Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:maven/org.jgroups/jgroups@2.12.0.CR4

Type maven

Namespace org.jgroups

Name jgroups

Version 2.12.0.CR4

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 4.0

Latest_non_vulnerable_version 4.0.0.Final

Affected_by_vulnerabilities

url VCID-uwtw-5dcf-ufbm

vulnerability_id VCID-uwtw-5dcf-ufbm

summary

Authorization bypass in JGroups
JGroups does not require the proper headers for the ENCRYPT and AUTH protocols from nodes joining the cluster, which allows remote attackers to bypass security restrictions and send and receive messages within the cluster via unspecified vectors.

references

reference_url

http://rhn.redhat.com/errata/RHSA-2016-1435.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2016-1435.html

reference_url

http://rhn.redhat.com/errata/RHSA-2016-1439.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2016-1439.html

reference_url

http://rhn.redhat.com/errata/RHSA-2016-2035.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2016-2035.html

reference_url

https://access.redhat.com/errata/RHSA-2016:1345

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2016:1345

reference_url

https://access.redhat.com/errata/RHSA-2016:1346

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2016:1346

reference_url

https://access.redhat.com/errata/RHSA-2016:1347

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2016:1347

reference_url

https://access.redhat.com/errata/RHSA-2016:1374

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2016:1374

reference_url

https://access.redhat.com/errata/RHSA-2016:1376

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2016:1376

reference_url

https://access.redhat.com/errata/RHSA-2016:1389

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2016:1389

reference_url

https://access.redhat.com/errata/RHSA-2016:1432

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2016:1432

reference_url

https://access.redhat.com/errata/RHSA-2016:1433

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2016:1433

reference_url

https://access.redhat.com/errata/RHSA-2016:1434

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2016:1434

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2141.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2141.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2141

reference_id

reference_type

scores

value	0.02326
scoring_system	epss
scoring_elements	0.85111
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2141

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1313589
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1313589

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/belaban/JGroups

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/belaban/JGroups

reference_url	https://github.com/belaban/JGroups/commit/38a882331035ffed205d15a5c92b471fd09659c
reference_id
reference_type
scores
url	https://github.com/belaban/JGroups/commit/38a882331035ffed205d15a5c92b471fd09659c

reference_url	https://github.com/belaban/JGroups/commit/c3ad22234ef84d06d04d908b3c94c0d11df8afd
reference_id
reference_type
scores
url	https://github.com/belaban/JGroups/commit/c3ad22234ef84d06d04d908b3c94c0d11df8afd

reference_url

https://github.com/belaban/JGroups/commit/eeaf5241cce464ef21a2dfc4938729ade9ebef36

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/belaban/JGroups/commit/eeaf5241cce464ef21a2dfc4938729ade9ebef36

reference_url	https://github.com/belaban/JGroups/commit/fba182c14075789e1d2c976d50d9018c671ad0b
reference_id
reference_type
scores
url	https://github.com/belaban/JGroups/commit/fba182c14075789e1d2c976d50d9018c671ad0b

reference_url

https://issues.jboss.org/browse/JGRP-2021

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://issues.jboss.org/browse/JGRP-2021

reference_url

https://issues.redhat.com/browse/JGRP-2055

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://issues.redhat.com/browse/JGRP-2055

reference_url

https://issues.redhat.com/browse/JGRP-2074

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://issues.redhat.com/browse/JGRP-2074

reference_url

https://lists.apache.org/thread.html/ra18cac97416abc2958db0b107877c31da28d884fa6e70fd89c87384a@%3Cdev.geode.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/ra18cac97416abc2958db0b107877c31da28d884fa6e70fd89c87384a@%3Cdev.geode.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rb37cc937d4fc026fb56de4b4ec0d054aa4083c1a4edd0d8360c068a0@%3Cdev.geode.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rb37cc937d4fc026fb56de4b4ec0d054aa4083c1a4edd0d8360c068a0@%3Cdev.geode.apache.org%3E

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2141

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2141

reference_url

https://rhn.redhat.com/errata/RHSA-2016-1328.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://rhn.redhat.com/errata/RHSA-2016-1328.html

reference_url

https://rhn.redhat.com/errata/RHSA-2016-1329.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://rhn.redhat.com/errata/RHSA-2016-1329.html

reference_url

https://rhn.redhat.com/errata/RHSA-2016-1330.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://rhn.redhat.com/errata/RHSA-2016-1330.html

reference_url

https://rhn.redhat.com/errata/RHSA-2016-1331.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://rhn.redhat.com/errata/RHSA-2016-1331.html

reference_url

https://rhn.redhat.com/errata/RHSA-2016-1332.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://rhn.redhat.com/errata/RHSA-2016-1332.html

reference_url

https://rhn.redhat.com/errata/RHSA-2016-1333.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://rhn.redhat.com/errata/RHSA-2016-1333.html

reference_url

https://rhn.redhat.com/errata/RHSA-2016-1334.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://rhn.redhat.com/errata/RHSA-2016-1334.html

reference_url

https://web.archive.org/web/20161013163606/http://www.securityfocus.com/bid/91481

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20161013163606/http://www.securityfocus.com/bid/91481

reference_url

https://web.archive.org/web/20201207092245/http://www.securitytracker.com/id/1036165

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20201207092245/http://www.securitytracker.com/id/1036165

reference_url

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867493
reference_id	867493
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867493

reference_url	https://access.redhat.com/errata/RHSA-2016:1328
reference_id	RHSA-2016:1328
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1328

reference_url	https://access.redhat.com/errata/RHSA-2016:1329
reference_id	RHSA-2016:1329
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1329

reference_url	https://access.redhat.com/errata/RHSA-2016:1330
reference_id	RHSA-2016:1330
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1330

reference_url	https://access.redhat.com/errata/RHSA-2016:1331
reference_id	RHSA-2016:1331
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1331

reference_url	https://access.redhat.com/errata/RHSA-2016:1332
reference_id	RHSA-2016:1332
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1332

reference_url	https://access.redhat.com/errata/RHSA-2016:1333
reference_id	RHSA-2016:1333
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1333

reference_url	https://access.redhat.com/errata/RHSA-2016:1334
reference_id	RHSA-2016:1334
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1334

reference_url	https://access.redhat.com/errata/RHSA-2016:1435
reference_id	RHSA-2016:1435
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1435

reference_url	https://access.redhat.com/errata/RHSA-2016:1439
reference_id	RHSA-2016:1439
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1439

reference_url	https://access.redhat.com/errata/RHSA-2016:2035
reference_id	RHSA-2016:2035
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2035

fixed_packages

url pkg:maven/org.jgroups/jgroups@3.2.16.Final

purl pkg:maven/org.jgroups/jgroups@3.2.16.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-uwtw-5dcf-ufbm

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jgroups/jgroups@3.2.16.Final

url pkg:maven/org.jgroups/jgroups@3.6.10.Final

purl pkg:maven/org.jgroups/jgroups@3.6.10.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-uwtw-5dcf-ufbm

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jgroups/jgroups@3.6.10.Final

url	pkg:maven/org.jgroups/jgroups@4.0
purl	pkg:maven/org.jgroups/jgroups@4.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.jgroups/jgroups@4.0

url	pkg:maven/org.jgroups/jgroups@4.0.0.Final
purl	pkg:maven/org.jgroups/jgroups@4.0.0.Final
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.jgroups/jgroups@4.0.0.Final

aliases CVE-2016-2141, GHSA-rc7h-x6cq-988q

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uwtw-5dcf-ufbm

Fixing_vulnerabilities

Risk_score 4.5

Resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jgroups/jgroups@2.12.0.CR4

Package Instance