Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.eclipse.jetty/jetty-server@9.3.25.v20180904
Typemaven
Namespaceorg.eclipse.jetty
Namejetty-server
Version9.3.25.v20180904
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version9.3.26.v20190403
Latest_non_vulnerable_version12.1.6
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-f9tf-uebt-kqcy
vulnerability_id VCID-f9tf-uebt-kqcy
summary 
Uncontrolled Resource Consumption in org.eclipse.jetty:jetty-server
In Eclipse Jetty version 9.3.x and 9.4.x, the server is vulnerable to Denial of Service conditions if a remote client sends either large SETTINGs frames container containing many settings, or many small SETTINGs frames. The vulnerability is due to the additional CPU and memory allocations required to handle changed settings.
references
0
reference_url https://bugs.eclipse.org/bugs/show_bug.cgi?id=538096
reference_id
reference_type
scores
url https://bugs.eclipse.org/bugs/show_bug.cgi?id=538096
1
reference_url https://lists.apache.org/thread.html/13f5241048ec0bf966a6ddd306feaf40de5b20e1f09096b9cddeddf2@%3Ccommits.accumulo.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/13f5241048ec0bf966a6ddd306feaf40de5b20e1f09096b9cddeddf2@%3Ccommits.accumulo.apache.org%3E
2
reference_url https://lists.apache.org/thread.html/70744fe4faba8e2fa7e50a7fc794dd03cb28dad8b21e08ee59bb1606@%3Cdevnull.infra.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/70744fe4faba8e2fa7e50a7fc794dd03cb28dad8b21e08ee59bb1606@%3Cdevnull.infra.apache.org%3E
3
reference_url https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E
4
reference_url https://lists.apache.org/thread.html/febc94ffec9275dcda64633e0276a1400cd318e571009e4cda9b7a79@%3Cnotifications.accumulo.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/febc94ffec9275dcda64633e0276a1400cd318e571009e4cda9b7a79@%3Cnotifications.accumulo.apache.org%3E
5
reference_url https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIS4LALKZNLF5X5IGNGRSKERG7FY4QG6
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIS4LALKZNLF5X5IGNGRSKERG7FY4QG6
7
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpuoct2020.html
8
reference_url https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
reference_id
reference_type
scores
url https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-12545
reference_id CVE-2018-12545
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2018-12545
10
reference_url https://github.com/advisories/GHSA-h2f4-v4c4-6wx4
reference_id GHSA-h2f4-v4c4-6wx4
reference_type
scores
url https://github.com/advisories/GHSA-h2f4-v4c4-6wx4
fixed_packages
0
url pkg:maven/org.eclipse.jetty/jetty-server@9.3.25.v20180904
purl pkg:maven/org.eclipse.jetty/jetty-server@9.3.25.v20180904
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.3.25.v20180904
1
url pkg:maven/org.eclipse.jetty/jetty-server@9.4.12.v20180830
purl pkg:maven/org.eclipse.jetty/jetty-server@9.4.12.v20180830
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.4.12.v20180830
aliases CVE-2018-12545, GHSA-h2f4-v4c4-6wx4
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f9tf-uebt-kqcy
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.3.25.v20180904