Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.sonatype.nexus/nexus-repository@3.4.0-02
Typemaven
Namespaceorg.sonatype.nexus
Namenexus-repository
Version3.4.0-02
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version3.34.0-01
Latest_non_vulnerable_version3.34.0-01
Affected_by_vulnerabilities
0
url VCID-hcjn-6thd-kkeg
vulnerability_id VCID-hcjn-6thd-kkeg
summary 
Unrestricted Upload of File with Dangerous Type in Sonatype Nexus Repository Manager
Sonatype Nexus Repository Manager 2.x before 2.14.15 and 3.x before 3.19, and IQ Server before 72, has remote code execution.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-16530
reference_id
reference_type
scores
0
value 0.0383
scoring_system epss
scoring_elements 0.88395
published_at 2026-06-09T12:55:00Z
1
value 0.0383
scoring_system epss
scoring_elements 0.8836
published_at 2026-06-04T12:55:00Z
2
value 0.0383
scoring_system epss
scoring_elements 0.88378
published_at 2026-06-05T12:55:00Z
3
value 0.0383
scoring_system epss
scoring_elements 0.8838
published_at 2026-06-08T12:55:00Z
4
value 0.0383
scoring_system epss
scoring_elements 0.88379
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-16530
1
reference_url https://issues.sonatype.org/secure/ReleaseNote.jspa
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://issues.sonatype.org/secure/ReleaseNote.jspa
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-16530
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-16530
3
reference_url https://support.sonatype.com/hc/en-us/articles/360036132453
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://support.sonatype.com/hc/en-us/articles/360036132453
4
reference_url https://github.com/advisories/GHSA-hmjv-px3j-933c
reference_id GHSA-hmjv-px3j-933c
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hmjv-px3j-933c
fixed_packages
0
url pkg:maven/org.sonatype.nexus/nexus-repository@3.19.0
purl pkg:maven/org.sonatype.nexus/nexus-repository@3.19.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.sonatype.nexus/nexus-repository@3.19.0
1
url pkg:maven/org.sonatype.nexus/nexus-repository@3.19.0-01
purl pkg:maven/org.sonatype.nexus/nexus-repository@3.19.0-01
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mpkc-shf7-pbeh
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.sonatype.nexus/nexus-repository@3.19.0-01
aliases CVE-2019-16530, GHSA-hmjv-px3j-933c
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hcjn-6thd-kkeg
1
url VCID-mpkc-shf7-pbeh
vulnerability_id VCID-mpkc-shf7-pbeh
summary 
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Sonatype Nexus Repository 3.x through 3.33.1-01 is vulnerable to an HTTP header injection. By sending a crafted HTTP request, a remote attacker may disclose sensitive information or request external resources from a vulnerable instance.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-40143
reference_id
reference_type
scores
0
value 0.02208
scoring_system epss
scoring_elements 0.84781
published_at 2026-06-05T12:55:00Z
1
value 0.02208
scoring_system epss
scoring_elements 0.84782
published_at 2026-06-09T12:55:00Z
2
value 0.02208
scoring_system epss
scoring_elements 0.84768
published_at 2026-06-08T12:55:00Z
3
value 0.02208
scoring_system epss
scoring_elements 0.84785
published_at 2026-06-06T12:55:00Z
4
value 0.02208
scoring_system epss
scoring_elements 0.84757
published_at 2026-06-04T12:55:00Z
5
value 0.02208
scoring_system epss
scoring_elements 0.84779
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-40143
1
reference_url https://github.com/sonatype/nexus-public
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sonatype/nexus-public
2
reference_url https://help.sonatype.com/repomanager3/release-notes/2021-release-notes
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://help.sonatype.com/repomanager3/release-notes/2021-release-notes
3
reference_url https://issues.sonatype.org/secure/ReleaseNote.jspa
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://issues.sonatype.org/secure/ReleaseNote.jspa
4
reference_url https://support.sonatype.com/hc/en-us/articles/4405941762579
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://support.sonatype.com/hc/en-us/articles/4405941762579
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-40143
reference_id CVE-2021-40143
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-40143
6
reference_url https://github.com/advisories/GHSA-f34x-8pf6-qc9c
reference_id GHSA-f34x-8pf6-qc9c
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f34x-8pf6-qc9c
fixed_packages
0
url pkg:maven/org.sonatype.nexus/nexus-repository@3.34.0-01
purl pkg:maven/org.sonatype.nexus/nexus-repository@3.34.0-01
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.sonatype.nexus/nexus-repository@3.34.0-01
aliases CVE-2021-40143, GHSA-f34x-8pf6-qc9c
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mpkc-shf7-pbeh
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.sonatype.nexus/nexus-repository@3.4.0-02