Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.springframework/spring-context@1.0-m4
Typemaven
Namespaceorg.springframework
Namespring-context
Version1.0-m4
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version5.2.21.RELEASE
Latest_non_vulnerable_version6.2.7
Affected_by_vulnerabilities
0
url VCID-c74k-e1me-pfb2
vulnerability_id VCID-c74k-e1me-pfb2
summary 
Improper Handling of Case Sensitivity
In Spring Framework versions 5.3.0 - 5.3.18, 5.2.0 - 5.2.20, and older unsupported versions, the patterns for disallowedFields on a DataBinder are case sensitive which means a field is not effectively protected unless it is listed with both upper and lower case for the first character of the field, including upper and lower case for the first character of all nested fields within the property path.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22968.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22968.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-22968
reference_id
reference_type
scores
0
value 0.2051
scoring_system epss
scoring_elements 0.95572
published_at 2026-04-18T12:55:00Z
1
value 0.2051
scoring_system epss
scoring_elements 0.95566
published_at 2026-04-16T12:55:00Z
2
value 0.2051
scoring_system epss
scoring_elements 0.95558
published_at 2026-04-13T12:55:00Z
3
value 0.2051
scoring_system epss
scoring_elements 0.95557
published_at 2026-04-12T12:55:00Z
4
value 0.2051
scoring_system epss
scoring_elements 0.95555
published_at 2026-04-11T12:55:00Z
5
value 0.2051
scoring_system epss
scoring_elements 0.95551
published_at 2026-04-09T12:55:00Z
6
value 0.2051
scoring_system epss
scoring_elements 0.95548
published_at 2026-04-08T12:55:00Z
7
value 0.2051
scoring_system epss
scoring_elements 0.95541
published_at 2026-04-07T12:55:00Z
8
value 0.2051
scoring_system epss
scoring_elements 0.95538
published_at 2026-04-04T12:55:00Z
9
value 0.2051
scoring_system epss
scoring_elements 0.95532
published_at 2026-04-02T12:55:00Z
10
value 0.20519
scoring_system epss
scoring_elements 0.95576
published_at 2026-04-29T12:55:00Z
11
value 0.20519
scoring_system epss
scoring_elements 0.95573
published_at 2026-04-21T12:55:00Z
12
value 0.20519
scoring_system epss
scoring_elements 0.95574
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-22968
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22968
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22968
3
reference_url https://github.com/spring-projects/spring-framework
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/spring-projects/spring-framework
4
reference_url https://github.com/spring-projects/spring-framework/commit/833e750175349ab4fd502109a8b41af77e25cdea
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/spring-projects/spring-framework/commit/833e750175349ab4fd502109a8b41af77e25cdea
5
reference_url https://github.com/spring-projects/spring-framework/commit/a7cf19cec5ebd270f97a194d749e2d5701ad2ab7
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/spring-projects/spring-framework/commit/a7cf19cec5ebd270f97a194d749e2d5701ad2ab7
6
reference_url https://security.netapp.com/advisory/ntap-20220602-0004
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220602-0004
7
reference_url https://security.netapp.com/advisory/ntap-20220602-0004/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20220602-0004/
8
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2022.html
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2075441
reference_id 2075441
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2075441
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-22968
reference_id CVE-2022-22968
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-22968
11
reference_url https://tanzu.vmware.com/security/cve-2022-22968
reference_id CVE-2022-22968
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tanzu.vmware.com/security/cve-2022-22968
12
reference_url https://github.com/advisories/GHSA-g5mm-vmx4-3rg7
reference_id GHSA-g5mm-vmx4-3rg7
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-g5mm-vmx4-3rg7
13
reference_url https://access.redhat.com/errata/RHSA-2022:5101
reference_id RHSA-2022:5101
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5101
14
reference_url https://access.redhat.com/errata/RHSA-2022:5532
reference_id RHSA-2022:5532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5532
fixed_packages
0
url pkg:maven/org.springframework/spring-context@5.2.21
purl pkg:maven/org.springframework/spring-context@5.2.21
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework/spring-context@5.2.21
1
url pkg:maven/org.springframework/spring-context@5.2.21.RELEASE
purl pkg:maven/org.springframework/spring-context@5.2.21.RELEASE
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework/spring-context@5.2.21.RELEASE
2
url pkg:maven/org.springframework/spring-context@5.3.19
purl pkg:maven/org.springframework/spring-context@5.3.19
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework/spring-context@5.3.19
aliases CVE-2022-22968, GHSA-g5mm-vmx4-3rg7
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c74k-e1me-pfb2
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.springframework/spring-context@1.0-m4