Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.1.10

Type maven

Namespace org.apache.cxf

Name cxf-rt-frontend-jaxrs

Version 2.1.10

Qualifiers

Subpath

Is_vulnerable false

Next_non_vulnerable_version 2.2.9

Latest_non_vulnerable_version 3.2.1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-2tv2-a79p-9ufw

vulnerability_id VCID-2tv2-a79p-9ufw

summary

Improper Input Validation
Apache CXF 2.0.x before 2.0.13, 2.1.x before 2.1.10, and 2.2.x before 2.2.9, as used in Apache ServiceMix, Apache Camel, Apache Chemistry, Apache jUDDI, Apache Geronimo, and other products, does not properly reject DTDs in SOAP messages, which allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via a crafted DTD, as demonstrated by an entity declaration in a request to samples/wsdl_first_pure_xml, a similar issue to CVE-2010-1632.

references

reference_url	http://geronimo.apache.org/2010/07/21/apache-geronimo-v216-released.html
reference_id
reference_type
scores
url	http://geronimo.apache.org/2010/07/21/apache-geronimo-v216-released.html

reference_url	http://geronimo.apache.org/21x-security-report.html
reference_id
reference_type
scores
url	http://geronimo.apache.org/21x-security-report.html

reference_url	http://geronimo.apache.org/22x-security-report.html
reference_id
reference_type
scores
url	http://geronimo.apache.org/22x-security-report.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-2076

reference_id

reference_type

scores

value	0.11954
scoring_system	epss
scoring_elements	0.93878
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-2076

reference_url

https://issues.apache.org/jira/browse/GERONIMO-5383

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://issues.apache.org/jira/browse/GERONIMO-5383

reference_url

https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E

reference_url	http://www.listware.net/201006/cxf-users/60160-important-apache-cxf-security-advisory-cve-2010-2076.html
reference_id
reference_type
scores
url	http://www.listware.net/201006/cxf-users/60160-important-apache-cxf-security-advisory-cve-2010-2076.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2010-2076

reference_id

CVE-2010-2076

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2010-2076

reference_url

https://svn.apache.org/repos/asf/cxf/trunk/security/CVE-2010-2076.pdf

reference_id

CVE-2010-2076.PDF

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://svn.apache.org/repos/asf/cxf/trunk/security/CVE-2010-2076.pdf

reference_url	http://svn.apache.org/repos/asf/cxf/trunk/security/CVE-2010-2076.pdf
reference_id	CVE-2010-2076.PDF
reference_type
scores
url	http://svn.apache.org/repos/asf/cxf/trunk/security/CVE-2010-2076.pdf

reference_url

https://github.com/advisories/GHSA-v8q2-94f6-6xq2

reference_id

GHSA-v8q2-94f6-6xq2

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-v8q2-94f6-6xq2

fixed_packages

url	pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.0.13
purl	pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.0.13
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.0.13

url	pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.1.10
purl	pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.1.10
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.1.10

url	pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.2.9
purl	pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.2.9
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.2.9

aliases CVE-2010-2076, GHSA-v8q2-94f6-6xq2

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2tv2-a79p-9ufw

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.1.10

Package Instance