Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.pulsar/pulsar-functions-worker@3.2.1
Typemaven
Namespaceorg.apache.pulsar
Namepulsar-functions-worker
Version3.2.1
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-fcd4-vydj-wkdv
vulnerability_id VCID-fcd4-vydj-wkdv
summary 
Apache Pulsar: Pulsar Functions Worker's Archive Extraction Vulnerability Allows Unauthorized File Modification
In Pulsar Functions Worker, authenticated users can upload functions in jar or nar files. These files, essentially zip files, are extracted by the Functions Worker. However, if a malicious file is uploaded, it could exploit a directory traversal vulnerability. This occurs when the filenames in the zip files, which aren't properly validated, contain special elements like "..", altering the directory path. This could allow an attacker to create or modify files outside of the designated extraction directory, potentially influencing system behavior. This vulnerability also applies to the Pulsar Broker when it is configured with "functionsWorkerEnabled=true".

This issue affects Apache Pulsar versions from 2.4.0 to 2.10.5, from 2.11.0 to 2.11.3, from 3.0.0 to 3.0.2, from 3.1.0 to 3.1.2, and 3.2.0.

2.10 Pulsar Function Worker users should upgrade to at least 2.10.6.
2.11 Pulsar Function Worker users should upgrade to at least 2.11.4.
3.0 Pulsar Function Worker users should upgrade to at least 3.0.3.
3.1 Pulsar Function Worker users should upgrade to at least 3.1.3.
3.2 Pulsar Function Worker users should upgrade to at least 3.2.1.

Users operating versions prior to those listed above should upgrade to the aforementioned patched versions or newer versions.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27317.json
reference_id
reference_type
scores
0
value 8.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27317.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-27317
reference_id
reference_type
scores
0
value 0.01029
scoring_system epss
scoring_elements 0.77668
published_at 2026-06-08T12:55:00Z
1
value 0.01029
scoring_system epss
scoring_elements 0.77678
published_at 2026-06-07T12:55:00Z
2
value 0.01029
scoring_system epss
scoring_elements 0.77688
published_at 2026-06-06T12:55:00Z
3
value 0.01029
scoring_system epss
scoring_elements 0.77681
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-27317
2
reference_url https://github.com/apache/pulsar
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/pulsar
3
reference_url https://lists.apache.org/thread/ct9xmvlf7lompc1pxvlsb60qstfsm9po
reference_id
reference_type
scores
0
value 8.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L
1
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-05T17:16:55Z/
url https://lists.apache.org/thread/ct9xmvlf7lompc1pxvlsb60qstfsm9po
4
reference_url http://www.openwall.com/lists/oss-security/2024/03/12/10
reference_id
reference_type
scores
0
value 8.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L
1
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-05T17:16:55Z/
url http://www.openwall.com/lists/oss-security/2024/03/12/10
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2269257
reference_id 2269257
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2269257
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-27317
reference_id CVE-2024-27317
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-27317
7
reference_url https://pulsar.apache.org/security/CVE-2024-27317
reference_id CVE-2024-27317
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://pulsar.apache.org/security/CVE-2024-27317
8
reference_url https://pulsar.apache.org/security/CVE-2024-27317/
reference_id CVE-2024-27317
reference_type
scores
0
value 8.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-05T17:16:55Z/
url https://pulsar.apache.org/security/CVE-2024-27317/
9
reference_url https://github.com/advisories/GHSA-jg2g-4rjg-cmqh
reference_id GHSA-jg2g-4rjg-cmqh
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jg2g-4rjg-cmqh
fixed_packages
0
url pkg:maven/org.apache.pulsar/pulsar-functions-worker@2.10.6
purl pkg:maven/org.apache.pulsar/pulsar-functions-worker@2.10.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.pulsar/pulsar-functions-worker@2.10.6
1
url pkg:maven/org.apache.pulsar/pulsar-functions-worker@2.11.4
purl pkg:maven/org.apache.pulsar/pulsar-functions-worker@2.11.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.pulsar/pulsar-functions-worker@2.11.4
2
url pkg:maven/org.apache.pulsar/pulsar-functions-worker@3.0.3
purl pkg:maven/org.apache.pulsar/pulsar-functions-worker@3.0.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.pulsar/pulsar-functions-worker@3.0.3
3
url pkg:maven/org.apache.pulsar/pulsar-functions-worker@3.1.3
purl pkg:maven/org.apache.pulsar/pulsar-functions-worker@3.1.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.pulsar/pulsar-functions-worker@3.1.3
4
url pkg:maven/org.apache.pulsar/pulsar-functions-worker@3.2.1
purl pkg:maven/org.apache.pulsar/pulsar-functions-worker@3.2.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.pulsar/pulsar-functions-worker@3.2.1
aliases CVE-2024-27317, GHSA-jg2g-4rjg-cmqh
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fcd4-vydj-wkdv
1
url VCID-j1c7-14pj-duhk
vulnerability_id VCID-j1c7-14pj-duhk
summary 
Apache Pulsar: Improper Input Validation in Pulsar Function Worker allows Remote Code Execution
Improper input validation in the Pulsar Function Worker allows a malicious authenticated user to execute arbitrary Java code on the Pulsar Function worker, outside of the sandboxes designated for running user-provided functions. This vulnerability also applies to the Pulsar Broker when it is configured with "functionsWorkerEnabled=true".

This issue affects Apache Pulsar versions from 2.4.0 to 2.10.5, from 2.11.0 to 2.11.3, from 3.0.0 to 3.0.2, from 3.1.0 to 3.1.2, and 3.2.0.

2.10 Pulsar Function Worker users should upgrade to at least 2.10.6.
2.11 Pulsar Function Worker users should upgrade to at least 2.11.4.
3.0 Pulsar Function Worker users should upgrade to at least 3.0.3.
3.1 Pulsar Function Worker users should upgrade to at least 3.1.3.
3.2 Pulsar Function Worker users should upgrade to at least 3.2.1.

Users operating versions prior to those listed above should upgrade to the aforementioned patched versions or newer versions.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27135.json
reference_id
reference_type
scores
0
value 8.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27135.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-27135
reference_id
reference_type
scores
0
value 0.00088
scoring_system epss
scoring_elements 0.25202
published_at 2026-06-08T12:55:00Z
1
value 0.00088
scoring_system epss
scoring_elements 0.25326
published_at 2026-06-05T12:55:00Z
2
value 0.00088
scoring_system epss
scoring_elements 0.25309
published_at 2026-06-06T12:55:00Z
3
value 0.00088
scoring_system epss
scoring_elements 0.2526
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-27135
2
reference_url https://github.com/apache/pulsar
reference_id
reference_type
scores
0
value 8.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/pulsar
3
reference_url https://lists.apache.org/thread/dh8nj2vmb2br6thjltq74lk9jxkz62wn
reference_id
reference_type
scores
0
value 8.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-13T14:22:47Z/
url https://lists.apache.org/thread/dh8nj2vmb2br6thjltq74lk9jxkz62wn
4
reference_url http://www.openwall.com/lists/oss-security/2024/03/12/9
reference_id
reference_type
scores
0
value 8.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-13T14:22:47Z/
url http://www.openwall.com/lists/oss-security/2024/03/12/9
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2269254
reference_id 2269254
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2269254
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-27135
reference_id CVE-2024-27135
reference_type
scores
0
value 8.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-27135
7
reference_url https://pulsar.apache.org/security/CVE-2024-27135
reference_id CVE-2024-27135
reference_type
scores
0
value 8.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://pulsar.apache.org/security/CVE-2024-27135
8
reference_url https://pulsar.apache.org/security/CVE-2024-27135/
reference_id CVE-2024-27135
reference_type
scores
0
value 8.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-13T14:22:47Z/
url https://pulsar.apache.org/security/CVE-2024-27135/
9
reference_url https://github.com/advisories/GHSA-xp2r-g8qq-44hh
reference_id GHSA-xp2r-g8qq-44hh
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xp2r-g8qq-44hh
fixed_packages
0
url pkg:maven/org.apache.pulsar/pulsar-functions-worker@2.10.6
purl pkg:maven/org.apache.pulsar/pulsar-functions-worker@2.10.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.pulsar/pulsar-functions-worker@2.10.6
1
url pkg:maven/org.apache.pulsar/pulsar-functions-worker@2.11.4
purl pkg:maven/org.apache.pulsar/pulsar-functions-worker@2.11.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.pulsar/pulsar-functions-worker@2.11.4
2
url pkg:maven/org.apache.pulsar/pulsar-functions-worker@3.0.3
purl pkg:maven/org.apache.pulsar/pulsar-functions-worker@3.0.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.pulsar/pulsar-functions-worker@3.0.3
3
url pkg:maven/org.apache.pulsar/pulsar-functions-worker@3.1.3
purl pkg:maven/org.apache.pulsar/pulsar-functions-worker@3.1.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.pulsar/pulsar-functions-worker@3.1.3
4
url pkg:maven/org.apache.pulsar/pulsar-functions-worker@3.2.1
purl pkg:maven/org.apache.pulsar/pulsar-functions-worker@3.2.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.pulsar/pulsar-functions-worker@3.2.1
aliases CVE-2024-27135, GHSA-xp2r-g8qq-44hh
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j1c7-14pj-duhk
2
url VCID-v66q-tzbm-1ka4
vulnerability_id VCID-v66q-tzbm-1ka4
summary 
Apache Pulsar: Pulsar Functions Worker Allows Unauthorized File Access and Unauthorized HTTP/HTTPS Proxying
The Pulsar Functions Worker includes a capability that permits authenticated users to create functions where the function's implementation is referenced by a URL. The supported URL schemes include "file", "http", and "https". When a function is created using this method, the Functions Worker will retrieve the implementation from the URL provided by the user. However, this feature introduces a vulnerability that can be exploited by an attacker to gain unauthorized access to any file that the Pulsar Functions Worker process has permissions to read. This includes reading the process environment which potentially includes sensitive information, such as secrets. Furthermore, an attacker could leverage this vulnerability to use the Pulsar Functions Worker as a proxy to access the content of remote HTTP and HTTPS endpoint URLs. This could also be used to carry out denial of service attacks.
This vulnerability also applies to the Pulsar Broker when it is configured with "functionsWorkerEnabled=true".

This issue affects Apache Pulsar versions from 2.4.0 to 2.10.5, from 2.11.0 to 2.11.3, from 3.0.0 to 3.0.2, from 3.1.0 to 3.1.2, and 3.2.0.

2.10 Pulsar Function Worker users should upgrade to at least 2.10.6.
2.11 Pulsar Function Worker users should upgrade to at least 2.11.4.
3.0 Pulsar Function Worker users should upgrade to at least 3.0.3.
3.1 Pulsar Function Worker users should upgrade to at least 3.1.3.
3.2 Pulsar Function Worker users should upgrade to at least 3.2.1.

Users operating versions prior to those listed above should upgrade to the aforementioned patched versions or newer versions.

The updated versions of Pulsar Functions Worker will, by default, impose restrictions on the creation of functions using URLs. For users who rely on this functionality, the Function Worker configuration provides two configuration keys: "additionalEnabledConnectorUrlPatterns" and "additionalEnabledFunctionsUrlPatterns". These keys allow users to specify a set of URL patterns that are permitted, enabling the creation of functions using URLs that match the defined patterns. This approach ensures that the feature remains available to those who require it, while limiting the potential for unauthorized access and exploitation.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27894.json
reference_id
reference_type
scores
0
value 8.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27894.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-27894
reference_id
reference_type
scores
0
value 0.00412
scoring_system epss
scoring_elements 0.61795
published_at 2026-06-08T12:55:00Z
1
value 0.00412
scoring_system epss
scoring_elements 0.61811
published_at 2026-06-07T12:55:00Z
2
value 0.00412
scoring_system epss
scoring_elements 0.61822
published_at 2026-06-06T12:55:00Z
3
value 0.00412
scoring_system epss
scoring_elements 0.61813
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-27894
2
reference_url https://github.com/apache/pulsar
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/pulsar
3
reference_url https://lists.apache.org/thread/45cqhgqg8d19ongjw18ypcss8vwh206p
reference_id
reference_type
scores
0
value 8.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-13T16:05:51Z/
url https://lists.apache.org/thread/45cqhgqg8d19ongjw18ypcss8vwh206p
4
reference_url http://www.openwall.com/lists/oss-security/2024/03/12/11
reference_id
reference_type
scores
0
value 8.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-13T16:05:51Z/
url http://www.openwall.com/lists/oss-security/2024/03/12/11
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2269259
reference_id 2269259
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2269259
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-27894
reference_id CVE-2024-27894
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-27894
7
reference_url https://pulsar.apache.org/security/CVE-2024-27894
reference_id CVE-2024-27894
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://pulsar.apache.org/security/CVE-2024-27894
8
reference_url https://pulsar.apache.org/security/CVE-2024-27894/
reference_id CVE-2024-27894
reference_type
scores
0
value 8.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-13T16:05:51Z/
url https://pulsar.apache.org/security/CVE-2024-27894/
9
reference_url https://github.com/advisories/GHSA-c2x9-vw5h-39vc
reference_id GHSA-c2x9-vw5h-39vc
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-c2x9-vw5h-39vc
fixed_packages
0
url pkg:maven/org.apache.pulsar/pulsar-functions-worker@2.10.6
purl pkg:maven/org.apache.pulsar/pulsar-functions-worker@2.10.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.pulsar/pulsar-functions-worker@2.10.6
1
url pkg:maven/org.apache.pulsar/pulsar-functions-worker@2.11.4
purl pkg:maven/org.apache.pulsar/pulsar-functions-worker@2.11.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.pulsar/pulsar-functions-worker@2.11.4
2
url pkg:maven/org.apache.pulsar/pulsar-functions-worker@3.0.3
purl pkg:maven/org.apache.pulsar/pulsar-functions-worker@3.0.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.pulsar/pulsar-functions-worker@3.0.3
3
url pkg:maven/org.apache.pulsar/pulsar-functions-worker@3.1.3
purl pkg:maven/org.apache.pulsar/pulsar-functions-worker@3.1.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.pulsar/pulsar-functions-worker@3.1.3
4
url pkg:maven/org.apache.pulsar/pulsar-functions-worker@3.2.1
purl pkg:maven/org.apache.pulsar/pulsar-functions-worker@3.2.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.pulsar/pulsar-functions-worker@3.2.1
aliases CVE-2024-27894, GHSA-c2x9-vw5h-39vc
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v66q-tzbm-1ka4
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.pulsar/pulsar-functions-worker@3.2.1