Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.jooby/jooby@1.6.9
Typemaven
Namespaceorg.jooby
Namejooby
Version1.6.9
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-bckv-bydw-sqff
vulnerability_id VCID-bckv-bydw-sqff
summary 
Improper Neutralization of CRLF Sequences in HTTP Headers in Jooby ('HTTP Response Splitting)
This affects the package io.jooby:jooby-netty before 1.6.9, from 2.0.0 and before 2.2.1. The DefaultHttpHeaders is set to false which means it does not validates that the header isn't being abused for HTTP Response Splitting.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-7622
reference_id
reference_type
scores
0
value 0.00451
scoring_system epss
scoring_elements 0.64074
published_at 2026-06-09T12:55:00Z
1
value 0.00451
scoring_system epss
scoring_elements 0.64027
published_at 2026-06-04T12:55:00Z
2
value 0.00451
scoring_system epss
scoring_elements 0.64069
published_at 2026-06-05T12:55:00Z
3
value 0.00451
scoring_system epss
scoring_elements 0.64077
published_at 2026-06-06T12:55:00Z
4
value 0.00451
scoring_system epss
scoring_elements 0.64067
published_at 2026-06-07T12:55:00Z
5
value 0.00451
scoring_system epss
scoring_elements 0.64054
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-7622
1
reference_url https://github.com/jooby-project/jooby/commit/654c56ea013b795f60e95036c5e86992373d0ff2
reference_id
reference_type
scores
url https://github.com/jooby-project/jooby/commit/654c56ea013b795f60e95036c5e86992373d0ff2
2
reference_url https://github.com/jooby-project/jooby/commit/b66e3342cf95205324023cfdf2cb5811e8a6dcf4
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/jooby-project/jooby/commit/b66e3342cf95205324023cfdf2cb5811e8a6dcf4
3
reference_url https://snyk.io/vuln/SNYK-JAVA-IOJOOBY-564249
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://snyk.io/vuln/SNYK-JAVA-IOJOOBY-564249
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-7622
reference_id CVE-2020-7622
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-7622
5
reference_url https://github.com/advisories/GHSA-gv3v-92v6-m48j
reference_id GHSA-gv3v-92v6-m48j
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gv3v-92v6-m48j
6
reference_url https://github.com/jooby-project/jooby/security/advisories/GHSA-gv3v-92v6-m48j
reference_id GHSA-gv3v-92v6-m48j
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/jooby-project/jooby/security/advisories/GHSA-gv3v-92v6-m48j
fixed_packages
0
url pkg:maven/org.jooby/jooby@1.6.9
purl pkg:maven/org.jooby/jooby@1.6.9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jooby/jooby@1.6.9
aliases CVE-2020-7622, GHSA-gv3v-92v6-m48j
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bckv-bydw-sqff
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.jooby/jooby@1.6.9