Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/eap7-undertow@2.2.32-1.SP1_redhat_00001.1?arch=el8eap
Typerpm
Namespaceredhat
Nameeap7-undertow
Version2.2.32-1.SP1_redhat_00001.1
Qualifiers
arch el8eap
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-63u8-tdmd-27dr
vulnerability_id VCID-63u8-tdmd-27dr
summary This affects the package datatables.net before 1.11.3. If an array is passed to the HTML escape entities function it would not have its contents escaped.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23445.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23445.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-23445
reference_id
reference_type
scores
0
value 0.00349
scoring_system epss
scoring_elements 0.57925
published_at 2026-06-14T12:55:00Z
1
value 0.00349
scoring_system epss
scoring_elements 0.57935
published_at 2026-06-13T12:55:00Z
2
value 0.00349
scoring_system epss
scoring_elements 0.5792
published_at 2026-06-12T12:55:00Z
3
value 0.00349
scoring_system epss
scoring_elements 0.57807
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-23445
2
reference_url https://cdn.datatables.net/1.11.3
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://cdn.datatables.net/1.11.3
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23445
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23445
4
reference_url https://github.com/DataTables/Dist-DataTables
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/DataTables/Dist-DataTables
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-23445
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-23445
6
reference_url https://security.netapp.com/advisory/ntap-20240621-0006
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240621-0006
7
reference_url https://cdn.datatables.net/1.11.3/
reference_id 1.11.3
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:14:48Z/
url https://cdn.datatables.net/1.11.3/
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2257732
reference_id 2257732
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2257732
9
reference_url https://github.com/DataTables/Dist-DataTables/commit/59a8d3f8a3c1138ab08704e783bc52bfe88d7c9b
reference_id 59a8d3f8a3c1138ab08704e783bc52bfe88d7c9b
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:14:48Z/
url https://github.com/DataTables/Dist-DataTables/commit/59a8d3f8a3c1138ab08704e783bc52bfe88d7c9b
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=995229
reference_id 995229
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=995229
11
reference_url https://github.com/advisories/GHSA-h73q-5wmj-q8pj
reference_id GHSA-h73q-5wmj-q8pj
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-h73q-5wmj-q8pj
12
reference_url https://lists.debian.org/debian-lts-announce/2023/08/msg00018.html
reference_id msg00018.html
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:14:48Z/
url https://lists.debian.org/debian-lts-announce/2023/08/msg00018.html
13
reference_url https://security.netapp.com/advisory/ntap-20240621-0006/
reference_id ntap-20240621-0006
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:14:48Z/
url https://security.netapp.com/advisory/ntap-20240621-0006/
14
reference_url https://access.redhat.com/errata/RHSA-2024:3559
reference_id RHSA-2024:3559
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3559
15
reference_url https://access.redhat.com/errata/RHSA-2024:3560
reference_id RHSA-2024:3560
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3560
16
reference_url https://access.redhat.com/errata/RHSA-2024:3561
reference_id RHSA-2024:3561
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3561
17
reference_url https://access.redhat.com/errata/RHSA-2024:3563
reference_id RHSA-2024:3563
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3563
18
reference_url https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1715371
reference_id SNYK-JAVA-ORGWEBJARSBOWER-1715371
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:14:48Z/
url https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1715371
19
reference_url https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1715376
reference_id SNYK-JAVA-ORGWEBJARSNPM-1715376
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:14:48Z/
url https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1715376
20
reference_url https://snyk.io/vuln/SNYK-JS-DATATABLESNET-1540544
reference_id SNYK-JS-DATATABLESNET-1540544
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:14:48Z/
url https://snyk.io/vuln/SNYK-JS-DATATABLESNET-1540544
fixed_packages
aliases CVE-2021-23445, GHSA-h73q-5wmj-q8pj
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-63u8-tdmd-27dr
1
url VCID-gmt1-kewy-dfeb
vulnerability_id VCID-gmt1-kewy-dfeb
summary A flaw was found in` JwtValidator.resolvePublicKey` in JBoss EAP, where the validator checks jku and sends a HTTP request. During this process, no whitelisting or other filtering behavior is performed on the destination URL address, which may result in a server-side request forgery (SSRF) vulnerability.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1233.json
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1233.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-1233
reference_id
reference_type
scores
0
value 0.00177
scoring_system epss
scoring_elements 0.39268
published_at 2026-06-14T12:55:00Z
1
value 0.00177
scoring_system epss
scoring_elements 0.39079
published_at 2026-06-11T12:55:00Z
2
value 0.00177
scoring_system epss
scoring_elements 0.39251
published_at 2026-06-12T12:55:00Z
3
value 0.00177
scoring_system epss
scoring_elements 0.39275
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-1233
2
reference_url https://github.com/wildfly-security/wildfly-elytron
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/wildfly-security/wildfly-elytron
3
reference_url https://github.com/wildfly/wildfly/commit/aa151a00d75d6dbc4a1bf1b68d58b9de3087bb62
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/wildfly/wildfly/commit/aa151a00d75d6dbc4a1bf1b68d58b9de3087bb62
4
reference_url https://github.com/wildfly/wildfly/pull/17812/commits/0c02350bc0d84287bed46e7c32f90b36e50d3523
reference_id 0c02350bc0d84287bed46e7c32f90b36e50d3523
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://github.com/wildfly/wildfly/pull/17812/commits/0c02350bc0d84287bed46e7c32f90b36e50d3523
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jbosseapxp
reference_id cpe:/a:redhat:jbosseapxp
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jbosseapxp
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:7.4
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.0
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:8.0
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.0
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9
reference_id cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7
reference_id cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7
reference_id cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7
15
reference_url https://access.redhat.com/security/cve/CVE-2024-1233
reference_id CVE-2024-1233
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://access.redhat.com/security/cve/CVE-2024-1233
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-1233
reference_id CVE-2024-1233
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-1233
17
reference_url https://github.com/advisories/GHSA-v4mm-q8fv-r2w5
reference_id GHSA-v4mm-q8fv-r2w5
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://github.com/advisories/GHSA-v4mm-q8fv-r2w5
18
reference_url https://access.redhat.com/errata/RHSA-2024:3559
reference_id RHSA-2024:3559
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://access.redhat.com/errata/RHSA-2024:3559
19
reference_url https://access.redhat.com/errata/RHSA-2024:3560
reference_id RHSA-2024:3560
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://access.redhat.com/errata/RHSA-2024:3560
20
reference_url https://access.redhat.com/errata/RHSA-2024:3561
reference_id RHSA-2024:3561
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://access.redhat.com/errata/RHSA-2024:3561
21
reference_url https://access.redhat.com/errata/RHSA-2024:3563
reference_id RHSA-2024:3563
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://access.redhat.com/errata/RHSA-2024:3563
22
reference_url https://access.redhat.com/errata/RHSA-2024:3580
reference_id RHSA-2024:3580
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://access.redhat.com/errata/RHSA-2024:3580
23
reference_url https://access.redhat.com/errata/RHSA-2024:3581
reference_id RHSA-2024:3581
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://access.redhat.com/errata/RHSA-2024:3581
24
reference_url https://access.redhat.com/errata/RHSA-2024:3583
reference_id RHSA-2024:3583
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://access.redhat.com/errata/RHSA-2024:3583
25
reference_url https://access.redhat.com/errata/RHSA-2025:9582
reference_id RHSA-2025:9582
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://access.redhat.com/errata/RHSA-2025:9582
26
reference_url https://access.redhat.com/errata/RHSA-2025:9583
reference_id RHSA-2025:9583
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://access.redhat.com/errata/RHSA-2025:9583
27
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2262849
reference_id show_bug.cgi?id=2262849
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2262849
28
reference_url https://issues.redhat.com/browse/WFLY-19226
reference_id WFLY-19226
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:46:50Z/
url https://issues.redhat.com/browse/WFLY-19226
fixed_packages
aliases CVE-2024-1233, GHSA-v4mm-q8fv-r2w5
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gmt1-kewy-dfeb
2
url VCID-rq89-b4v2-jqa3
vulnerability_id VCID-rq89-b4v2-jqa3
summary A SSRF vulnerability using the Aegis DataBinding in versions of Apache CXF before 4.0.4, 3.6.3 and 3.5.8 allows an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type. Users of other data bindings (including the default databinding) are not impacted.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-28752.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-28752.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-28752
reference_id
reference_type
scores
0
value 0.46602
scoring_system epss
scoring_elements 0.97743
published_at 2026-06-14T12:55:00Z
1
value 0.50829
scoring_system epss
scoring_elements 0.97922
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-28752
2
reference_url https://github.com/apache/cxf
reference_id
reference_type
scores
0
value 9.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/cxf
3
reference_url https://github.com/apache/cxf/commit/d0baeb3ee64c6d7c883bd2f5c4cb0de6b0b5f463
reference_id
reference_type
scores
0
value 9.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/cxf/commit/d0baeb3ee64c6d7c883bd2f5c4cb0de6b0b5f463
4
reference_url https://security.netapp.com/advisory/ntap-20240517-0001
reference_id
reference_type
scores
0
value 9.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240517-0001
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2270732
reference_id 2270732
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2270732
6
reference_url http://www.openwall.com/lists/oss-security/2024/03/14/3
reference_id 3
reference_type
scores
0
value 9.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-20T03:55:33Z/
url http://www.openwall.com/lists/oss-security/2024/03/14/3
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-28752
reference_id CVE-2024-28752
reference_type
scores
0
value 9.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-28752
8
reference_url https://cxf.apache.org/security-advisories.data/CVE-2024-28752.txt
reference_id CVE-2024-28752.txt
reference_type
scores
0
value 9.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-20T03:55:33Z/
url https://cxf.apache.org/security-advisories.data/CVE-2024-28752.txt
9
reference_url https://github.com/advisories/GHSA-qmgx-j96g-4428
reference_id GHSA-qmgx-j96g-4428
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qmgx-j96g-4428
10
reference_url https://security.netapp.com/advisory/ntap-20240517-0001/
reference_id ntap-20240517-0001
reference_type
scores
0
value 9.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-20T03:55:33Z/
url https://security.netapp.com/advisory/ntap-20240517-0001/
11
reference_url https://access.redhat.com/errata/RHSA-2024:10207
reference_id RHSA-2024:10207
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10207
12
reference_url https://access.redhat.com/errata/RHSA-2024:10208
reference_id RHSA-2024:10208
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10208
13
reference_url https://access.redhat.com/errata/RHSA-2024:2834
reference_id RHSA-2024:2834
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2834
14
reference_url https://access.redhat.com/errata/RHSA-2024:2852
reference_id RHSA-2024:2852
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2852
15
reference_url https://access.redhat.com/errata/RHSA-2024:3354
reference_id RHSA-2024:3354
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3354
16
reference_url https://access.redhat.com/errata/RHSA-2024:3559
reference_id RHSA-2024:3559
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3559
17
reference_url https://access.redhat.com/errata/RHSA-2024:3560
reference_id RHSA-2024:3560
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3560
18
reference_url https://access.redhat.com/errata/RHSA-2024:3561
reference_id RHSA-2024:3561
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3561
19
reference_url https://access.redhat.com/errata/RHSA-2024:3563
reference_id RHSA-2024:3563
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3563
20
reference_url https://access.redhat.com/errata/RHSA-2024:3708
reference_id RHSA-2024:3708
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3708
21
reference_url https://access.redhat.com/errata/RHSA-2024:5479
reference_id RHSA-2024:5479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5479
22
reference_url https://access.redhat.com/errata/RHSA-2024:5481
reference_id RHSA-2024:5481
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5481
23
reference_url https://access.redhat.com/errata/RHSA-2024:5482
reference_id RHSA-2024:5482
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5482
24
reference_url https://access.redhat.com/errata/RHSA-2024:8339
reference_id RHSA-2024:8339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8339
fixed_packages
aliases CVE-2024-28752, GHSA-qmgx-j96g-4428
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rq89-b4v2-jqa3
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow@2.2.32-1.SP1_redhat_00001.1%3Farch=el8eap