Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-qsw3-wm4k-m7h3
Summary
Excessive Iteration
When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an entry can result in an infinite loop. This could be used to mount a denial of service attack against services that use Compress' sevenz package.
Aliases
0
alias CVE-2021-35515
1
alias GHSA-7hfm-57qf-j43q
Fixed_packages
0
url pkg:deb/debian/libcommons-compress-java@1.0-1
purl pkg:deb/debian/libcommons-compress-java@1.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-75h3-dr39-3qb8
1
vulnerability VCID-fd7z-aksz-b7hv
2
vulnerability VCID-h5ex-bm2j-fken
3
vulnerability VCID-z5bc-s8qs-zbh1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcommons-compress-java@1.0-1
1
url pkg:deb/debian/libcommons-compress-java@1.21-1?distro=trixie
purl pkg:deb/debian/libcommons-compress-java@1.21-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcommons-compress-java@1.21-1%3Fdistro=trixie
2
url pkg:deb/debian/libcommons-compress-java@1.22-1
purl pkg:deb/debian/libcommons-compress-java@1.22-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cg72-sg2w-t3ft
1
vulnerability VCID-k4wn-j55z-b3dk
2
vulnerability VCID-p41w-msyv-u7bk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcommons-compress-java@1.22-1
3
url pkg:deb/debian/libcommons-compress-java@1.22-1?distro=trixie
purl pkg:deb/debian/libcommons-compress-java@1.22-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cg72-sg2w-t3ft
1
vulnerability VCID-k4wn-j55z-b3dk
2
vulnerability VCID-p41w-msyv-u7bk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcommons-compress-java@1.22-1%3Fdistro=trixie
4
url pkg:deb/debian/libcommons-compress-java@1.27.1-2?distro=trixie
purl pkg:deb/debian/libcommons-compress-java@1.27.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcommons-compress-java@1.27.1-2%3Fdistro=trixie
5
url pkg:maven/org.apache.commons/commons-compress@1.21
purl pkg:maven/org.apache.commons/commons-compress@1.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cg72-sg2w-t3ft
1
vulnerability VCID-p41w-msyv-u7bk
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.commons/commons-compress@1.21
Affected_packages
0
url pkg:deb/debian/libcommons-compress-java@0~svn604876-1
purl pkg:deb/debian/libcommons-compress-java@0~svn604876-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-75h3-dr39-3qb8
1
vulnerability VCID-fd7z-aksz-b7hv
2
vulnerability VCID-h5ex-bm2j-fken
3
vulnerability VCID-p41w-msyv-u7bk
4
vulnerability VCID-qsw3-wm4k-m7h3
5
vulnerability VCID-qu4m-4u1a-r3cv
6
vulnerability VCID-vaar-ytpp-eqc7
7
vulnerability VCID-y6ff-umvz-zbgd
8
vulnerability VCID-z5bc-s8qs-zbh1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcommons-compress-java@0~svn604876-1
1
url pkg:deb/debian/libcommons-compress-java@1.20-1?distro=trixie
purl pkg:deb/debian/libcommons-compress-java@1.20-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-p41w-msyv-u7bk
1
vulnerability VCID-qsw3-wm4k-m7h3
2
vulnerability VCID-qu4m-4u1a-r3cv
3
vulnerability VCID-vaar-ytpp-eqc7
4
vulnerability VCID-y6ff-umvz-zbgd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcommons-compress-java@1.20-1%3Fdistro=trixie
2
url pkg:deb/debian/libcommons-compress-java@1.20-1
purl pkg:deb/debian/libcommons-compress-java@1.20-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-p41w-msyv-u7bk
1
vulnerability VCID-qsw3-wm4k-m7h3
2
vulnerability VCID-qu4m-4u1a-r3cv
3
vulnerability VCID-vaar-ytpp-eqc7
4
vulnerability VCID-y6ff-umvz-zbgd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcommons-compress-java@1.20-1
3
url pkg:maven/org.apache.commons/commons-compress@1.6
purl pkg:maven/org.apache.commons/commons-compress@1.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-p41w-msyv-u7bk
1
vulnerability VCID-qsw3-wm4k-m7h3
2
vulnerability VCID-qu4m-4u1a-r3cv
3
vulnerability VCID-vaar-ytpp-eqc7
4
vulnerability VCID-y6ff-umvz-zbgd
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.commons/commons-compress@1.6
4
url pkg:maven/org.apache.commons/commons-compress@1.7
purl pkg:maven/org.apache.commons/commons-compress@1.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-75h3-dr39-3qb8
1
vulnerability VCID-p41w-msyv-u7bk
2
vulnerability VCID-qsw3-wm4k-m7h3
3
vulnerability VCID-qu4m-4u1a-r3cv
4
vulnerability VCID-vaar-ytpp-eqc7
5
vulnerability VCID-y6ff-umvz-zbgd
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.commons/commons-compress@1.7
5
url pkg:maven/org.apache.commons/commons-compress@1.8
purl pkg:maven/org.apache.commons/commons-compress@1.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-75h3-dr39-3qb8
1
vulnerability VCID-p41w-msyv-u7bk
2
vulnerability VCID-qsw3-wm4k-m7h3
3
vulnerability VCID-qu4m-4u1a-r3cv
4
vulnerability VCID-vaar-ytpp-eqc7
5
vulnerability VCID-y6ff-umvz-zbgd
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.commons/commons-compress@1.8
6
url pkg:maven/org.apache.commons/commons-compress@1.8.1
purl pkg:maven/org.apache.commons/commons-compress@1.8.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-75h3-dr39-3qb8
1
vulnerability VCID-p41w-msyv-u7bk
2
vulnerability VCID-qsw3-wm4k-m7h3
3
vulnerability VCID-qu4m-4u1a-r3cv
4
vulnerability VCID-vaar-ytpp-eqc7
5
vulnerability VCID-y6ff-umvz-zbgd
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.commons/commons-compress@1.8.1
7
url pkg:maven/org.apache.commons/commons-compress@1.9
purl pkg:maven/org.apache.commons/commons-compress@1.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-75h3-dr39-3qb8
1
vulnerability VCID-p41w-msyv-u7bk
2
vulnerability VCID-qsw3-wm4k-m7h3
3
vulnerability VCID-qu4m-4u1a-r3cv
4
vulnerability VCID-vaar-ytpp-eqc7
5
vulnerability VCID-y6ff-umvz-zbgd
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.commons/commons-compress@1.9
8
url pkg:maven/org.apache.commons/commons-compress@1.10
purl pkg:maven/org.apache.commons/commons-compress@1.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-75h3-dr39-3qb8
1
vulnerability VCID-p41w-msyv-u7bk
2
vulnerability VCID-qsw3-wm4k-m7h3
3
vulnerability VCID-qu4m-4u1a-r3cv
4
vulnerability VCID-vaar-ytpp-eqc7
5
vulnerability VCID-y6ff-umvz-zbgd
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.commons/commons-compress@1.10
9
url pkg:maven/org.apache.commons/commons-compress@1.11
purl pkg:maven/org.apache.commons/commons-compress@1.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-75h3-dr39-3qb8
1
vulnerability VCID-fd7z-aksz-b7hv
2
vulnerability VCID-p41w-msyv-u7bk
3
vulnerability VCID-qsw3-wm4k-m7h3
4
vulnerability VCID-qu4m-4u1a-r3cv
5
vulnerability VCID-vaar-ytpp-eqc7
6
vulnerability VCID-y6ff-umvz-zbgd
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.commons/commons-compress@1.11
10
url pkg:maven/org.apache.commons/commons-compress@1.12
purl pkg:maven/org.apache.commons/commons-compress@1.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-75h3-dr39-3qb8
1
vulnerability VCID-fd7z-aksz-b7hv
2
vulnerability VCID-p41w-msyv-u7bk
3
vulnerability VCID-qsw3-wm4k-m7h3
4
vulnerability VCID-qu4m-4u1a-r3cv
5
vulnerability VCID-vaar-ytpp-eqc7
6
vulnerability VCID-y6ff-umvz-zbgd
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.commons/commons-compress@1.12
11
url pkg:maven/org.apache.commons/commons-compress@1.13
purl pkg:maven/org.apache.commons/commons-compress@1.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-75h3-dr39-3qb8
1
vulnerability VCID-fd7z-aksz-b7hv
2
vulnerability VCID-p41w-msyv-u7bk
3
vulnerability VCID-qsw3-wm4k-m7h3
4
vulnerability VCID-qu4m-4u1a-r3cv
5
vulnerability VCID-vaar-ytpp-eqc7
6
vulnerability VCID-y6ff-umvz-zbgd
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.commons/commons-compress@1.13
12
url pkg:maven/org.apache.commons/commons-compress@1.14
purl pkg:maven/org.apache.commons/commons-compress@1.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-75h3-dr39-3qb8
1
vulnerability VCID-fd7z-aksz-b7hv
2
vulnerability VCID-p41w-msyv-u7bk
3
vulnerability VCID-qsw3-wm4k-m7h3
4
vulnerability VCID-qu4m-4u1a-r3cv
5
vulnerability VCID-vaar-ytpp-eqc7
6
vulnerability VCID-y6ff-umvz-zbgd
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.commons/commons-compress@1.14
13
url pkg:maven/org.apache.commons/commons-compress@1.15
purl pkg:maven/org.apache.commons/commons-compress@1.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-75h3-dr39-3qb8
1
vulnerability VCID-fd7z-aksz-b7hv
2
vulnerability VCID-p41w-msyv-u7bk
3
vulnerability VCID-qsw3-wm4k-m7h3
4
vulnerability VCID-qu4m-4u1a-r3cv
5
vulnerability VCID-vaar-ytpp-eqc7
6
vulnerability VCID-y6ff-umvz-zbgd
7
vulnerability VCID-z5bc-s8qs-zbh1
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.commons/commons-compress@1.15
14
url pkg:maven/org.apache.commons/commons-compress@1.16
purl pkg:maven/org.apache.commons/commons-compress@1.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-75h3-dr39-3qb8
1
vulnerability VCID-p41w-msyv-u7bk
2
vulnerability VCID-qsw3-wm4k-m7h3
3
vulnerability VCID-qu4m-4u1a-r3cv
4
vulnerability VCID-vaar-ytpp-eqc7
5
vulnerability VCID-y6ff-umvz-zbgd
6
vulnerability VCID-z5bc-s8qs-zbh1
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.commons/commons-compress@1.16
15
url pkg:maven/org.apache.commons/commons-compress@1.16.1
purl pkg:maven/org.apache.commons/commons-compress@1.16.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-75h3-dr39-3qb8
1
vulnerability VCID-p41w-msyv-u7bk
2
vulnerability VCID-qsw3-wm4k-m7h3
3
vulnerability VCID-qu4m-4u1a-r3cv
4
vulnerability VCID-vaar-ytpp-eqc7
5
vulnerability VCID-y6ff-umvz-zbgd
6
vulnerability VCID-z5bc-s8qs-zbh1
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.commons/commons-compress@1.16.1
16
url pkg:maven/org.apache.commons/commons-compress@1.17
purl pkg:maven/org.apache.commons/commons-compress@1.17
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-75h3-dr39-3qb8
1
vulnerability VCID-p41w-msyv-u7bk
2
vulnerability VCID-qsw3-wm4k-m7h3
3
vulnerability VCID-qu4m-4u1a-r3cv
4
vulnerability VCID-vaar-ytpp-eqc7
5
vulnerability VCID-y6ff-umvz-zbgd
6
vulnerability VCID-z5bc-s8qs-zbh1
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.commons/commons-compress@1.17
17
url pkg:maven/org.apache.commons/commons-compress@1.18
purl pkg:maven/org.apache.commons/commons-compress@1.18
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-p41w-msyv-u7bk
1
vulnerability VCID-qsw3-wm4k-m7h3
2
vulnerability VCID-qu4m-4u1a-r3cv
3
vulnerability VCID-vaar-ytpp-eqc7
4
vulnerability VCID-y6ff-umvz-zbgd
5
vulnerability VCID-z5bc-s8qs-zbh1
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.commons/commons-compress@1.18
18
url pkg:maven/org.apache.commons/commons-compress@1.19
purl pkg:maven/org.apache.commons/commons-compress@1.19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-p41w-msyv-u7bk
1
vulnerability VCID-qsw3-wm4k-m7h3
2
vulnerability VCID-qu4m-4u1a-r3cv
3
vulnerability VCID-vaar-ytpp-eqc7
4
vulnerability VCID-y6ff-umvz-zbgd
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.commons/commons-compress@1.19
19
url pkg:maven/org.apache.commons/commons-compress@1.20
purl pkg:maven/org.apache.commons/commons-compress@1.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-p41w-msyv-u7bk
1
vulnerability VCID-qsw3-wm4k-m7h3
2
vulnerability VCID-qu4m-4u1a-r3cv
3
vulnerability VCID-vaar-ytpp-eqc7
4
vulnerability VCID-y6ff-umvz-zbgd
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.commons/commons-compress@1.20
20
url pkg:rpm/redhat/apache-commons-compress@1.21-1.2?arch=el8ev
purl pkg:rpm/redhat/apache-commons-compress@1.21-1.2?arch=el8ev
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qsw3-wm4k-m7h3
1
vulnerability VCID-qu4m-4u1a-r3cv
2
vulnerability VCID-vaar-ytpp-eqc7
3
vulnerability VCID-y6ff-umvz-zbgd
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/apache-commons-compress@1.21-1.2%3Farch=el8ev
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35515.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35515.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-35515
reference_id
reference_type
scores
0
value 0.00598
scoring_system epss
scoring_elements 0.69441
published_at 2026-04-16T12:55:00Z
1
value 0.00598
scoring_system epss
scoring_elements 0.69392
published_at 2026-04-08T12:55:00Z
2
value 0.00598
scoring_system epss
scoring_elements 0.69342
published_at 2026-04-07T12:55:00Z
3
value 0.00598
scoring_system epss
scoring_elements 0.69362
published_at 2026-04-04T12:55:00Z
4
value 0.00598
scoring_system epss
scoring_elements 0.69346
published_at 2026-04-02T12:55:00Z
5
value 0.00598
scoring_system epss
scoring_elements 0.69492
published_at 2026-04-26T12:55:00Z
6
value 0.00598
scoring_system epss
scoring_elements 0.69485
published_at 2026-04-24T12:55:00Z
7
value 0.00598
scoring_system epss
scoring_elements 0.69433
published_at 2026-04-21T12:55:00Z
8
value 0.00598
scoring_system epss
scoring_elements 0.69451
published_at 2026-04-18T12:55:00Z
9
value 0.00598
scoring_system epss
scoring_elements 0.69334
published_at 2026-04-01T12:55:00Z
10
value 0.00598
scoring_system epss
scoring_elements 0.69401
published_at 2026-04-13T12:55:00Z
11
value 0.00598
scoring_system epss
scoring_elements 0.69416
published_at 2026-04-12T12:55:00Z
12
value 0.00598
scoring_system epss
scoring_elements 0.69431
published_at 2026-04-11T12:55:00Z
13
value 0.00598
scoring_system epss
scoring_elements 0.69408
published_at 2026-04-09T12:55:00Z
14
value 0.01191
scoring_system epss
scoring_elements 0.78955
published_at 2026-05-07T12:55:00Z
15
value 0.01191
scoring_system epss
scoring_elements 0.78934
published_at 2026-05-05T12:55:00Z
16
value 0.01191
scoring_system epss
scoring_elements 0.78918
published_at 2026-04-29T12:55:00Z
17
value 0.01191
scoring_system epss
scoring_elements 0.78969
published_at 2026-05-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-35515
2
reference_url https://commons.apache.org/proper/commons-compress/security-reports.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://commons.apache.org/proper/commons-compress/security-reports.html
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35515
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35515
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://lists.apache.org/thread.html/r19ebfd71770ec0617a9ea180e321ef927b3fefb4c81ec5d1902d20ab%40%3Cuser.commons.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r19ebfd71770ec0617a9ea180e321ef927b3fefb4c81ec5d1902d20ab%40%3Cuser.commons.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/r67ef3c07fe3b8c1b02d48012149d280ad6da8e4cec253b527520fb2b@%3Cdev.poi.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r67ef3c07fe3b8c1b02d48012149d280ad6da8e4cec253b527520fb2b@%3Cdev.poi.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/r9f54c0caa462267e0cc68b49f141e91432b36b23348d18c65bd0d040@%3Cnotifications.skywalking.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9f54c0caa462267e0cc68b49f141e91432b36b23348d18c65bd0d040@%3Cnotifications.skywalking.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/rab292091eadd1ecc63c516e9541a7f241091cf2e652b8185a6059945@%3Ccommits.druid.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rab292091eadd1ecc63c516e9541a7f241091cf2e652b8185a6059945@%3Ccommits.druid.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/racd0c0381c8404f298b226cd9db2eaae965b14c9c568224aa3f437ae@%3Cnotifications.skywalking.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/racd0c0381c8404f298b226cd9db2eaae965b14c9c568224aa3f437ae@%3Cnotifications.skywalking.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/rb064d705fdfa44b5dae4c366b369ef6597951083196321773b983e71@%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb064d705fdfa44b5dae4c366b369ef6597951083196321773b983e71@%3Ccommits.pulsar.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/rb6e1fa80d34e5ada45f72655d84bfd90db0ca44ef19236a49198c88c@%3Cnotifications.skywalking.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb6e1fa80d34e5ada45f72655d84bfd90db0ca44ef19236a49198c88c@%3Cnotifications.skywalking.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/rb7adf3e55359819e77230b4586521e5c6874ce5ed93384bdc14d6aee@%3Cnotifications.skywalking.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb7adf3e55359819e77230b4586521e5c6874ce5ed93384bdc14d6aee@%3Cnotifications.skywalking.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/rba65ed5ddb0586f5b12598f55ec7db3633e7b7fede60466367fbf86a@%3Cnotifications.skywalking.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rba65ed5ddb0586f5b12598f55ec7db3633e7b7fede60466367fbf86a@%3Cnotifications.skywalking.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/rbaea15ddc5a7c0c6b66660f1d6403b28595e2561bb283eade7d7cd69@%3Cannounce.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rbaea15ddc5a7c0c6b66660f1d6403b28595e2561bb283eade7d7cd69@%3Cannounce.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/rbe91c512c5385181149ab087b6c909825d34299f5c491c6482a2ed57@%3Ccommits.druid.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rbe91c512c5385181149ab087b6c909825d34299f5c491c6482a2ed57@%3Ccommits.druid.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/rd4332baaf6debd03d60deb7ec93bee49e5fdbe958cb6800dff7fb00e@%3Cnotifications.skywalking.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rd4332baaf6debd03d60deb7ec93bee49e5fdbe958cb6800dff7fb00e@%3Cnotifications.skywalking.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/rf2f4d7940371a7c7c5b679f50e28fc7fcc82cd00670ced87e013ac88@%3Ccommits.druid.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf2f4d7940371a7c7c5b679f50e28fc7fcc82cd00670ced87e013ac88@%3Ccommits.druid.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/rfba19167efc785ad3561e7ef29f340d65ac8f0d897aed00e0731e742@%3Cnotifications.skywalking.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rfba19167efc785ad3561e7ef29f340d65ac8f0d897aed00e0731e742@%3Cnotifications.skywalking.apache.org%3E
19
reference_url https://security.netapp.com/advisory/ntap-20211022-0001
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20211022-0001
20
reference_url https://security.netapp.com/advisory/ntap-20211022-0001/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20211022-0001/
21
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2022.html
22
reference_url https://www.oracle.com/security-alerts/cpujan2022.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2022.html
23
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2022.html
24
reference_url https://www.oracle.com/security-alerts/cpuoct2021.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2021.html
25
reference_url http://www.openwall.com/lists/oss-security/2021/07/13/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2021/07/13/1
26
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1981895
reference_id 1981895
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1981895
27
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991041
reference_id 991041
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991041
28
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-35515
reference_id CVE-2021-35515
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-35515
29
reference_url https://github.com/advisories/GHSA-7hfm-57qf-j43q
reference_id GHSA-7hfm-57qf-j43q
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7hfm-57qf-j43q
30
reference_url https://access.redhat.com/errata/RHSA-2022:5532
reference_id RHSA-2022:5532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5532
31
reference_url https://access.redhat.com/errata/RHSA-2022:5555
reference_id RHSA-2022:5555
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5555
Weaknesses
0
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
1
cwe_id 835
name Loop with Unreachable Exit Condition ('Infinite Loop')
description The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
2
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
3
cwe_id 834
name Excessive Iteration
description The product performs an iteration or loop without sufficiently limiting the number of times that the loop is executed.
Exploits
Severity_range_score7.0 - 8.9
Exploitability0.5
Weighted_severity8.0
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-qsw3-wm4k-m7h3