Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/undertow@2.1.1-1?distro=sid

Type deb

Namespace debian

Name undertow

Version 2.1.1-1

Qualifiers

distro	sid

Subpath

Is_vulnerable false

Next_non_vulnerable_version 2.2.0-1

Latest_non_vulnerable_version 2.3.20-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-k6c9-mckm-cyhy

vulnerability_id VCID-k6c9-mckm-cyhy

summary

HTTP Request Smuggling in Undertow
A flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes. This flaw allows an attacker to take advantage of HTTP request smuggling.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10719.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10719.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-10719

reference_id

reference_type

scores

value	0.00167
scoring_system	epss
scoring_elements	0.37382
published_at	2026-05-14T12:55:00Z

value	0.00167
scoring_system	epss
scoring_elements	0.37524
published_at	2026-04-26T12:55:00Z

value	0.00167
scoring_system	epss
scoring_elements	0.37434
published_at	2026-04-29T12:55:00Z

value	0.00167
scoring_system	epss
scoring_elements	0.3732
published_at	2026-05-05T12:55:00Z

value	0.00167
scoring_system	epss
scoring_elements	0.37389
published_at	2026-05-07T12:55:00Z

value	0.00167
scoring_system	epss
scoring_elements	0.37411
published_at	2026-05-09T12:55:00Z

value	0.00167
scoring_system	epss
scoring_elements	0.37329
published_at	2026-05-11T12:55:00Z

value	0.00167
scoring_system	epss
scoring_elements	0.37301
published_at	2026-05-12T12:55:00Z

value	0.00167
scoring_system	epss
scoring_elements	0.37719
published_at	2026-04-01T12:55:00Z

value	0.00167
scoring_system	epss
scoring_elements	0.379
published_at	2026-04-02T12:55:00Z

value	0.00167
scoring_system	epss
scoring_elements	0.37926
published_at	2026-04-04T12:55:00Z

value	0.00167
scoring_system	epss
scoring_elements	0.37803
published_at	2026-04-07T12:55:00Z

value	0.00167
scoring_system	epss
scoring_elements	0.37854
published_at	2026-04-08T12:55:00Z

value	0.00167
scoring_system	epss
scoring_elements	0.37867
published_at	2026-04-16T12:55:00Z

value	0.00167
scoring_system	epss
scoring_elements	0.37881
published_at	2026-04-11T12:55:00Z

value	0.00167
scoring_system	epss
scoring_elements	0.37845
published_at	2026-04-12T12:55:00Z

value	0.00167
scoring_system	epss
scoring_elements	0.3782
published_at	2026-04-13T12:55:00Z

value	0.00167
scoring_system	epss
scoring_elements	0.37847
published_at	2026-04-18T12:55:00Z

value	0.00167
scoring_system	epss
scoring_elements	0.37784
published_at	2026-04-21T12:55:00Z

value	0.00167
scoring_system	epss
scoring_elements	0.37546
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-10719

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10719

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10719

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-10719

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-10719

reference_url

https://security.netapp.com/advisory/ntap-20220210-0014

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20220210-0014

reference_url	https://security.netapp.com/advisory/ntap-20220210-0014/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20220210-0014/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1828459
reference_id	1828459
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1828459

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969913
reference_id	969913
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969913

reference_url

https://github.com/advisories/GHSA-cccf-7xw3-p2vr

reference_id

GHSA-cccf-7xw3-p2vr

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-cccf-7xw3-p2vr

reference_url	https://access.redhat.com/errata/RHSA-2020:2058
reference_id	RHSA-2020:2058
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2058

reference_url	https://access.redhat.com/errata/RHSA-2020:2059
reference_id	RHSA-2020:2059
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2059

reference_url	https://access.redhat.com/errata/RHSA-2020:2060
reference_id	RHSA-2020:2060
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2060

reference_url	https://access.redhat.com/errata/RHSA-2020:2061
reference_id	RHSA-2020:2061
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2061

reference_url	https://access.redhat.com/errata/RHSA-2020:2511
reference_id	RHSA-2020:2511
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2511

reference_url	https://access.redhat.com/errata/RHSA-2020:2512
reference_id	RHSA-2020:2512
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2512

reference_url	https://access.redhat.com/errata/RHSA-2020:2513
reference_id	RHSA-2020:2513
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2513

reference_url	https://access.redhat.com/errata/RHSA-2020:2515
reference_id	RHSA-2020:2515
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2515

reference_url	https://access.redhat.com/errata/RHSA-2020:2813
reference_id	RHSA-2020:2813
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2813

reference_url	https://access.redhat.com/errata/RHSA-2020:2905
reference_id	RHSA-2020:2905
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2905

reference_url	https://access.redhat.com/errata/RHSA-2020:3585
reference_id	RHSA-2020:3585
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3585

fixed_packages

url	pkg:deb/debian/undertow@2.1.1-1?distro=sid
purl	pkg:deb/debian/undertow@2.1.1-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/undertow@2.1.1-1%3Fdistro=sid

url	pkg:deb/debian/undertow@2.3.20-1?distro=sid
purl	pkg:deb/debian/undertow@2.3.20-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/undertow@2.3.20-1%3Fdistro=sid

aliases CVE-2020-10719, GHSA-cccf-7xw3-p2vr

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k6c9-mckm-cyhy

url VCID-urxh-sp91-kuet

vulnerability_id VCID-urxh-sp91-kuet

summary

Allocation of Resources Without Limits or Throttling in Undertow
A flaw was discovered in Undertow in versions before Undertow 2.1.1.Final where certain requests to the "Expect: 100-continue" header may cause an out of memory error. This flaw may potentially lead to a denial of service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10705.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10705.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-10705

reference_id

reference_type

scores

value	0.00299
scoring_system	epss
scoring_elements	0.53351
published_at	2026-05-14T12:55:00Z

value	0.00299
scoring_system	epss
scoring_elements	0.53275
published_at	2026-04-26T12:55:00Z

value	0.00299
scoring_system	epss
scoring_elements	0.53236
published_at	2026-04-29T12:55:00Z

value	0.00299
scoring_system	epss
scoring_elements	0.53193
published_at	2026-05-05T12:55:00Z

value	0.00299
scoring_system	epss
scoring_elements	0.53244
published_at	2026-05-07T12:55:00Z

value	0.00299
scoring_system	epss
scoring_elements	0.53296
published_at	2026-05-09T12:55:00Z

value	0.00299
scoring_system	epss
scoring_elements	0.53257
published_at	2026-05-11T12:55:00Z

value	0.00299
scoring_system	epss
scoring_elements	0.53283
published_at	2026-05-12T12:55:00Z

value	0.00299
scoring_system	epss
scoring_elements	0.53186
published_at	2026-04-01T12:55:00Z

value	0.00299
scoring_system	epss
scoring_elements	0.53209
published_at	2026-04-02T12:55:00Z

value	0.00299
scoring_system	epss
scoring_elements	0.53234
published_at	2026-04-04T12:55:00Z

value	0.00299
scoring_system	epss
scoring_elements	0.53202
published_at	2026-04-07T12:55:00Z

value	0.00299
scoring_system	epss
scoring_elements	0.53254
published_at	2026-04-08T12:55:00Z

value	0.00299
scoring_system	epss
scoring_elements	0.5325
published_at	2026-04-09T12:55:00Z

value	0.00299
scoring_system	epss
scoring_elements	0.53301
published_at	2026-04-11T12:55:00Z

value	0.00299
scoring_system	epss
scoring_elements	0.53286
published_at	2026-04-12T12:55:00Z

value	0.00299
scoring_system	epss
scoring_elements	0.53269
published_at	2026-04-13T12:55:00Z

value	0.00299
scoring_system	epss
scoring_elements	0.53307
published_at	2026-04-16T12:55:00Z

value	0.00299
scoring_system	epss
scoring_elements	0.53312
published_at	2026-04-18T12:55:00Z

value	0.00299
scoring_system	epss
scoring_elements	0.53292
published_at	2026-04-21T12:55:00Z

value	0.00299
scoring_system	epss
scoring_elements	0.53264
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-10705

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1803241

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1803241

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-10705

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-10705

reference_url

https://security.netapp.com/advisory/ntap-20220210-0014

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20220210-0014

reference_url	https://security.netapp.com/advisory/ntap-20220210-0014/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20220210-0014/

reference_url

https://github.com/advisories/GHSA-g4cp-h53p-v3v8

reference_id

GHSA-g4cp-h53p-v3v8

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-g4cp-h53p-v3v8

reference_url	https://access.redhat.com/errata/RHSA-2020:2058
reference_id	RHSA-2020:2058
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2058

reference_url	https://access.redhat.com/errata/RHSA-2020:2059
reference_id	RHSA-2020:2059
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2059

reference_url	https://access.redhat.com/errata/RHSA-2020:2060
reference_id	RHSA-2020:2060
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2060

reference_url	https://access.redhat.com/errata/RHSA-2020:2061
reference_id	RHSA-2020:2061
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2061

reference_url	https://access.redhat.com/errata/RHSA-2020:2511
reference_id	RHSA-2020:2511
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2511

reference_url	https://access.redhat.com/errata/RHSA-2020:2512
reference_id	RHSA-2020:2512
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2512

reference_url	https://access.redhat.com/errata/RHSA-2020:2513
reference_id	RHSA-2020:2513
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2513

reference_url	https://access.redhat.com/errata/RHSA-2020:2515
reference_id	RHSA-2020:2515
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2515

reference_url	https://access.redhat.com/errata/RHSA-2020:2905
reference_id	RHSA-2020:2905
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2905

reference_url	https://access.redhat.com/errata/RHSA-2020:3585
reference_id	RHSA-2020:3585
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3585

reference_url	https://access.redhat.com/errata/RHSA-2025:16668
reference_id	RHSA-2025:16668
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:16668

fixed_packages

url	pkg:deb/debian/undertow@2.1.1-1?distro=sid
purl	pkg:deb/debian/undertow@2.1.1-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/undertow@2.1.1-1%3Fdistro=sid

url	pkg:deb/debian/undertow@2.3.20-1?distro=sid
purl	pkg:deb/debian/undertow@2.3.20-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/undertow@2.3.20-1%3Fdistro=sid

aliases CVE-2020-10705, GHSA-g4cp-h53p-v3v8

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-urxh-sp91-kuet

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/undertow@2.1.1-1%3Fdistro=sid

Package Instance