Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/eap7-glassfish-jsf@2.3.14-9.SP10_redhat_00001.1?arch=el7eap
Typerpm
Namespaceredhat
Nameeap7-glassfish-jsf
Version2.3.14-9.SP10_redhat_00001.1
Qualifiers
arch el7eap
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-54ve-b5gj-87cq
vulnerability_id VCID-54ve-b5gj-87cq
summary A potential denial of service vulnerability is present in versions of Apache CXF before 3.5.10, 3.6.5 and 4.0.6. In some edge cases, the CachedOutputStream instances may not be closed and, if backed by temporary files, may fill up the file system (it applies to servers and clients).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23184.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23184.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-23184
reference_id
reference_type
scores
0
value 0.00147
scoring_system epss
scoring_elements 0.35084
published_at 2026-06-12T12:55:00Z
1
value 0.00147
scoring_system epss
scoring_elements 0.34905
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-23184
2
reference_url https://github.com/apache/cxf
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/cxf
3
reference_url https://github.com/apache/cxf/pull/2048
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/cxf/pull/2048
4
reference_url https://github.com/apache/cxf/pull/2111
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/cxf/pull/2111
5
reference_url https://issues.apache.org/jira/browse/CXF-7396
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/CXF-7396
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-23184
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-23184
7
reference_url https://security.netapp.com/advisory/ntap-20250214-0003
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20250214-0003
8
reference_url https://www.vicarius.io/vsociety/posts/cve-2025-23184-detect-apache-cxf-vulnerability
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.vicarius.io/vsociety/posts/cve-2025-23184-detect-apache-cxf-vulnerability
9
reference_url https://www.vicarius.io/vsociety/posts/cve-2025-23184-mitigate-apache-cxf-vulnerability
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.vicarius.io/vsociety/posts/cve-2025-23184-mitigate-apache-cxf-vulnerability
10
reference_url http://www.openwall.com/lists/oss-security/2025/01/20/3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/01/20/3
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2339095
reference_id 2339095
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2339095
12
reference_url https://github.com/advisories/GHSA-fh5r-crhr-qrrq
reference_id GHSA-fh5r-crhr-qrrq
reference_type
scores
url https://github.com/advisories/GHSA-fh5r-crhr-qrrq
13
reference_url https://lists.apache.org/thread/lfs8l63rnctnj2skfrxyys7v8fgnt122
reference_id lfs8l63rnctnj2skfrxyys7v8fgnt122
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-21T15:12:38Z/
url https://lists.apache.org/thread/lfs8l63rnctnj2skfrxyys7v8fgnt122
14
reference_url https://access.redhat.com/errata/RHSA-2025:10452
reference_id RHSA-2025:10452
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10452
15
reference_url https://access.redhat.com/errata/RHSA-2025:10453
reference_id RHSA-2025:10453
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10453
16
reference_url https://access.redhat.com/errata/RHSA-2025:10459
reference_id RHSA-2025:10459
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10459
17
reference_url https://access.redhat.com/errata/RHSA-2025:10924
reference_id RHSA-2025:10924
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10924
18
reference_url https://access.redhat.com/errata/RHSA-2025:10925
reference_id RHSA-2025:10925
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10925
19
reference_url https://access.redhat.com/errata/RHSA-2025:10926
reference_id RHSA-2025:10926
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10926
20
reference_url https://access.redhat.com/errata/RHSA-2025:10931
reference_id RHSA-2025:10931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10931
fixed_packages
aliases CVE-2025-23184, GHSA-fh5r-crhr-qrrq
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-54ve-b5gj-87cq
1
url VCID-95fk-ueyn-tfe6
vulnerability_id VCID-95fk-ueyn-tfe6
summary A security flaw exists in WildFly and JBoss Enterprise Application Platform (EAP) within the Enterprise JavaBeans (EJB) remote invocation mechanism. This vulnerability stems from untrusted data deserialization handled by JBoss Marshalling. This flaw allows an attacker to send a specially crafted serialized object, leading to remote code execution without requiring authentication.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-2251.json
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-2251.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-2251
reference_id
reference_type
scores
0
value 0.01938
scoring_system epss
scoring_elements 0.83861
published_at 2026-06-12T12:55:00Z
1
value 0.01938
scoring_system epss
scoring_elements 0.83804
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-2251
2
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jbosseapxp
reference_id cpe:/a:redhat:jbosseapxp
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jbosseapxp
3
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:7.4
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4
4
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9
9
reference_url https://access.redhat.com/security/cve/CVE-2025-2251
reference_id CVE-2025-2251
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-07T14:18:34Z/
url https://access.redhat.com/security/cve/CVE-2025-2251
10
reference_url https://access.redhat.com/errata/RHSA-2025:10452
reference_id RHSA-2025:10452
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-07T14:18:34Z/
url https://access.redhat.com/errata/RHSA-2025:10452
11
reference_url https://access.redhat.com/errata/RHSA-2025:10453
reference_id RHSA-2025:10453
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-07T14:18:34Z/
url https://access.redhat.com/errata/RHSA-2025:10453
12
reference_url https://access.redhat.com/errata/RHSA-2025:10459
reference_id RHSA-2025:10459
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-07T14:18:34Z/
url https://access.redhat.com/errata/RHSA-2025:10459
13
reference_url https://access.redhat.com/errata/RHSA-2025:10924
reference_id RHSA-2025:10924
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-07T14:18:34Z/
url https://access.redhat.com/errata/RHSA-2025:10924
14
reference_url https://access.redhat.com/errata/RHSA-2025:10925
reference_id RHSA-2025:10925
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-07T14:18:34Z/
url https://access.redhat.com/errata/RHSA-2025:10925
15
reference_url https://access.redhat.com/errata/RHSA-2025:10926
reference_id RHSA-2025:10926
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-07T14:18:34Z/
url https://access.redhat.com/errata/RHSA-2025:10926
16
reference_url https://access.redhat.com/errata/RHSA-2025:10931
reference_id RHSA-2025:10931
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-07T14:18:34Z/
url https://access.redhat.com/errata/RHSA-2025:10931
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2351678
reference_id show_bug.cgi?id=2351678
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-07T14:18:34Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2351678
fixed_packages
aliases CVE-2025-2251
risk_score 2.8
exploitability 0.5
weighted_severity 5.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-95fk-ueyn-tfe6
2
url VCID-98ct-pj4u-n7bq
vulnerability_id VCID-98ct-pj4u-n7bq
summary Hibernate Validator before 6.2.0 and 7.0.0, by default and depending how it is used, may interpolate user-supplied input in a constraint violation message with Expression Language. This could allow an attacker to access sensitive information or execute arbitrary Java code. Hibernate Validator as of 6.2.0 and 7.0.0 no longer interpolates custom constraint violation messages with Expression Language and strongly recommends not allowing user-supplied input in constraint violation messages. CVE-2020-5245 and CVE-2025-4428 are examples of related, downstream vulnerabilities involving Expression Language intepolation of user-supplied data.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-35036.json
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-35036.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-35036
reference_id
reference_type
scores
0
value 0.01693
scoring_system epss
scoring_elements 0.82666
published_at 2026-06-11T12:55:00Z
1
value 0.01693
scoring_system epss
scoring_elements 0.82727
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-35036
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-35036
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-35036
3
reference_url https://github.com/hibernate/hibernate-validator
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/hibernate/hibernate-validator
4
reference_url https://labs.watchtowr.com/expression-payloads-meet-mayhem-cve-2025-4427-and-cve-2025-4428
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://labs.watchtowr.com/expression-payloads-meet-mayhem-cve-2025-4427-and-cve-2025-4428
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-35036
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-35036
6
reference_url https://github.com/hibernate/hibernate-validator/commit/05f795bb7cf18856004f40e5042709e550ed0d6e
reference_id 05f795bb7cf18856004f40e5042709e550ed0d6e
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:00:12Z/
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:41:11Z/
url https://github.com/hibernate/hibernate-validator/commit/05f795bb7cf18856004f40e5042709e550ed0d6e
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107517
reference_id 1107517
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107517
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107518
reference_id 1107518
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107518
9
reference_url https://github.com/hibernate/hibernate-validator/pull/1138
reference_id 1138
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:41:11Z/
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:00:12Z/
url https://github.com/hibernate/hibernate-validator/pull/1138
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2370118
reference_id 2370118
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2370118
11
reference_url https://github.com/hibernate/hibernate-validator/commit/254858d9dcc4e7cd775d1b0f47f482218077c5e1
reference_id 254858d9dcc4e7cd775d1b0f47f482218077c5e1
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:00:12Z/
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:41:11Z/
url https://github.com/hibernate/hibernate-validator/commit/254858d9dcc4e7cd775d1b0f47f482218077c5e1
12
reference_url https://github.com/hibernate/hibernate-validator/compare/6.1.7.Final...6.2.0.Final
reference_id 6.1.7.Final...6.2.0.Final
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:00:12Z/
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:41:11Z/
url https://github.com/hibernate/hibernate-validator/compare/6.1.7.Final...6.2.0.Final
13
reference_url https://hibernate.org/validator/documentation/migration-guide/#6-2-0-cr1
reference_id #6-2-0-cr1
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:41:11Z/
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:00:12Z/
url https://hibernate.org/validator/documentation/migration-guide/#6-2-0-cr1
14
reference_url https://www.cve.org/CVERecord?id=CVE-2020-5245
reference_id CVERecord?id=CVE-2020-5245
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:41:11Z/
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:00:12Z/
url https://www.cve.org/CVERecord?id=CVE-2020-5245
15
reference_url https://www.cve.org/CVERecord?id=CVE-2025-4428
reference_id CVERecord?id=CVE-2025-4428
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:00:12Z/
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:41:11Z/
url https://www.cve.org/CVERecord?id=CVE-2025-4428
16
reference_url https://github.com/hibernate/hibernate-validator/commit/d2db40b9e7d22c7a0b44d7665242dfc7b4d14d78
reference_id d2db40b9e7d22c7a0b44d7665242dfc7b4d14d78
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:41:11Z/
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:00:12Z/
url https://github.com/hibernate/hibernate-validator/commit/d2db40b9e7d22c7a0b44d7665242dfc7b4d14d78
17
reference_url https://github.com/hibernate/hibernate-validator/commit/e076293b0ee1bfa97b6e67d05ad9eee1ad77e893
reference_id e076293b0ee1bfa97b6e67d05ad9eee1ad77e893
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:00:12Z/
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:41:11Z/
url https://github.com/hibernate/hibernate-validator/commit/e076293b0ee1bfa97b6e67d05ad9eee1ad77e893
18
reference_url https://in.relation.to/2021/01/06/hibernate-validator-700-62-final-released/#expression-language
reference_id #expression-language
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:00:12Z/
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:41:11Z/
url https://in.relation.to/2021/01/06/hibernate-validator-700-62-final-released/#expression-language
19
reference_url https://labs.watchtowr.com/expression-payloads-meet-mayhem-cve-2025-4427-and-cve-2025-4428/
reference_id expression-payloads-meet-mayhem-cve-2025-4427-and-cve-2025-4428
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:00:12Z/
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:41:11Z/
url https://labs.watchtowr.com/expression-payloads-meet-mayhem-cve-2025-4427-and-cve-2025-4428/
20
reference_url https://github.com/advisories/GHSA-7v6m-28jr-rg84
reference_id GHSA-7v6m-28jr-rg84
reference_type
scores
url https://github.com/advisories/GHSA-7v6m-28jr-rg84
21
reference_url https://hibernate.atlassian.net/browse/HV-1816
reference_id HV-1816
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:00:12Z/
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:41:11Z/
url https://hibernate.atlassian.net/browse/HV-1816
22
reference_url https://access.redhat.com/errata/RHSA-2025:10924
reference_id RHSA-2025:10924
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10924
23
reference_url https://access.redhat.com/errata/RHSA-2025:10925
reference_id RHSA-2025:10925
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10925
24
reference_url https://access.redhat.com/errata/RHSA-2025:10926
reference_id RHSA-2025:10926
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10926
25
reference_url https://access.redhat.com/errata/RHSA-2025:10931
reference_id RHSA-2025:10931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10931
26
reference_url https://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/#section-hibernateconstraintvalidatorcontext
reference_id #section-hibernateconstraintvalidatorcontext
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:41:11Z/
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:00:12Z/
url https://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/#section-hibernateconstraintvalidatorcontext
fixed_packages
aliases CVE-2025-35036, GHSA-7v6m-28jr-rg84
risk_score 3.3
exploitability 0.5
weighted_severity 6.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-98ct-pj4u-n7bq
3
url VCID-9amn-1fh2-7fd7
vulnerability_id VCID-9amn-1fh2-7fd7
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48734.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48734.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-48734
reference_id
reference_type
scores
0
value 0.00258
scoring_system epss
scoring_elements 0.49545
published_at 2026-06-11T12:55:00Z
1
value 0.00258
scoring_system epss
scoring_elements 0.49681
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-48734
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48734
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48734
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/apache/commons-beanutils
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/commons-beanutils
5
reference_url https://github.com/apache/commons-beanutils/commit/bd20740da25b69552ddef8523beec0837297eaf9
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/commons-beanutils/commit/bd20740da25b69552ddef8523beec0837297eaf9
6
reference_url https://lists.debian.org/debian-lts-announce/2025/06/msg00027.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/06/msg00027.html
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-48734
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-48734
8
reference_url http://www.openwall.com/lists/oss-security/2025/05/28/6
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/05/28/6
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106746
reference_id 1106746
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106746
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2368956
reference_id 2368956
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2368956
11
reference_url https://github.com/advisories/GHSA-wxr5-93ph-8wr9
reference_id GHSA-wxr5-93ph-8wr9
reference_type
scores
url https://github.com/advisories/GHSA-wxr5-93ph-8wr9
12
reference_url https://security.gentoo.org/glsa/202601-05
reference_id GLSA-202601-05
reference_type
scores
url https://security.gentoo.org/glsa/202601-05
13
reference_url https://access.redhat.com/errata/RHSA-2025:10452
reference_id RHSA-2025:10452
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10452
14
reference_url https://access.redhat.com/errata/RHSA-2025:10453
reference_id RHSA-2025:10453
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10453
15
reference_url https://access.redhat.com/errata/RHSA-2025:10459
reference_id RHSA-2025:10459
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10459
16
reference_url https://access.redhat.com/errata/RHSA-2025:10814
reference_id RHSA-2025:10814
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10814
17
reference_url https://access.redhat.com/errata/RHSA-2025:10924
reference_id RHSA-2025:10924
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10924
18
reference_url https://access.redhat.com/errata/RHSA-2025:10925
reference_id RHSA-2025:10925
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10925
19
reference_url https://access.redhat.com/errata/RHSA-2025:10926
reference_id RHSA-2025:10926
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10926
20
reference_url https://access.redhat.com/errata/RHSA-2025:10931
reference_id RHSA-2025:10931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10931
21
reference_url https://access.redhat.com/errata/RHSA-2025:12511
reference_id RHSA-2025:12511
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:12511
22
reference_url https://access.redhat.com/errata/RHSA-2025:13274
reference_id RHSA-2025:13274
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:13274
23
reference_url https://access.redhat.com/errata/RHSA-2025:15810
reference_id RHSA-2025:15810
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:15810
24
reference_url https://access.redhat.com/errata/RHSA-2025:15811
reference_id RHSA-2025:15811
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:15811
25
reference_url https://access.redhat.com/errata/RHSA-2025:15812
reference_id RHSA-2025:15812
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:15812
26
reference_url https://access.redhat.com/errata/RHSA-2025:15813
reference_id RHSA-2025:15813
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:15813
27
reference_url https://access.redhat.com/errata/RHSA-2025:15814
reference_id RHSA-2025:15814
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:15814
28
reference_url https://access.redhat.com/errata/RHSA-2025:15815
reference_id RHSA-2025:15815
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:15815
29
reference_url https://access.redhat.com/errata/RHSA-2025:15816
reference_id RHSA-2025:15816
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:15816
30
reference_url https://access.redhat.com/errata/RHSA-2025:15817
reference_id RHSA-2025:15817
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:15817
31
reference_url https://access.redhat.com/errata/RHSA-2025:16409
reference_id RHSA-2025:16409
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:16409
32
reference_url https://access.redhat.com/errata/RHSA-2025:16667
reference_id RHSA-2025:16667
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:16667
33
reference_url https://access.redhat.com/errata/RHSA-2025:16668
reference_id RHSA-2025:16668
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:16668
34
reference_url https://access.redhat.com/errata/RHSA-2025:3465
reference_id RHSA-2025:3465
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:3465
35
reference_url https://access.redhat.com/errata/RHSA-2025:3467
reference_id RHSA-2025:3467
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:3467
36
reference_url https://access.redhat.com/errata/RHSA-2025:8265
reference_id RHSA-2025:8265
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8265
37
reference_url https://access.redhat.com/errata/RHSA-2025:8919
reference_id RHSA-2025:8919
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8919
38
reference_url https://access.redhat.com/errata/RHSA-2025:9114
reference_id RHSA-2025:9114
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9114
39
reference_url https://access.redhat.com/errata/RHSA-2025:9115
reference_id RHSA-2025:9115
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9115
40
reference_url https://access.redhat.com/errata/RHSA-2025:9117
reference_id RHSA-2025:9117
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9117
41
reference_url https://access.redhat.com/errata/RHSA-2025:9166
reference_id RHSA-2025:9166
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9166
42
reference_url https://access.redhat.com/errata/RHSA-2025:9318
reference_id RHSA-2025:9318
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9318
43
reference_url https://access.redhat.com/errata/RHSA-2025:9696
reference_id RHSA-2025:9696
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9696
44
reference_url https://access.redhat.com/errata/RHSA-2025:9697
reference_id RHSA-2025:9697
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9697
45
reference_url https://access.redhat.com/errata/RHSA-2025:9922
reference_id RHSA-2025:9922
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9922
46
reference_url https://lists.apache.org/thread/s0hb3jkfj5f3ryx6c57zqtfohb0of1g9
reference_id s0hb3jkfj5f3ryx6c57zqtfohb0of1g9
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:16Z/
url https://lists.apache.org/thread/s0hb3jkfj5f3ryx6c57zqtfohb0of1g9
47
reference_url https://usn.ubuntu.com/8322-1/
reference_id USN-8322-1
reference_type
scores
url https://usn.ubuntu.com/8322-1/
fixed_packages
aliases CVE-2025-48734, GHSA-wxr5-93ph-8wr9
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9amn-1fh2-7fd7
4
url VCID-ah7s-sg6q-6uf2
vulnerability_id VCID-ah7s-sg6q-6uf2
summary A vulnerability was found in Wildfly, where a user may perform Cross-site scripting in the Wildfly deployment system. This flaw allows an attacker or insider to execute a deployment with a malicious payload, which could trigger undesired behavior against the server.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10234.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10234.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-10234
reference_id
reference_type
scores
0
value 0.00558
scoring_system epss
scoring_elements 0.68768
published_at 2026-06-12T12:55:00Z
1
value 0.00558
scoring_system epss
scoring_elements 0.68675
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-10234
2
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:
reference_id cpe:/a:redhat:build_keycloak:
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:
3
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_grid:7
reference_id cpe:/a:redhat:jboss_data_grid:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_grid:7
4
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jbosseapxp
reference_id cpe:/a:redhat:jbosseapxp
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jbosseapxp
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:7.4
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.0
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:8.0
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.0
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_fuse:7
reference_id cpe:/a:redhat:jboss_fuse:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_fuse:7
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6
reference_id cpe:/a:redhat:red_hat_single_sign_on:7.6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el7
reference_id cpe:/a:redhat:red_hat_single_sign_on:7.6::el7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el7
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el8
reference_id cpe:/a:redhat:red_hat_single_sign_on:7.6::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el8
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el9
reference_id cpe:/a:redhat:red_hat_single_sign_on:7.6::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el9
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhosemc:1.0::el8
reference_id cpe:/a:redhat:rhosemc:1.0::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhosemc:1.0::el8
18
reference_url https://access.redhat.com/security/cve/CVE-2024-10234
reference_id CVE-2024-10234
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T17:41:01Z/
url https://access.redhat.com/security/cve/CVE-2024-10234
19
reference_url https://access.redhat.com/errata/RHSA-2025:10924
reference_id RHSA-2025:10924
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T17:41:01Z/
url https://access.redhat.com/errata/RHSA-2025:10924
20
reference_url https://access.redhat.com/errata/RHSA-2025:10925
reference_id RHSA-2025:10925
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T17:41:01Z/
url https://access.redhat.com/errata/RHSA-2025:10925
21
reference_url https://access.redhat.com/errata/RHSA-2025:10926
reference_id RHSA-2025:10926
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T17:41:01Z/
url https://access.redhat.com/errata/RHSA-2025:10926
22
reference_url https://access.redhat.com/errata/RHSA-2025:10931
reference_id RHSA-2025:10931
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T17:41:01Z/
url https://access.redhat.com/errata/RHSA-2025:10931
23
reference_url https://access.redhat.com/errata/RHSA-2025:11636
reference_id RHSA-2025:11636
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T17:41:01Z/
url https://access.redhat.com/errata/RHSA-2025:11636
24
reference_url https://access.redhat.com/errata/RHSA-2025:11638
reference_id RHSA-2025:11638
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T17:41:01Z/
url https://access.redhat.com/errata/RHSA-2025:11638
25
reference_url https://access.redhat.com/errata/RHSA-2025:11639
reference_id RHSA-2025:11639
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T17:41:01Z/
url https://access.redhat.com/errata/RHSA-2025:11639
26
reference_url https://access.redhat.com/errata/RHSA-2025:11640
reference_id RHSA-2025:11640
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T17:41:01Z/
url https://access.redhat.com/errata/RHSA-2025:11640
27
reference_url https://access.redhat.com/errata/RHSA-2025:11645
reference_id RHSA-2025:11645
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T17:41:01Z/
url https://access.redhat.com/errata/RHSA-2025:11645
28
reference_url https://access.redhat.com/errata/RHSA-2025:2025
reference_id RHSA-2025:2025
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T17:41:01Z/
url https://access.redhat.com/errata/RHSA-2025:2025
29
reference_url https://access.redhat.com/errata/RHSA-2025:2026
reference_id RHSA-2025:2026
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T17:41:01Z/
url https://access.redhat.com/errata/RHSA-2025:2026
30
reference_url https://access.redhat.com/errata/RHSA-2025:2029
reference_id RHSA-2025:2029
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T17:41:01Z/
url https://access.redhat.com/errata/RHSA-2025:2029
31
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2320848
reference_id show_bug.cgi?id=2320848
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T17:41:01Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2320848
fixed_packages
aliases CVE-2024-10234
risk_score 2.8
exploitability 0.5
weighted_severity 5.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ah7s-sg6q-6uf2
5
url VCID-md6z-u4cu-eybz
vulnerability_id VCID-md6z-u4cu-eybz
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-2901.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-2901.json
1
reference_url https://access.redhat.com/security/cve/CVE-2025-2901
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2025-2901
2
reference_url https://github.com/hal/console
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/hal/console
3
reference_url https://github.com/hal/console/commit/216de3b8aa82ea92df10cc296d88c68467cf2c52
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/hal/console/commit/216de3b8aa82ea92df10cc296d88c68467cf2c52
4
reference_url https://github.com/hal/console/releases/tag/v3.7.11
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/hal/console/releases/tag/v3.7.11
5
reference_url https://github.com/hal/console/security/advisories/GHSA-f7jh-m6wp-jm7f
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/hal/console/security/advisories/GHSA-f7jh-m6wp-jm7f
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-2901
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-2901
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2355685
reference_id 2355685
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=2355685
8
reference_url https://github.com/advisories/GHSA-f7jh-m6wp-jm7f
reference_id GHSA-f7jh-m6wp-jm7f
reference_type
scores
url https://github.com/advisories/GHSA-f7jh-m6wp-jm7f
9
reference_url https://access.redhat.com/errata/RHSA-2025:10452
reference_id RHSA-2025:10452
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10452
10
reference_url https://access.redhat.com/errata/RHSA-2025:10453
reference_id RHSA-2025:10453
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10453
11
reference_url https://access.redhat.com/errata/RHSA-2025:10459
reference_id RHSA-2025:10459
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10459
12
reference_url https://access.redhat.com/errata/RHSA-2025:10924
reference_id RHSA-2025:10924
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10924
13
reference_url https://access.redhat.com/errata/RHSA-2025:10925
reference_id RHSA-2025:10925
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10925
14
reference_url https://access.redhat.com/errata/RHSA-2025:10926
reference_id RHSA-2025:10926
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10926
15
reference_url https://access.redhat.com/errata/RHSA-2025:10931
reference_id RHSA-2025:10931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10931
fixed_packages
aliases CVE-2025-2901, GHSA-f7jh-m6wp-jm7f
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-md6z-u4cu-eybz
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-glassfish-jsf@2.3.14-9.SP10_redhat_00001.1%3Farch=el7eap