Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:maven/org.apache.commons/commons-configuration2@2.0

Type maven

Namespace org.apache.commons

Name commons-configuration2

Version 2.0

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 2.10.1

Latest_non_vulnerable_version 2.15.0

Affected_by_vulnerabilities

url VCID-6ztz-zvmr-6uet

vulnerability_id VCID-6ztz-zvmr-6uet

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29133.json

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29133.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-29133

reference_id

reference_type

scores

value	0.00997
scoring_system	epss
scoring_elements	0.77384
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-29133

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29133
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29133

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/apache/commons-configuration/commit/43f4dab021e9acb8db390db2ae80aa0cee4f9ee4

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/commons-configuration/commit/43f4dab021e9acb8db390db2ae80aa0cee4f9ee4

reference_url

https://issues.apache.org/jira/browse/CONFIGURATION-841

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://issues.apache.org/jira/browse/CONFIGURATION-841

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SNKDKEEKZNL5FGCTZKJ6CFXFVWFL5FJ7

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SNKDKEEKZNL5FGCTZKJ6CFXFVWFL5FJ7

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YD4AFTIIQW662LUAQRMWS6BBKYSZG3YS

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YD4AFTIIQW662LUAQRMWS6BBKYSZG3YS

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1067514
reference_id	1067514
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1067514

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2270673
reference_id	2270673
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2270673

reference_url

http://www.openwall.com/lists/oss-security/2024/03/20/3

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-29T14:19:05Z/

url

http://www.openwall.com/lists/oss-security/2024/03/20/3

reference_url

https://lists.apache.org/thread/ccb9w15bscznh6tnp3wsvrrj9crbszh2

reference_id

ccb9w15bscznh6tnp3wsvrrj9crbszh2

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-29T14:19:05Z/

url

https://lists.apache.org/thread/ccb9w15bscznh6tnp3wsvrrj9crbszh2

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-29133

reference_id

CVE-2024-29133

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-29133

reference_url

https://github.com/advisories/GHSA-9w38-p64v-xpmv

reference_id

GHSA-9w38-p64v-xpmv

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-9w38-p64v-xpmv

reference_url	https://access.redhat.com/errata/RHSA-2024:2945
reference_id	RHSA-2024:2945
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2945

reference_url	https://access.redhat.com/errata/RHSA-2024:3920
reference_id	RHSA-2024:3920
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3920

reference_url	https://access.redhat.com/errata/RHSA-2024:3989
reference_id	RHSA-2024:3989
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3989

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SNKDKEEKZNL5FGCTZKJ6CFXFVWFL5FJ7/

reference_id

SNKDKEEKZNL5FGCTZKJ6CFXFVWFL5FJ7

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-29T14:19:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SNKDKEEKZNL5FGCTZKJ6CFXFVWFL5FJ7/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YD4AFTIIQW662LUAQRMWS6BBKYSZG3YS/

reference_id

YD4AFTIIQW662LUAQRMWS6BBKYSZG3YS

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-29T14:19:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YD4AFTIIQW662LUAQRMWS6BBKYSZG3YS/

fixed_packages

url	pkg:maven/org.apache.commons/commons-configuration2@2.10.1
purl	pkg:maven/org.apache.commons/commons-configuration2@2.10.1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.commons/commons-configuration2@2.10.1

aliases CVE-2024-29133, GHSA-9w38-p64v-xpmv

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6ztz-zvmr-6uet

url VCID-zs4f-m84q-q7ay

vulnerability_id VCID-zs4f-m84q-q7ay

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29131.json

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29131.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-29131

reference_id

reference_type

scores

value	0.00248
scoring_system	epss
scoring_elements	0.48373
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-29131

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29131
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29131

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/apache/commons-configuration

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/commons-configuration

reference_url

https://github.com/apache/commons-configuration/commit/56b5c4dcdffbde27870df5a3105d6a5f9b22f554

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/commons-configuration/commit/56b5c4dcdffbde27870df5a3105d6a5f9b22f554

reference_url

https://issues.apache.org/jira/browse/CONFIGURATION-840

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://issues.apache.org/jira/browse/CONFIGURATION-840

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SNKDKEEKZNL5FGCTZKJ6CFXFVWFL5FJ7

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SNKDKEEKZNL5FGCTZKJ6CFXFVWFL5FJ7

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YD4AFTIIQW662LUAQRMWS6BBKYSZG3YS

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YD4AFTIIQW662LUAQRMWS6BBKYSZG3YS

reference_url

https://security.netapp.com/advisory/ntap-20241213-0001

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20241213-0001

reference_url

https://lists.apache.org/thread/03nzzzjn4oknyw5y0871tw7ltj0t3r37

reference_id

03nzzzjn4oknyw5y0871tw7ltj0t3r37

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-03-29T15:57:00Z/

url

https://lists.apache.org/thread/03nzzzjn4oknyw5y0871tw7ltj0t3r37

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1067513
reference_id	1067513
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1067513

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2270674
reference_id	2270674
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2270674

reference_url

http://www.openwall.com/lists/oss-security/2024/03/20/4

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-03-29T15:57:00Z/

url

http://www.openwall.com/lists/oss-security/2024/03/20/4

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-29131

reference_id

CVE-2024-29131

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-29131

reference_url

https://github.com/advisories/GHSA-xjp4-hw94-mvp5

reference_id

GHSA-xjp4-hw94-mvp5

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-xjp4-hw94-mvp5

reference_url	https://access.redhat.com/errata/RHSA-2024:2945
reference_id	RHSA-2024:2945
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2945

reference_url	https://access.redhat.com/errata/RHSA-2024:3920
reference_id	RHSA-2024:3920
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3920

reference_url	https://access.redhat.com/errata/RHSA-2024:3989
reference_id	RHSA-2024:3989
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3989

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SNKDKEEKZNL5FGCTZKJ6CFXFVWFL5FJ7/

reference_id

SNKDKEEKZNL5FGCTZKJ6CFXFVWFL5FJ7

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-03-29T15:57:00Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SNKDKEEKZNL5FGCTZKJ6CFXFVWFL5FJ7/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YD4AFTIIQW662LUAQRMWS6BBKYSZG3YS/

reference_id

YD4AFTIIQW662LUAQRMWS6BBKYSZG3YS

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-03-29T15:57:00Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YD4AFTIIQW662LUAQRMWS6BBKYSZG3YS/

fixed_packages

url	pkg:maven/org.apache.commons/commons-configuration2@2.10.1
purl	pkg:maven/org.apache.commons/commons-configuration2@2.10.1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.commons/commons-configuration2@2.10.1

aliases CVE-2024-29131, GHSA-xjp4-hw94-mvp5

risk_score 3.3

exploitability 0.5

weighted_severity 6.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zs4f-m84q-q7ay

Fixing_vulnerabilities

Risk_score 3.3

Resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.commons/commons-configuration2@2.0

Package Instance