Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.scijava/pom-scijava@1.150
Typemaven
Namespaceorg.scijava
Namepom-scijava
Version1.150
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-xxtr-hhgb-b3gp
vulnerability_id VCID-xxtr-hhgb-b3gp
summary A vulnerability classified as critical was found in scifio. Affected by this vulnerability is the function downloadAndUnpackResource of the file src/test/java/io/scif/util/DefaultSampleFilesService.java of the component ZIP File Handler. The manipulation leads to path traversal. The attack can be launched remotely. The name of the patch is fcb0dbca0ec72b22fe0c9ddc8abc9cb188a0ff31. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-215803.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-4493
reference_id
reference_type
scores
0
value 0.00614
scoring_system epss
scoring_elements 0.70438
published_at 2026-06-12T12:55:00Z
1
value 0.00614
scoring_system epss
scoring_elements 0.70348
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-4493
1
reference_url https://github.com/scifio/scifio
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/scifio/scifio
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-4493
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-4493
3
reference_url https://github.com/scifio/scifio/commit/fcb0dbca0ec72b22fe0c9ddc8abc9cb188a0ff31
reference_id fcb0dbca0ec72b22fe0c9ddc8abc9cb188a0ff31
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:03:59Z/
url https://github.com/scifio/scifio/commit/fcb0dbca0ec72b22fe0c9ddc8abc9cb188a0ff31
4
reference_url https://github.com/advisories/GHSA-cmwm-45mj-mpg3
reference_id GHSA-cmwm-45mj-mpg3
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cmwm-45mj-mpg3
5
reference_url https://vuldb.com/?id.215803
reference_id ?id.215803
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:03:59Z/
url https://vuldb.com/?id.215803
fixed_packages
aliases CVE-2022-4493, GHSA-cmwm-45mj-mpg3
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xxtr-hhgb-b3gp
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.scijava/pom-scijava@1.150