Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.0.0

Type maven

Namespace org.apache.cxf

Name cxf-rt-frontend-jaxrs

Version 2.0.0

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 3.3.10

Latest_non_vulnerable_version 3.4.3

Affected_by_vulnerabilities

url VCID-adrm-53qu-j7cy

vulnerability_id VCID-adrm-53qu-j7cy

summary

Improper Input Validation
Apache CXF 2.0.x before 2.0.13, 2.1.x before 2.1.10, and 2.2.x before 2.2.9, as used in Apache ServiceMix, Apache Camel, Apache Chemistry, Apache jUDDI, Apache Geronimo, and other products, does not properly reject DTDs in SOAP messages, which allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via a crafted DTD, as demonstrated by an entity declaration in a request to samples/wsdl_first_pure_xml, a similar issue to CVE-2010-1632.

references

reference_url	http://geronimo.apache.org/2010/07/21/apache-geronimo-v216-released.html
reference_id
reference_type
scores
url	http://geronimo.apache.org/2010/07/21/apache-geronimo-v216-released.html

reference_url	http://geronimo.apache.org/21x-security-report.html
reference_id
reference_type
scores
url	http://geronimo.apache.org/21x-security-report.html

reference_url	http://geronimo.apache.org/22x-security-report.html
reference_id
reference_type
scores
url	http://geronimo.apache.org/22x-security-report.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2076.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2076.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-2076

reference_id

reference_type

scores

value	0.11954
scoring_system	epss
scoring_elements	0.93899
published_at	2026-06-08T12:55:00Z

value	0.11954
scoring_system	epss
scoring_elements	0.93901
published_at	2026-06-07T12:55:00Z

value	0.11954
scoring_system	epss
scoring_elements	0.939
published_at	2026-06-06T12:55:00Z

value	0.11954
scoring_system	epss
scoring_elements	0.93891
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-2076

reference_url

https://issues.apache.org/jira/browse/GERONIMO-5383

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://issues.apache.org/jira/browse/GERONIMO-5383

reference_url

https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E

reference_url

https://svn.apache.org/repos/asf/cxf/trunk/security/CVE-2010-2076.pdf

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://svn.apache.org/repos/asf/cxf/trunk/security/CVE-2010-2076.pdf

reference_url	http://www.listware.net/201006/cxf-users/60160-important-apache-cxf-security-advisory-cve-2010-2076.html
reference_id
reference_type
scores
url	http://www.listware.net/201006/cxf-users/60160-important-apache-cxf-security-advisory-cve-2010-2076.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=855707
reference_id	855707
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=855707

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2010-2076

reference_id

CVE-2010-2076

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2010-2076

reference_url	http://svn.apache.org/repos/asf/cxf/trunk/security/CVE-2010-2076.pdf
reference_id	CVE-2010-2076.PDF
reference_type
scores
url	http://svn.apache.org/repos/asf/cxf/trunk/security/CVE-2010-2076.pdf

reference_url

https://github.com/advisories/GHSA-v8q2-94f6-6xq2

reference_id

GHSA-v8q2-94f6-6xq2

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-v8q2-94f6-6xq2

fixed_packages

url	pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.0.13
purl	pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.0.13
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.0.13

url pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.1.10

purl pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.1.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-bc6q-5xj6-8bcp

vulnerability	VCID-cppb-xhj5-a7ep

vulnerability	VCID-pwqw-b31z-w7g2

vulnerability	VCID-zvwu-atmk-abe6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.1.10

url pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.2.9

purl pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.2.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-bc6q-5xj6-8bcp

vulnerability	VCID-cppb-xhj5-a7ep

vulnerability	VCID-pwqw-b31z-w7g2

vulnerability	VCID-zvwu-atmk-abe6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.2.9

aliases CVE-2010-2076, GHSA-v8q2-94f6-6xq2

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-adrm-53qu-j7cy

Fixing_vulnerabilities

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.0.0

Package Instance