.com/errata/RHSA-2022:0289
reference_id RHSA-2022:0289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0289
20
reference_url https://access.redhat.com/errata/RHSA-2022:0290
reference_id RHSA-2022:0290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0290
21
reference_url https://access.redhat.com/errata/RHSA-2022:0291
reference_id RHSA-2022:0291
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0291
22
reference_url https://access.redhat.com/errata/RHSA-2022:0294
reference_id RHSA-2022:0294
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0294
23
reference_url https://access.redhat.com/errata/RHSA-2022:0430
reference_id RHSA-2022:0430
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0430
24
reference_url https://access.redhat.com/errata/RHSA-2022:0435
reference_id RHSA-2022:0435
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0435
25
reference_url https://access.redhat.com/errata/RHSA-2022:0436
reference_id RHSA-2022:0436
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0436
26
reference_url https://access.redhat.com/errata/RHSA-2022:0437
reference_id RHSA-2022:0437
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0437
27
reference_url https://access.redhat.com/errata/RHSA-2022:0438
reference_id RHSA-2022:0438
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0438
28
reference_url https://access.redhat.com/errata/RHSA-2022:0439
reference_id RHSA-2022:0439
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0439
29
reference_url https://access.redhat.com/errata/RHSA-2022:0442
reference_id RHSA-2022:0442
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0442
30
reference_url https://access.redhat.com/errata/RHSA-2022:0444
reference_id RHSA-2022:0444
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0444
31
reference_url https://access.redhat.com/errata/RHSA-2022:0445
reference_id RHSA-2022:0445
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0445
32
reference_url https://access.redhat.com/errata/RHSA-2022:0446
reference_id RHSA-2022:0446
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0446
33
reference_url https://access.redhat.com/errata/RHSA-2022:0447
reference_id RHSA-2022:0447
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0447
34
reference_url https://access.redhat.com/errata/RHSA-2022:0448
reference_id RHSA-2022:0448
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0448
35
reference_url https://access.redhat.com/errata/RHSA-2022:0449
reference_id RHSA-2022:0449
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0449
36
reference_url https://access.redhat.com/errata/RHSA-2022:0450
reference_id RHSA-2022:0450
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0450
37
reference_url https://access.redhat.com/errata/RHSA-2022:0467
reference_id RHSA-2022:0467
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0467
38
reference_url https://access.redhat.com/errata/RHSA-2022:0469
reference_id RHSA-2022:0469
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0469
39
reference_url https://access.redhat.com/errata/RHSA-2022:0475
reference_id RHSA-2022:0475
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0475
40
reference_url https://access.redhat.com/errata/RHSA-2022:0497
reference_id RHSA-2022:0497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0497
41
reference_url https://access.redhat.com/errata/RHSA-2022:0507
reference_id RHSA-2022:0507
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0507
42
reference_url https://access.redhat.com/errata/RHSA-2022:0524
reference_id RHSA-2022:0524
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0524
43
reference_url https://access.redhat.com/errata/RHSA-2022:0527
reference_id RHSA-2022:0527
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0527
44
reference_url https://access.redhat.com/errata/RHSA-2022:0553
reference_id RHSA-2022:0553
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0553
45
reference_url https://access.redhat.com/errata/RHSA-2022:0661
reference_id RHSA-2022:0661
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0661
46
reference_url https://access.redhat.com/errata/RHSA-2022:1296
reference_id RHSA-2022:1296
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1296
47
reference_url https://access.redhat.com/errata/RHSA-2022:1297
reference_id RHSA-2022:1297
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1297
48
reference_url https://access.redhat.com/errata/RHSA-2022:1299
reference_id RHSA-2022:1299
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1299
49
reference_url https://access.redhat.com/errata/RHSA-2022:5458
reference_id RHSA-2022:5458
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5458
50
reference_url https://access.redhat.com/errata/RHSA-2022:5459
reference_id RHSA-2022:5459
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5459
51
reference_url https://access.redhat.com/errata/RHSA-2022:5460
reference_id RHSA-2022:5460
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5460
52
reference_url https://access.redhat.com/errata/RHSA-2024:5856
reference_id RHSA-2024:5856
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5856
53
reference_url https://usn.ubuntu.com/5998-1/
reference_id USN-5998-1
reference_type
scores
url https://usn.ubuntu.com/5998-1/
54
reference_url https://usn.ubuntu.com/7590-1/
reference_id USN-7590-1
reference_type
scores
url https://usn.ubuntu.com/7590-1/
fixed_packages
aliases CVE-2022-23302, GHSA-w9p3-5cr8-m3jj
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d1ur-tzx5-qkgj
2
url VCID-eje8-2hub-j7ag
vulnerability_id VCID-eje8-2hub-j7ag
summary 
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
By design, the JDBCAppender in Log4j accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be included. This allows attackers to manipulate the SQL by entering crafted strings into input fields or headers of an application that are logged allowing unintended SQL queries to be executed. Note this issue only affects Log4j when specifically configured to use the JDBCAppender, which is not the default. Beginning, the JDBCAppender was re-introduced with proper support for parameterized SQL queries and further customization over the columns written to in logs. Apache Log4j reached end of life in August Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23305.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23305.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23305
reference_id
reference_type
scores
0
value 0.09452
scoring_system epss
scoring_elements 0.92966
published_at 2026-06-08T12:55:00Z
1
value 0.09452
scoring_system epss
scoring_elements 0.92965
published_at 2026-06-04T12:55:00Z
2
value 0.09452
scoring_system epss
scoring_elements 0.92976
published_at 2026-06-09T12:55:00Z
3
value 0.09452
scoring_system epss
scoring_elements 0.92973
published_at 2026-06-06T12:55:00Z
4
value 0.09452
scoring_system epss
scoring_elements 0.92968
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23305
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23305
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23305
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/apache/logging-log4j1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/logging-log4j1
5
reference_url https://lists.apache.org/thread/pt6lh3pbsvxqlwlp4c5l798dv2hkc85y
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-22T13:32:51Z/
url https://lists.apache.org/thread/pt6lh3pbsvxqlwlp4c5l798dv2hkc85y
6
reference_url https://logging.apache.org/log4j/1.2/index.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-22T13:32:51Z/
url https://logging.apache.org/log4j/1.2/index.html
7
reference_url https://security.netapp.com/advisory/ntap-20220217-0007
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220217-0007
8
reference_url https://security.netapp.com/advisory/ntap-20220217-0007/
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-22T13:32:51Z/
url https://security.netapp.com/advisory/ntap-20220217-0007/
9
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-22T13:32:51Z/
url https://www.oracle.com/security-alerts/cpuapr2022.html
10
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-22T13:32:51Z/
url https://www.oracle.com/security-alerts/cpujul2022.html
11
reference_url http://www.openwall.com/lists/oss-security/2022/01/18/4
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-22T13:32:51Z/
url http://www.openwall.com/lists/oss-security/2022/01/18/4
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004482
reference_id 1004482
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004482
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2041959
reference_id 2041959
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2041959
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23305
reference_id CVE-2022-23305
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-23305
15
reference_url https://github.com/advisories/GHSA-65fg-84f6-3jq3
reference_id GHSA-65fg-84f6-3jq3
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-65fg-84f6-3jq3
16
reference_url https://security.gentoo.org/glsa/202402-16
reference_id GLSA-202402-16
reference_type
scores
url https://security.gentoo.org/glsa/202402-16
17
reference_url https://access.redhat.com/errata/RHSA-2022:0289
reference_id RHSA-2022:0289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0289
18
reference_url https://access.redhat.com/errata/RHSA-2022:0290
reference_id RHSA-2022:0290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0290
19
reference_url https://access.redhat.com/errata/RHSA-2022:0291
reference_id RHSA-2022:0291
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0291
20
reference_url https://access.redhat.com/errata/RHSA-2022:0294
reference_id RHSA-2022:0294
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0294
21
reference_url https://access.redhat.com/errata/RHSA-2022:0430
reference_id RHSA-2022:0430
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0430
22
reference_url https://access.redhat.com/errata/RHSA-2022:0435
reference_id RHSA-2022:0435
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0435
23
reference_url https://access.redhat.com/errata/RHSA-2022:0436
reference_id RHSA-2022:0436
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0436
24
reference_url https://access.redhat.com/errata/RHSA-2022:0437
reference_id RHSA-2022:0437
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0437
25
reference_url https://access.redhat.com/errata/RHSA-2022:0438
reference_id RHSA-2022:0438
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0438
26
reference_url https://access.redhat.com/errata/RHSA-2022:0439
reference_id RHSA-2022:0439
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0439
27
reference_url https://access.redhat.com/errata/RHSA-2022:0442
reference_id RHSA-2022:0442
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0442
28
reference_url https://access.redhat.com/errata/RHSA-2022:0444
reference_id RHSA-2022:0444
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0444
29
reference_url https://access.redhat.com/errata/RHSA-2022:0445
reference_id RHSA-2022:0445
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0445
30
reference_url https://access.redhat.com/errata/RHSA-2022:0446
reference_id RHSA-2022:0446
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0446
31
reference_url https://access.redhat.com/errata/RHSA-2022:0447
reference_id RHSA-2022:0447
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0447
32
reference_url https://access.redhat.com/errata/RHSA-2022:0448
reference_id RHSA-2022:0448
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0448
33
reference_url https://access.redhat.com/errata/RHSA-2022:0449
reference_id RHSA-2022:0449
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0449
34
reference_url https://access.redhat.com/errata/RHSA-2022:0450
reference_id RHSA-2022:0450
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0450
35
reference_url https://access.redhat.com/errata/RHSA-2022:0467
reference_id RHSA-2022:0467
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0467
36
reference_url https://access.redhat.com/errata/RHSA-2022:0469
reference_id RHSA-2022:0469
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0469
37
reference_url https://access.redhat.com/errata/RHSA-2022:0475
reference_id RHSA-2022:0475
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0475
38
reference_url https://access.redhat.com/errata/RHSA-2022:0497
reference_id RHSA-2022:0497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0497
39
reference_url https://access.redhat.com/errata/RHSA-2022:0507
reference_id RHSA-2022:0507
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0507
40
reference_url https://access.redhat.com/errata/RHSA-2022:0524
reference_id RHSA-2022:0524
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0524
41
reference_url https://access.redhat.com/errata/RHSA-2022:0527
reference_id RHSA-2022:0527
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0527
42
reference_url https://access.redhat.com/errata/RHSA-2022:0553
reference_id RHSA-2022:0553
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0553
43
reference_url https://access.redhat.com/errata/RHSA-2022:0661
reference_id RHSA-2022:0661
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0661
44
reference_url https://access.redhat.com/errata/RHSA-2022:1296
reference_id RHSA-2022:1296
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1296
45
reference_url https://access.redhat.com/errata/RHSA-2022:1297
reference_id RHSA-2022:1297
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1297
46
reference_url https://access.redhat.com/errata/RHSA-2022:1299
reference_id RHSA-2022:1299
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1299
47
reference_url https://access.redhat.com/errata/RHSA-2022:5458
reference_id RHSA-2022:5458
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5458
48
reference_url https://access.redhat.com/errata/RHSA-2022:5459
reference_id RHSA-2022:5459
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5459
49
reference_url https://access.redhat.com/errata/RHSA-2022:5460
reference_id RHSA-2022:5460
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5460
50
reference_url https://access.redhat.com/errata/RHSA-2024:5856
reference_id RHSA-2024:5856
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5856
51
reference_url https://usn.ubuntu.com/5998-1/
reference_id USN-5998-1
reference_type
scores
url https://usn.ubuntu.com/5998-1/
52
reference_url https://usn.ubuntu.com/7590-1/
reference_id USN-7590-1
reference_type
scores
url https://usn.ubuntu.com/7590-1/
fixed_packages
aliases CVE-2022-23305, GHSA-65fg-84f6-3jq3
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eje8-2hub-j7ag
3
url VCID-jbh7-zmq6-bfgs
vulnerability_id VCID-jbh7-zmq6-bfgs
summary denial of service
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00084.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00084.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00088.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00088.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13935.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13935.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-13935
reference_id
reference_type
scores
0
value 0.92155
scoring_system epss
scoring_elements 0.99726
published_at 2026-06-07T12:55:00Z
1
value 0.92155
scoring_system epss
scoring_elements 0.99725
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-13935
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13934
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13934
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13935
reference_id
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13935
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
9
reference_url https://github.com/apache/tomcat/commit/12d715676038efbf9c728af10163f8277fc019d5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/12d715676038efbf9c728af10163f8277fc019d5
10
reference_url https://github.com/apache/tomcat/commit/1c1c77b0efb667cea80b532440b44cea1dc427c3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/1c1c77b0efb667cea80b532440b44cea1dc427c3
11
reference_url https://github.com/apache/tomcat/commit/40fa74c74822711ab878079d0a69f7357926723d
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/40fa74c74822711ab878079d0a69f7357926723d
12
reference_url https://github.com/apache/tomcat/commit/4c04982870d6e730c38e21e58fb653b7cf723784
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/4c04982870d6e730c38e21e58fb653b7cf723784
13
reference_url https://github.com/apache/tomcat/commit/f9f75c14678b68633f79030ddf4ff827f014cc84
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/f9f75c14678b68633f79030ddf4ff827f014cc84
14
reference_url https://kc.mcafee.com/corporate/index?page=content&id=SB10332
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://kc.mcafee.com/corporate/index?page=content&id=SB10332
15
reference_url https://lists.apache.org/thread.html/r4e5d3c09f4dd2923191e972408b40fb8b42dbff0bc7904d44b651e50@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r4e5d3c09f4dd2923191e972408b40fb8b42dbff0bc7904d44b651e50@%3Cusers.tomcat.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/rd48c72bd3255bda87564d4da3791517c074d94f8a701f93b85752651%40%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rd48c72bd3255bda87564d4da3791517c074d94f8a701f93b85752651%40%3Cannounce.tomcat.apache.org%3E
17
reference_url https://lists.debian.org/debian-lts-announce/2020/07/msg00017.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/07/msg00017.html
18
reference_url https://security.netapp.com/advisory/ntap-20200724-0003
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200724-0003
19
reference_url https://security.netapp.com/advisory/ntap-20200724-0003/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200724-0003/
20
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
21
reference_url https://tomcat.apache.org/security-7.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-7.html
22
reference_url https://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-8.html
23
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
24
reference_url https://usn.ubuntu.com/4448-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4448-1
25
reference_url https://usn.ubuntu.com/4448-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4448-1/
26
reference_url https://usn.ubuntu.com/4596-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4596-1
27
reference_url https://usn.ubuntu.com/4596-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4596-1/
28
reference_url https://www.debian.org/security/2020/dsa-4727
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4727
29
reference_url https://www.oracle.com/security-alerts/cpuApr2021.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuApr2021.html
30
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2022.html
31
reference_url https://www.oracle.com/security-alerts/cpujan2021.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2021.html
32
reference_url https://www.oracle.com/security-alerts/cpujan2022.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2022.html
33
reference_url https://www.oracle.com//security-alerts/cpujul2021.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com//security-alerts/cpujul2021.html
34
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2020.html
35
reference_url https://www.oracle.com/security-alerts/cpuoct2021.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2021.html
36
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1857024
reference_id 1857024
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1857024
37
reference_url https://security.archlinux.org/AVG-1205
reference_id AVG-1205
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1205
38
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-13935
reference_id CVE-2020-13935
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-13935
39
reference_url https://github.com/advisories/GHSA-m7jv-hq7h-mq7c
reference_id GHSA-m7jv-hq7h-mq7c
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-m7jv-hq7h-mq7c
40
reference_url https://access.redhat.com/errata/RHSA-2020:3303
reference_id RHSA-2020:3303
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3303
41
reference_url https://access.redhat.com/errata/RHSA-2020:3305
reference_id RHSA-2020:3305
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3305
42
reference_url https://access.redhat.com/errata/RHSA-2020:3306
reference_id RHSA-2020:3306
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3306
43
reference_url https://access.redhat.com/errata/RHSA-2020:3308
reference_id RHSA-2020:3308
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3308
44
reference_url https://access.redhat.com/errata/RHSA-2020:3382
reference_id RHSA-2020:3382
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3382
45
reference_url https://access.redhat.com/errata/RHSA-2020:3383
reference_id RHSA-2020:3383
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3383
46
reference_url https://access.redhat.com/errata/RHSA-2020:3806
reference_id RHSA-2020:3806
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3806
47
reference_url https://access.redhat.com/errata/RHSA-2020:4004
reference_id RHSA-2020:4004
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4004
48
reference_url https://access.redhat.com/errata/RHSA-2021:3140
reference_id RHSA-2021:3140
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3140
49
reference_url https://access.redhat.com/errata/RHSA-2022:5458
reference_id RHSA-2022:5458
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5458
50
reference_url https://access.redhat.com/errata/RHSA-2022:5459
reference_id RHSA-2022:5459
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5459
51
reference_url https://access.redhat.com/errata/RHSA-2022:5460
reference_id RHSA-2022:5460
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5460
fixed_packages
aliases CVE-2020-13935, GHSA-m7jv-hq7h-mq7c
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jbh7-zmq6-bfgs
4
url VCID-mebx-kds2-f3ee
vulnerability_id VCID-mebx-kds2-f3ee
summary This advisory has been marked as False Positive and removed.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23307.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23307.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23307
reference_id
reference_type
scores
0
value 0.02603
scoring_system epss
scoring_elements 0.85904
published_at 2026-06-08T12:55:00Z
1
value 0.02603
scoring_system epss
scoring_elements 0.85896
published_at 2026-06-04T12:55:00Z
2
value 0.02603
scoring_system epss
scoring_elements 0.85918
published_at 2026-06-09T12:55:00Z
3
value 0.02603
scoring_system epss
scoring_elements 0.8592
published_at 2026-06-06T12:55:00Z
4
value 0.02603
scoring_system epss
scoring_elements 0.85917
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23307
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23307
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23307
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://lists.apache.org/thread/rg4yyc89vs3dw6kpy3r92xop9loywyhh
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-22T13:31:45Z/
url https://lists.apache.org/thread/rg4yyc89vs3dw6kpy3r92xop9loywyhh
5
reference_url https://logging.apache.org/log4j/1.2/index.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-22T13:31:45Z/
url https://logging.apache.org/log4j/1.2/index.html
6
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-22T13:31:45Z/
url https://www.oracle.com/security-alerts/cpuapr2022.html
7
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-22T13:31:45Z/
url https://www.oracle.com/security-alerts/cpujul2022.html
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004482
reference_id 1004482
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004482
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2041967
reference_id 2041967
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2041967
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23307
reference_id CVE-2022-23307
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-23307
11
reference_url https://github.com/advisories/GHSA-f7vh-qwp3-x37m
reference_id GHSA-f7vh-qwp3-x37m
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f7vh-qwp3-x37m
12
reference_url https://access.redhat.com/errata/RHSA-2022:0289
reference_id RHSA-2022:0289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0289
13
reference_url https://access.redhat.com/errata/RHSA-2022:0290
reference_id RHSA-2022:0290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0290
14
reference_url https://access.redhat.com/errata/RHSA-2022:0291
reference_id RHSA-2022:0291
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0291
15
reference_url https://access.redhat.com/errata/RHSA-2022:0294
reference_id RHSA-2022:0294
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0294
16
reference_url https://access.redhat.com/errata/RHSA-2022:0430
reference_id RHSA-2022:0430
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0430
17
reference_url https://access.redhat.com/errata/RHSA-2022:0435
reference_id RHSA-2022:0435
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0435
18
reference_url https://access.redhat.com/errata/RHSA-2022:0436
reference_id RHSA-2022:0436
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0436
19
reference_url https://access.redhat.com/errata/RHSA-2022:0437
reference_id RHSA-2022:0437
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0437
20
reference_url https://access.redhat.com/errata/RHSA-2022:0438
reference_id RHSA-2022:0438
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0438
21
reference_url https://access.redhat.com/errata/RHSA-2022:0439
reference_id RHSA-2022:0439
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0439
22
reference_url https://access.redhat.com/errata/RHSA-2022:0442
reference_id RHSA-2022:0442
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0442
23
reference_url https://access.redhat.com/errata/RHSA-2022:0444
reference_id RHSA-2022:0444
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0444
24
reference_url https://access.redhat.com/errata/RHSA-2022:0445
reference_id RHSA-2022:0445
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0445
25
reference_url https://access.redhat.com/errata/RHSA-2022:0446
reference_id RHSA-2022:0446
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0446
26
reference_url https://access.redhat.com/errata/RHSA-2022:0447
reference_id RHSA-2022:0447
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0447
27
reference_url https://access.redhat.com/errata/RHSA-2022:0448
reference_id RHSA-2022:0448
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0448
28
reference_url https://access.redhat.com/errata/RHSA-2022:0449
reference_id RHSA-2022:0449
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0449
29
reference_url https://access.redhat.com/errata/RHSA-2022:0450
reference_id RHSA-2022:0450
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0450
30
reference_url https://access.redhat.com/errata/RHSA-2022:0467
reference_id RHSA-2022:0467
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0467
31
reference_url https://access.redhat.com/errata/RHSA-2022:0469
reference_id RHSA-2022:0469
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0469
32
reference_url https://access.redhat.com/errata/RHSA-2022:0475
reference_id RHSA-2022:0475
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0475
33
reference_url https://access.redhat.com/errata/RHSA-2022:0497
reference_id RHSA-2022:0497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0497
34
reference_url https://access.redhat.com/errata/RHSA-2022:0507
reference_id RHSA-2022:0507
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0507
35
reference_url https://access.redhat.com/errata/RHSA-2022:0524
reference_id RHSA-2022:0524
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0524
36
reference_url https://access.redhat.com/errata/RHSA-2022:0527
reference_id RHSA-2022:0527
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0527
37
reference_url https://access.redhat.com/errata/RHSA-2022:0553
reference_id RHSA-2022:0553
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0553
38
reference_url https://access.redhat.com/errata/RHSA-2022:0661
reference_id RHSA-2022:0661
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0661
39
reference_url https://access.redhat.com/errata/RHSA-2022:1296
reference_id RHSA-2022:1296
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1296
40
reference_url https://access.redhat.com/errata/RHSA-2022:1297
reference_id RHSA-2022:1297
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1297
41
reference_url https://access.redhat.com/errata/RHSA-2022:1299
reference_id RHSA-2022:1299
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1299
42
reference_url https://access.redhat.com/errata/RHSA-2022:5458
reference_id RHSA-2022:5458
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5458
43
reference_url https://access.redhat.com/errata/RHSA-2022:5459
reference_id RHSA-2022:5459
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5459
44
reference_url https://access.redhat.com/errata/RHSA-2022:5460
reference_id RHSA-2022:5460
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5460
45
reference_url https://access.redhat.com/errata/RHSA-2024:5856
reference_id RHSA-2024:5856
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5856
46
reference_url https://usn.ubuntu.com/5998-1/
reference_id USN-5998-1
reference_type
scores
url https://usn.ubuntu.com/5998-1/
47
reference_url https://usn.ubuntu.com/7590-1/
reference_id USN-7590-1
reference_type
scores
url https://usn.ubuntu.com/7590-1/
fixed_packages
aliases CVE-2022-23307, GHSA-f7vh-qwp3-x37m
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mebx-kds2-f3ee
5
url VCID-xynk-bscq-1ydk
vulnerability_id VCID-xynk-bscq-1ydk
summary jbossweb: Incomplete fix of CVE-2020-13935 for WebSocket in JBossWeb could lead to DoS
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14384.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14384.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14384
reference_id
reference_type
scores
0
value 0.00325
scoring_system epss
scoring_elements 0.55809
published_at 2026-06-04T12:55:00Z
1
value 0.00325
scoring_system epss
scoring_elements 0.55866
published_at 2026-06-05T12:55:00Z
2
value 0.00325
scoring_system epss
scoring_elements 0.55871
published_at 2026-06-06T12:55:00Z
3
value 0.00325
scoring_system epss
scoring_elements 0.55858
published_at 2026-06-07T12:55:00Z
4
value 0.00325
scoring_system epss
scoring_elements 0.55841
published_at 2026-06-08T12:55:00Z
5
value 0.00325
scoring_system epss
scoring_elements 0.55861
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14384
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1875176
reference_id 1875176
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1875176
3
reference_url https://access.redhat.com/errata/RHSA-2020:3730
reference_id RHSA-2020:3730
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3730
4
reference_url https://access.redhat.com/errata/RHSA-2020:3731
reference_id RHSA-2020:3731
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3731
5
reference_url https://access.redhat.com/errata/RHSA-2022:5458
reference_id RHSA-2022:5458
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5458
6
reference_url https://access.redhat.com/errata/RHSA-2022:5459
reference_id RHSA-2022:5459
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5459
7
reference_url https://access.redhat.com/errata/RHSA-2022:5460
reference_id RHSA-2022:5460
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5460
fixed_packages
aliases CVE-2020-14384
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xynk-bscq-1ydk
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbossas-domain@7.5.24-2.Final_redhat_00001.1.ep6%3Farch=el6