Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.2.0
Typemaven
Namespaceorg.apache.cxf
Namecxf-rt-frontend-jaxrs
Version2.2.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version3.3.10
Latest_non_vulnerable_version3.4.3
Affected_by_vulnerabilities
0
url VCID-n7kg-dj54-qybc
vulnerability_id VCID-n7kg-dj54-qybc
summary 
Improper Input Validation
Apache CXF 2.0.x before 2.0.13, 2.1.x before 2.1.10, and 2.2.x before 2.2.9, as used in Apache ServiceMix, Apache Camel, Apache Chemistry, Apache jUDDI, Apache Geronimo, and other products, does not properly reject DTDs in SOAP messages, which allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via a crafted DTD, as demonstrated by an entity declaration in a request to samples/wsdl_first_pure_xml, a similar issue to CVE-2010-1632.
references
0
reference_url http://geronimo.apache.org/2010/07/21/apache-geronimo-v216-released.html
reference_id
reference_type
scores
url http://geronimo.apache.org/2010/07/21/apache-geronimo-v216-released.html
1
reference_url http://geronimo.apache.org/21x-security-report.html
reference_id
reference_type
scores
url http://geronimo.apache.org/21x-security-report.html
2
reference_url http://geronimo.apache.org/22x-security-report.html
reference_id
reference_type
scores
url http://geronimo.apache.org/22x-security-report.html
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2076.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2076.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-2076
reference_id
reference_type
scores
0
value 0.11954
scoring_system epss
scoring_elements 0.93719
published_at 2026-04-01T12:55:00Z
1
value 0.11954
scoring_system epss
scoring_elements 0.93789
published_at 2026-04-26T12:55:00Z
2
value 0.11954
scoring_system epss
scoring_elements 0.93792
published_at 2026-04-24T12:55:00Z
3
value 0.11954
scoring_system epss
scoring_elements 0.93788
published_at 2026-04-29T12:55:00Z
4
value 0.11954
scoring_system epss
scoring_elements 0.93786
published_at 2026-04-18T12:55:00Z
5
value 0.11954
scoring_system epss
scoring_elements 0.9378
published_at 2026-04-16T12:55:00Z
6
value 0.11954
scoring_system epss
scoring_elements 0.93758
published_at 2026-04-13T12:55:00Z
7
value 0.11954
scoring_system epss
scoring_elements 0.93753
published_at 2026-04-09T12:55:00Z
8
value 0.11954
scoring_system epss
scoring_elements 0.9375
published_at 2026-04-08T12:55:00Z
9
value 0.11954
scoring_system epss
scoring_elements 0.93741
published_at 2026-04-07T12:55:00Z
10
value 0.11954
scoring_system epss
scoring_elements 0.93739
published_at 2026-04-04T12:55:00Z
11
value 0.11954
scoring_system epss
scoring_elements 0.93728
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-2076
5
reference_url http://secunia.com/advisories/40969
reference_id
reference_type
scores
url http://secunia.com/advisories/40969
6
reference_url http://secunia.com/advisories/41016
reference_id
reference_type
scores
url http://secunia.com/advisories/41016
7
reference_url http://secunia.com/advisories/41025
reference_id
reference_type
scores
url http://secunia.com/advisories/41025
8
reference_url https://issues.apache.org/jira/browse/GERONIMO-5383
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/GERONIMO-5383
9
reference_url https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E
21
reference_url https://svn.apache.org/repos/asf/cxf/trunk/security/CVE-2010-2076.pdf
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://svn.apache.org/repos/asf/cxf/trunk/security/CVE-2010-2076.pdf
22
reference_url http://www.listware.net/201006/cxf-users/60160-important-apache-cxf-security-advisory-cve-2010-2076.html
reference_id
reference_type
scores
url http://www.listware.net/201006/cxf-users/60160-important-apache-cxf-security-advisory-cve-2010-2076.html
23
reference_url http://www.securityfocus.com/bid/42492
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/42492
24
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=855707
reference_id 855707
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=855707
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/detail/CVE-2010-2076
reference_id CVE-2010-2076
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2010-2076
27
reference_url http://svn.apache.org/repos/asf/cxf/trunk/security/CVE-2010-2076.pdf
reference_id CVE-2010-2076.PDF
reference_type
scores
url http://svn.apache.org/repos/asf/cxf/trunk/security/CVE-2010-2076.pdf
28
reference_url https://github.com/advisories/GHSA-v8q2-94f6-6xq2
reference_id GHSA-v8q2-94f6-6xq2
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v8q2-94f6-6xq2
fixed_packages
0
url pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.2.9
purl pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.2.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-akr4-z7v7-9qbc
1
vulnerability VCID-ay9n-qxb3-qucj
2
vulnerability VCID-darq-bg13-x3fd
3
vulnerability VCID-x3q1-vymh-jkew
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.2.9
aliases CVE-2010-2076, GHSA-v8q2-94f6-6xq2
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n7kg-dj54-qybc
Fixing_vulnerabilities
Risk_score4.4
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.2.0