Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.inlong/manager-web@1.6.0
Typemaven
Namespaceorg.apache.inlong
Namemanager-web
Version1.6.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.7.0
Latest_non_vulnerable_version1.7.0
Affected_by_vulnerabilities
0
url VCID-19bg-p9mx-r7gg
vulnerability_id VCID-19bg-p9mx-r7gg
summary Files or Directories Accessible to External Parties vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Different users in InLong could delete, edit, stop, and start others' sources! Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7775 https://github.com/apache/inlong/pull/7775 to solve it.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-31066
reference_id
reference_type
scores
0
value 0.01125
scoring_system epss
scoring_elements 0.78647
published_at 2026-06-05T12:55:00Z
1
value 0.01513
scoring_system epss
scoring_elements 0.81567
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-31066
1
reference_url https://github.com/apache/inlong
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/inlong
2
reference_url https://github.com/apache/inlong/pull/7775
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/inlong/pull/7775
3
reference_url https://lists.apache.org/thread/x7y05wo37sq5l9fnmmsjh2dr9kcjrcxf
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T17:16:03Z/
url https://lists.apache.org/thread/x7y05wo37sq5l9fnmmsjh2dr9kcjrcxf
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-31066
reference_id CVE-2023-31066
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-31066
5
reference_url https://github.com/advisories/GHSA-wx79-r3q8-fq9h
reference_id GHSA-wx79-r3q8-fq9h
reference_type
scores
url https://github.com/advisories/GHSA-wx79-r3q8-fq9h
fixed_packages
0
url pkg:maven/org.apache.inlong/manager-web@1.7.0
purl pkg:maven/org.apache.inlong/manager-web@1.7.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.inlong/manager-web@1.7.0
aliases CVE-2023-31066, GHSA-wx79-r3q8-fq9h
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-19bg-p9mx-r7gg
1
url VCID-242d-6bdt-9kbv
vulnerability_id VCID-242d-6bdt-9kbv
summary 
Insufficient Session Expiration vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. 


An old session can be used by an attacker even after the user has been deleted or the password has been changed.


Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7836 https://github.com/apache/inlong/pull/7836, https://github.com/apache/inlong/pull/7884 https://github.com/apache/inlong/pull/7884 to solve it.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-31065
reference_id
reference_type
scores
0
value 0.00288
scoring_system epss
scoring_elements 0.52545
published_at 2026-06-05T12:55:00Z
1
value 0.0032
scoring_system epss
scoring_elements 0.55412
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-31065
1
reference_url https://github.com/apache/inlong
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/inlong
2
reference_url https://github.com/apache/inlong/pull/7836
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/inlong/pull/7836
3
reference_url https://github.com/apache/inlong/pull/7884
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/inlong/pull/7884
4
reference_url https://lists.apache.org/thread/to7o0n2cks0omtwo6mhh5cs2vfdbplqf
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-09T17:17:58Z/
url https://lists.apache.org/thread/to7o0n2cks0omtwo6mhh5cs2vfdbplqf
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-31065
reference_id CVE-2023-31065
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-31065
6
reference_url https://github.com/advisories/GHSA-757p-7hp5-pqmr
reference_id GHSA-757p-7hp5-pqmr
reference_type
scores
url https://github.com/advisories/GHSA-757p-7hp5-pqmr
fixed_packages
0
url pkg:maven/org.apache.inlong/manager-web@1.7.0
purl pkg:maven/org.apache.inlong/manager-web@1.7.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.inlong/manager-web@1.7.0
aliases CVE-2023-31065, GHSA-757p-7hp5-pqmr
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-242d-6bdt-9kbv
2
url VCID-35x3-1q7f-eqcb
vulnerability_id VCID-35x3-1q7f-eqcb
summary 
Improper Privilege Management Vulnerabilities in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0.  When the attacker has access to a valid (but unprivileged) account, the exploit can be executed using Burp Suite by sending a login
request and following it with a subsequent HTTP request
using the returned cookie.

Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7836 https://github.com/apache/inlong/pull/7836 to solve it.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-31062
reference_id
reference_type
scores
0
value 0.00315
scoring_system epss
scoring_elements 0.54954
published_at 2026-06-05T12:55:00Z
1
value 0.0035
scoring_system epss
scoring_elements 0.57813
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-31062
1
reference_url https://github.com/apache/inlong
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/inlong
2
reference_url https://github.com/apache/inlong/pull/7836
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/inlong/pull/7836
3
reference_url https://lists.apache.org/thread/btorjbo9o71h22tcvxzy076022hjdzq0
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-09T19:54:58Z/
url https://lists.apache.org/thread/btorjbo9o71h22tcvxzy076022hjdzq0
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-31062
reference_id CVE-2023-31062
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-31062
5
reference_url https://github.com/advisories/GHSA-q5p5-xg93-2jqc
reference_id GHSA-q5p5-xg93-2jqc
reference_type
scores
url https://github.com/advisories/GHSA-q5p5-xg93-2jqc
fixed_packages
0
url pkg:maven/org.apache.inlong/manager-web@1.7.0
purl pkg:maven/org.apache.inlong/manager-web@1.7.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.inlong/manager-web@1.7.0
aliases CVE-2023-31062, GHSA-q5p5-xg93-2jqc
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-35x3-1q7f-eqcb
3
url VCID-dzjh-b3km-jycq
vulnerability_id VCID-dzjh-b3km-jycq
summary Insecure Default Initialization of Resource Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.5.0 through 1.6.0. Users registered in InLong who joined later can see deleted users' data. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7836 https://github.com/apache/inlong/pull/7836 to solve it.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-31101
reference_id
reference_type
scores
0
value 0.00525
scoring_system epss
scoring_elements 0.67367
published_at 2026-06-05T12:55:00Z
1
value 0.00525
scoring_system epss
scoring_elements 0.67375
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-31101
1
reference_url https://github.com/apache/inlong
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/inlong
2
reference_url https://github.com/apache/inlong/pull/7836
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/inlong/pull/7836
3
reference_url https://lists.apache.org/thread/shvwwr6toqz5rr39rwh4k03z08sh9jmr
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-11T13:53:34Z/
url https://lists.apache.org/thread/shvwwr6toqz5rr39rwh4k03z08sh9jmr
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-31101
reference_id CVE-2023-31101
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-31101
5
reference_url https://github.com/advisories/GHSA-h79m-5cm2-278c
reference_id GHSA-h79m-5cm2-278c
reference_type
scores
url https://github.com/advisories/GHSA-h79m-5cm2-278c
fixed_packages
0
url pkg:maven/org.apache.inlong/manager-web@1.7.0
purl pkg:maven/org.apache.inlong/manager-web@1.7.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.inlong/manager-web@1.7.0
aliases CVE-2023-31101, GHSA-h79m-5cm2-278c
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dzjh-b3km-jycq
4
url VCID-phe3-ctkw-jfaw
vulnerability_id VCID-phe3-ctkw-jfaw
summary 
Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. 
Attackers can change the immutable name and type of cluster of InLong. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7891 https://github.com/apache/inlong/pull/7891 to solve it.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-31103
reference_id
reference_type
scores
0
value 0.00634
scoring_system epss
scoring_elements 0.70802
published_at 2026-06-05T12:55:00Z
1
value 0.00634
scoring_system epss
scoring_elements 0.70809
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-31103
1
reference_url https://github.com/apache/inlong
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/inlong
2
reference_url https://github.com/apache/inlong/pull/7891
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/inlong/pull/7891
3
reference_url https://lists.apache.org/thread/bv51zhjookcnfbz8b0xsl9wv78sn0j1p
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-11T13:50:23Z/
url https://lists.apache.org/thread/bv51zhjookcnfbz8b0xsl9wv78sn0j1p
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-31103
reference_id CVE-2023-31103
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-31103
5
reference_url https://github.com/advisories/GHSA-7mhc-76hf-3jp9
reference_id GHSA-7mhc-76hf-3jp9
reference_type
scores
url https://github.com/advisories/GHSA-7mhc-76hf-3jp9
fixed_packages
0
url pkg:maven/org.apache.inlong/manager-web@1.7.0
purl pkg:maven/org.apache.inlong/manager-web@1.7.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.inlong/manager-web@1.7.0
aliases CVE-2023-31103, GHSA-7mhc-76hf-3jp9
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-phe3-ctkw-jfaw
5
url VCID-qfyn-8g2m-ryct
vulnerability_id VCID-qfyn-8g2m-ryct
summary 
Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers can change the immutable name and type of nodes of InLong. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick [1] to solve it.

 [1] https://cveprocess.apache.org/cve5/[1]%C2%A0https://github.com/apache/inlong/pull/7891 https://github.com/apache/inlong/pull/7891 https://github.com/apache/inlong/pull/7891
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-31206
reference_id
reference_type
scores
0
value 0.00854
scoring_system epss
scoring_elements 0.75328
published_at 2026-06-05T12:55:00Z
1
value 0.00854
scoring_system epss
scoring_elements 0.75332
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-31206
1
reference_url https://github.com/apache/inlong
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/inlong
2
reference_url https://github.com/apache/inlong/pull/7891
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/inlong/pull/7891
3
reference_url https://lists.apache.org/thread/qb7zffo785wzpmsobjqcypodngw6kg6x
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-11T13:49:05Z/
url https://lists.apache.org/thread/qb7zffo785wzpmsobjqcypodngw6kg6x
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-31206
reference_id CVE-2023-31206
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-31206
5
reference_url https://github.com/advisories/GHSA-f475-jgg3-3jwc
reference_id GHSA-f475-jgg3-3jwc
reference_type
scores
url https://github.com/advisories/GHSA-f475-jgg3-3jwc
fixed_packages
0
url pkg:maven/org.apache.inlong/manager-web@1.7.0
purl pkg:maven/org.apache.inlong/manager-web@1.7.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.inlong/manager-web@1.7.0
aliases CVE-2023-31206, GHSA-f475-jgg3-3jwc
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qfyn-8g2m-ryct
6
url VCID-yajh-8gux-3bfe
vulnerability_id VCID-yajh-8gux-3bfe
summary 
Incorrect Permission Assignment for Critical Resource Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0. The attacker can delete others' subscriptions, even if they are not the owner
of the deleted subscription. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick [1] to solve it.

[1] 

 https://github.com/apache/inlong/pull/7949 https://github.com/apache/inlong/pull/7949
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-31453
reference_id
reference_type
scores
0
value 0.00454
scoring_system epss
scoring_elements 0.64174
published_at 2026-06-05T12:55:00Z
1
value 0.00454
scoring_system epss
scoring_elements 0.64181
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-31453
1
reference_url https://github.com/apache/inlong
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/inlong
2
reference_url https://github.com/apache/inlong/pull/7949
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/inlong/pull/7949
3
reference_url https://lists.apache.org/thread/9nz8o2skgc5230w276h4w92j0zstnl06
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-11T13:45:51Z/
url https://lists.apache.org/thread/9nz8o2skgc5230w276h4w92j0zstnl06
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-31453
reference_id CVE-2023-31453
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-31453
5
reference_url https://github.com/advisories/GHSA-8rjh-3mhm-966q
reference_id GHSA-8rjh-3mhm-966q
reference_type
scores
url https://github.com/advisories/GHSA-8rjh-3mhm-966q
fixed_packages
0
url pkg:maven/org.apache.inlong/manager-web@1.7.0
purl pkg:maven/org.apache.inlong/manager-web@1.7.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.inlong/manager-web@1.7.0
aliases CVE-2023-31453, GHSA-8rjh-3mhm-966q
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yajh-8gux-3bfe
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.inlong/manager-web@1.6.0