Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/cn.hutool/hutool-http@4.6.3
Typemaven
Namespacecn.hutool
Namehutool-http
Version4.6.3
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version5.7.19
Latest_non_vulnerable_version5.7.19
Affected_by_vulnerabilities
0
url VCID-3g1h-nqpg-dkbf
vulnerability_id VCID-3g1h-nqpg-dkbf
summary 
Improper Certificate Validation in Hutool
Hutool v5.7.18's HttpRequest was discovered to ignore all TLS/SSL certificate validation.
references
0
reference_url https://apidoc.gitee.com/dromara/hutool/cn/hutool/http/ssl/DefaultSSLInfo.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://apidoc.gitee.com/dromara/hutool/cn/hutool/http/ssl/DefaultSSLInfo.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-22885
reference_id
reference_type
scores
0
value 0.00617
scoring_system epss
scoring_elements 0.70261
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-22885
2
reference_url https://github.com/dromara/hutool
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/dromara/hutool
3
reference_url https://github.com/dromara/hutool/issues/2042
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/dromara/hutool/issues/2042
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-22885
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-22885
5
reference_url https://github.com/advisories/GHSA-p7w9-8mxw-p3g7
reference_id GHSA-p7w9-8mxw-p3g7
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-p7w9-8mxw-p3g7
fixed_packages
0
url pkg:maven/cn.hutool/hutool-http@5.7.19
purl pkg:maven/cn.hutool/hutool-http@5.7.19
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/cn.hutool/hutool-http@5.7.19
aliases CVE-2022-22885, GHSA-p7w9-8mxw-p3g7
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3g1h-nqpg-dkbf
Fixing_vulnerabilities
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/cn.hutool/hutool-http@4.6.3