Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-zpc9-qmnr-ckga

Summary

Aliases

alias	CVE-2022-1471

alias	GHSA-mjmj-j48q-9wg2

Fixed_packages

url	pkg:maven/org.yaml/snakeyaml@2.0
purl	pkg:maven/org.yaml/snakeyaml@2.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@2.0

Affected_packages

url pkg:maven/org.yaml/snakeyaml@1.4

purl pkg:maven/org.yaml/snakeyaml@1.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-d22y-27n1-nkdb

vulnerability	VCID-f9a3-vz93-zqcq

vulnerability	VCID-gvc5-rtu7-eueb

vulnerability	VCID-kde4-epw8-w7c8

vulnerability	VCID-mdgs-etkz-abgd

vulnerability	VCID-wujp-7kc4-2ycb

vulnerability	VCID-xvj8-jwkd-6ubd

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.4

url pkg:maven/org.yaml/snakeyaml@1.5

purl pkg:maven/org.yaml/snakeyaml@1.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-d22y-27n1-nkdb

vulnerability	VCID-f9a3-vz93-zqcq

vulnerability	VCID-gvc5-rtu7-eueb

vulnerability	VCID-kde4-epw8-w7c8

vulnerability	VCID-mdgs-etkz-abgd

vulnerability	VCID-wujp-7kc4-2ycb

vulnerability	VCID-xvj8-jwkd-6ubd

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.5

url pkg:maven/org.yaml/snakeyaml@1.6

purl pkg:maven/org.yaml/snakeyaml@1.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-d22y-27n1-nkdb

vulnerability	VCID-f9a3-vz93-zqcq

vulnerability	VCID-gvc5-rtu7-eueb

vulnerability	VCID-kde4-epw8-w7c8

vulnerability	VCID-mdgs-etkz-abgd

vulnerability	VCID-wujp-7kc4-2ycb

vulnerability	VCID-xvj8-jwkd-6ubd

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.6

url pkg:maven/org.yaml/snakeyaml@1.7

purl pkg:maven/org.yaml/snakeyaml@1.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-d22y-27n1-nkdb

vulnerability	VCID-f9a3-vz93-zqcq

vulnerability	VCID-gvc5-rtu7-eueb

vulnerability	VCID-kde4-epw8-w7c8

vulnerability	VCID-mdgs-etkz-abgd

vulnerability	VCID-wujp-7kc4-2ycb

vulnerability	VCID-xvj8-jwkd-6ubd

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.7

url pkg:maven/org.yaml/snakeyaml@1.8

purl pkg:maven/org.yaml/snakeyaml@1.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-d22y-27n1-nkdb

vulnerability	VCID-f9a3-vz93-zqcq

vulnerability	VCID-gvc5-rtu7-eueb

vulnerability	VCID-kde4-epw8-w7c8

vulnerability	VCID-mdgs-etkz-abgd

vulnerability	VCID-wujp-7kc4-2ycb

vulnerability	VCID-xvj8-jwkd-6ubd

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.8

url pkg:maven/org.yaml/snakeyaml@1.9

purl pkg:maven/org.yaml/snakeyaml@1.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-d22y-27n1-nkdb

vulnerability	VCID-f9a3-vz93-zqcq

vulnerability	VCID-gvc5-rtu7-eueb

vulnerability	VCID-kde4-epw8-w7c8

vulnerability	VCID-mdgs-etkz-abgd

vulnerability	VCID-wujp-7kc4-2ycb

vulnerability	VCID-xvj8-jwkd-6ubd

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.9

url pkg:maven/org.yaml/snakeyaml@1.10

purl pkg:maven/org.yaml/snakeyaml@1.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-d22y-27n1-nkdb

vulnerability	VCID-f9a3-vz93-zqcq

vulnerability	VCID-gvc5-rtu7-eueb

vulnerability	VCID-kde4-epw8-w7c8

vulnerability	VCID-mdgs-etkz-abgd

vulnerability	VCID-wujp-7kc4-2ycb

vulnerability	VCID-xvj8-jwkd-6ubd

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.10

url pkg:maven/org.yaml/snakeyaml@1.11

purl pkg:maven/org.yaml/snakeyaml@1.11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-d22y-27n1-nkdb

vulnerability	VCID-f9a3-vz93-zqcq

vulnerability	VCID-gvc5-rtu7-eueb

vulnerability	VCID-kde4-epw8-w7c8

vulnerability	VCID-mdgs-etkz-abgd

vulnerability	VCID-wujp-7kc4-2ycb

vulnerability	VCID-xvj8-jwkd-6ubd

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.11

url pkg:maven/org.yaml/snakeyaml@1.12

purl pkg:maven/org.yaml/snakeyaml@1.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-d22y-27n1-nkdb

vulnerability	VCID-f9a3-vz93-zqcq

vulnerability	VCID-gvc5-rtu7-eueb

vulnerability	VCID-kde4-epw8-w7c8

vulnerability	VCID-mdgs-etkz-abgd

vulnerability	VCID-wujp-7kc4-2ycb

vulnerability	VCID-xvj8-jwkd-6ubd

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.12

url pkg:maven/org.yaml/snakeyaml@1.13

purl pkg:maven/org.yaml/snakeyaml@1.13

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-d22y-27n1-nkdb

vulnerability	VCID-f9a3-vz93-zqcq

vulnerability	VCID-gvc5-rtu7-eueb

vulnerability	VCID-kde4-epw8-w7c8

vulnerability	VCID-mdgs-etkz-abgd

vulnerability	VCID-wujp-7kc4-2ycb

vulnerability	VCID-xvj8-jwkd-6ubd

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.13

url pkg:maven/org.yaml/snakeyaml@1.14

purl pkg:maven/org.yaml/snakeyaml@1.14

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-d22y-27n1-nkdb

vulnerability	VCID-f9a3-vz93-zqcq

vulnerability	VCID-gvc5-rtu7-eueb

vulnerability	VCID-kde4-epw8-w7c8

vulnerability	VCID-mdgs-etkz-abgd

vulnerability	VCID-wujp-7kc4-2ycb

vulnerability	VCID-xvj8-jwkd-6ubd

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.14

url pkg:maven/org.yaml/snakeyaml@1.15

purl pkg:maven/org.yaml/snakeyaml@1.15

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-d22y-27n1-nkdb

vulnerability	VCID-f9a3-vz93-zqcq

vulnerability	VCID-gvc5-rtu7-eueb

vulnerability	VCID-kde4-epw8-w7c8

vulnerability	VCID-mdgs-etkz-abgd

vulnerability	VCID-wujp-7kc4-2ycb

vulnerability	VCID-xvj8-jwkd-6ubd

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.15

url pkg:maven/org.yaml/snakeyaml@1.16

purl pkg:maven/org.yaml/snakeyaml@1.16

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-d22y-27n1-nkdb

vulnerability	VCID-f9a3-vz93-zqcq

vulnerability	VCID-gvc5-rtu7-eueb

vulnerability	VCID-kde4-epw8-w7c8

vulnerability	VCID-mdgs-etkz-abgd

vulnerability	VCID-wujp-7kc4-2ycb

vulnerability	VCID-xvj8-jwkd-6ubd

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.16

url pkg:maven/org.yaml/snakeyaml@1.17

purl pkg:maven/org.yaml/snakeyaml@1.17

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-d22y-27n1-nkdb

vulnerability	VCID-f9a3-vz93-zqcq

vulnerability	VCID-gvc5-rtu7-eueb

vulnerability	VCID-kde4-epw8-w7c8

vulnerability	VCID-mdgs-etkz-abgd

vulnerability	VCID-wujp-7kc4-2ycb

vulnerability	VCID-xvj8-jwkd-6ubd

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.17

url pkg:maven/org.yaml/snakeyaml@1.18

purl pkg:maven/org.yaml/snakeyaml@1.18

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-d22y-27n1-nkdb

vulnerability	VCID-f9a3-vz93-zqcq

vulnerability	VCID-gvc5-rtu7-eueb

vulnerability	VCID-kde4-epw8-w7c8

vulnerability	VCID-mdgs-etkz-abgd

vulnerability	VCID-wujp-7kc4-2ycb

vulnerability	VCID-xvj8-jwkd-6ubd

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.18

url pkg:maven/org.yaml/snakeyaml@1.19

purl pkg:maven/org.yaml/snakeyaml@1.19

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-d22y-27n1-nkdb

vulnerability	VCID-f9a3-vz93-zqcq

vulnerability	VCID-gvc5-rtu7-eueb

vulnerability	VCID-kde4-epw8-w7c8

vulnerability	VCID-mdgs-etkz-abgd

vulnerability	VCID-wujp-7kc4-2ycb

vulnerability	VCID-xvj8-jwkd-6ubd

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.19

url pkg:maven/org.yaml/snakeyaml@1.20

purl pkg:maven/org.yaml/snakeyaml@1.20

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-d22y-27n1-nkdb

vulnerability	VCID-f9a3-vz93-zqcq

vulnerability	VCID-gvc5-rtu7-eueb

vulnerability	VCID-kde4-epw8-w7c8

vulnerability	VCID-mdgs-etkz-abgd

vulnerability	VCID-wujp-7kc4-2ycb

vulnerability	VCID-xvj8-jwkd-6ubd

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.20

url pkg:maven/org.yaml/snakeyaml@1.21

purl pkg:maven/org.yaml/snakeyaml@1.21

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-d22y-27n1-nkdb

vulnerability	VCID-f9a3-vz93-zqcq

vulnerability	VCID-gvc5-rtu7-eueb

vulnerability	VCID-kde4-epw8-w7c8

vulnerability	VCID-mdgs-etkz-abgd

vulnerability	VCID-wujp-7kc4-2ycb

vulnerability	VCID-xvj8-jwkd-6ubd

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.21

url pkg:maven/org.yaml/snakeyaml@1.22

purl pkg:maven/org.yaml/snakeyaml@1.22

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-d22y-27n1-nkdb

vulnerability	VCID-f9a3-vz93-zqcq

vulnerability	VCID-gvc5-rtu7-eueb

vulnerability	VCID-kde4-epw8-w7c8

vulnerability	VCID-mdgs-etkz-abgd

vulnerability	VCID-wujp-7kc4-2ycb

vulnerability	VCID-xvj8-jwkd-6ubd

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.22

url pkg:maven/org.yaml/snakeyaml@1.23

purl pkg:maven/org.yaml/snakeyaml@1.23

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-d22y-27n1-nkdb

vulnerability	VCID-f9a3-vz93-zqcq

vulnerability	VCID-gvc5-rtu7-eueb

vulnerability	VCID-kde4-epw8-w7c8

vulnerability	VCID-mdgs-etkz-abgd

vulnerability	VCID-wujp-7kc4-2ycb

vulnerability	VCID-xvj8-jwkd-6ubd

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.23

url pkg:maven/org.yaml/snakeyaml@1.24

purl pkg:maven/org.yaml/snakeyaml@1.24

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-d22y-27n1-nkdb

vulnerability	VCID-f9a3-vz93-zqcq

vulnerability	VCID-gvc5-rtu7-eueb

vulnerability	VCID-kde4-epw8-w7c8

vulnerability	VCID-mdgs-etkz-abgd

vulnerability	VCID-wujp-7kc4-2ycb

vulnerability	VCID-xvj8-jwkd-6ubd

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.24

url pkg:maven/org.yaml/snakeyaml@1.25

purl pkg:maven/org.yaml/snakeyaml@1.25

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-d22y-27n1-nkdb

vulnerability	VCID-f9a3-vz93-zqcq

vulnerability	VCID-gvc5-rtu7-eueb

vulnerability	VCID-kde4-epw8-w7c8

vulnerability	VCID-mdgs-etkz-abgd

vulnerability	VCID-wujp-7kc4-2ycb

vulnerability	VCID-xvj8-jwkd-6ubd

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.25

url pkg:maven/org.yaml/snakeyaml@1.26

purl pkg:maven/org.yaml/snakeyaml@1.26

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f9a3-vz93-zqcq

vulnerability	VCID-gvc5-rtu7-eueb

vulnerability	VCID-kde4-epw8-w7c8

vulnerability	VCID-mdgs-etkz-abgd

vulnerability	VCID-wujp-7kc4-2ycb

vulnerability	VCID-xvj8-jwkd-6ubd

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.26

url pkg:maven/org.yaml/snakeyaml@1.27

purl pkg:maven/org.yaml/snakeyaml@1.27

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f9a3-vz93-zqcq

vulnerability	VCID-gvc5-rtu7-eueb

vulnerability	VCID-kde4-epw8-w7c8

vulnerability	VCID-mdgs-etkz-abgd

vulnerability	VCID-wujp-7kc4-2ycb

vulnerability	VCID-xvj8-jwkd-6ubd

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.27

url pkg:maven/org.yaml/snakeyaml@1.28

purl pkg:maven/org.yaml/snakeyaml@1.28

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f9a3-vz93-zqcq

vulnerability	VCID-gvc5-rtu7-eueb

vulnerability	VCID-kde4-epw8-w7c8

vulnerability	VCID-mdgs-etkz-abgd

vulnerability	VCID-wujp-7kc4-2ycb

vulnerability	VCID-xvj8-jwkd-6ubd

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.28

url pkg:maven/org.yaml/snakeyaml@1.29

purl pkg:maven/org.yaml/snakeyaml@1.29

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f9a3-vz93-zqcq

vulnerability	VCID-gvc5-rtu7-eueb

vulnerability	VCID-kde4-epw8-w7c8

vulnerability	VCID-mdgs-etkz-abgd

vulnerability	VCID-wujp-7kc4-2ycb

vulnerability	VCID-xvj8-jwkd-6ubd

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.29

url pkg:maven/org.yaml/snakeyaml@1.30

purl pkg:maven/org.yaml/snakeyaml@1.30

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f9a3-vz93-zqcq

vulnerability	VCID-gvc5-rtu7-eueb

vulnerability	VCID-kde4-epw8-w7c8

vulnerability	VCID-mdgs-etkz-abgd

vulnerability	VCID-wujp-7kc4-2ycb

vulnerability	VCID-xvj8-jwkd-6ubd

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.30

url pkg:maven/org.yaml/snakeyaml@1.31

purl pkg:maven/org.yaml/snakeyaml@1.31

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-kde4-epw8-w7c8

vulnerability	VCID-wujp-7kc4-2ycb

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.31

url pkg:maven/org.yaml/snakeyaml@1.32

purl pkg:maven/org.yaml/snakeyaml@1.32

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.32

url pkg:maven/org.yaml/snakeyaml@1.33

purl pkg:maven/org.yaml/snakeyaml@1.33

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.33

url pkg:rpm/redhat/candlepin@4.2.13-1?arch=el8sat

purl pkg:rpm/redhat/candlepin@4.2.13-1?arch=el8sat

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4vx9-twgz-xbcs

vulnerability	VCID-6r2h-5gfg-wfgq

vulnerability	VCID-92cp-kc76-5yfu

vulnerability	VCID-9gek-hwbv-87hc

vulnerability	VCID-f9a3-vz93-zqcq

vulnerability	VCID-gvc5-rtu7-eueb

vulnerability	VCID-kde4-epw8-w7c8

vulnerability	VCID-mdgs-etkz-abgd

vulnerability	VCID-rg6h-uhep-kyce

vulnerability	VCID-ts5d-j1mw-dqbg

vulnerability	VCID-xvj8-jwkd-6ubd

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/candlepin@4.2.13-1%3Farch=el8sat

url pkg:rpm/redhat/eap7-jackson-modules-java8@2.10.4-2.redhat_00004.1?arch=el7eap

purl pkg:rpm/redhat/eap7-jackson-modules-java8@2.10.4-2.redhat_00004.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1b3e-49vk-27h2

vulnerability	VCID-5awv-7w7c-sfgn

vulnerability	VCID-8ra7-fpsb-5ye8

vulnerability	VCID-9gek-hwbv-87hc

vulnerability	VCID-aauw-24tq-nfdc

vulnerability	VCID-gygt-yqzu-tqgd

vulnerability	VCID-mpz4-6qzq-9ycm

vulnerability	VCID-pe9e-5tw4-rfbf

vulnerability	VCID-rg6h-uhep-kyce

vulnerability	VCID-t2ns-jx1q-2fek

vulnerability	VCID-ts5d-j1mw-dqbg

vulnerability	VCID-wauh-sfrw-mbff

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-modules-java8@2.10.4-2.redhat_00004.1%3Farch=el7eap

url pkg:rpm/redhat/eap7-resteasy@3.0.27-1.Final_redhat_00001.1.ep7?arch=el7

purl pkg:rpm/redhat/eap7-resteasy@3.0.27-1.Final_redhat_00001.1.ep7?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4n15-13mm-sqfr

vulnerability	VCID-5awv-7w7c-sfgn

vulnerability	VCID-7zr2-u3f1-jqd1

vulnerability	VCID-8ra7-fpsb-5ye8

vulnerability	VCID-9gek-hwbv-87hc

vulnerability	VCID-9wy4-n4u7-pycp

vulnerability	VCID-aauw-24tq-nfdc

vulnerability	VCID-dach-1bmd-67eb

vulnerability	VCID-djr3-bksw-ruc5

vulnerability	VCID-e865-k4uj-u7dc

vulnerability	VCID-gygt-yqzu-tqgd

vulnerability	VCID-pe9e-5tw4-rfbf

vulnerability	VCID-rg6h-uhep-kyce

vulnerability	VCID-t2ns-jx1q-2fek

vulnerability	VCID-ts5d-j1mw-dqbg

vulnerability	VCID-wauh-sfrw-mbff

vulnerability	VCID-yn5b-b6qq-xffs

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-resteasy@3.0.27-1.Final_redhat_00001.1.ep7%3Farch=el7

url pkg:rpm/redhat/eap7-resteasy@3.11.6-1.Final_redhat_00001.1?arch=el7eap

purl pkg:rpm/redhat/eap7-resteasy@3.11.6-1.Final_redhat_00001.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1b3e-49vk-27h2

vulnerability	VCID-5awv-7w7c-sfgn

vulnerability	VCID-8ra7-fpsb-5ye8

vulnerability	VCID-9gek-hwbv-87hc

vulnerability	VCID-aauw-24tq-nfdc

vulnerability	VCID-gygt-yqzu-tqgd

vulnerability	VCID-mpz4-6qzq-9ycm

vulnerability	VCID-pe9e-5tw4-rfbf

vulnerability	VCID-rg6h-uhep-kyce

vulnerability	VCID-t2ns-jx1q-2fek

vulnerability	VCID-ts5d-j1mw-dqbg

vulnerability	VCID-wauh-sfrw-mbff

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-resteasy@3.11.6-1.Final_redhat_00001.1%3Farch=el7eap

url pkg:rpm/redhat/eap7-snakeyaml@1.33.0-1.SP1_redhat_00001.1?arch=el7eap

purl pkg:rpm/redhat/eap7-snakeyaml@1.33.0-1.SP1_redhat_00001.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1b3e-49vk-27h2

vulnerability	VCID-5awv-7w7c-sfgn

vulnerability	VCID-aauw-24tq-nfdc

vulnerability	VCID-gygt-yqzu-tqgd

vulnerability	VCID-mpz4-6qzq-9ycm

vulnerability	VCID-pe9e-5tw4-rfbf

vulnerability	VCID-t2ns-jx1q-2fek

vulnerability	VCID-ts5d-j1mw-dqbg

vulnerability	VCID-wauh-sfrw-mbff

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-snakeyaml@1.33.0-1.SP1_redhat_00001.1%3Farch=el7eap

url pkg:rpm/redhat/eap7-snakeyaml@1.33.0-1.SP1_redhat_00001.1.ep7?arch=el7

purl pkg:rpm/redhat/eap7-snakeyaml@1.33.0-1.SP1_redhat_00001.1.ep7?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5awv-7w7c-sfgn

vulnerability	VCID-8ra7-fpsb-5ye8

vulnerability	VCID-aauw-24tq-nfdc

vulnerability	VCID-pe9e-5tw4-rfbf

vulnerability	VCID-ts5d-j1mw-dqbg

vulnerability	VCID-wauh-sfrw-mbff

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-snakeyaml@1.33.0-1.SP1_redhat_00001.1.ep7%3Farch=el7

url pkg:rpm/redhat/eap7-snakeyaml@1.33.0-2.SP1_redhat_00001.1?arch=el8eap

purl pkg:rpm/redhat/eap7-snakeyaml@1.33.0-2.SP1_redhat_00001.1?arch=el8eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-87j6-anzh-2uf1

vulnerability	VCID-kde4-epw8-w7c8

vulnerability	VCID-wdvr-ddjy-27as

vulnerability	VCID-wujp-7kc4-2ycb

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-snakeyaml@1.33.0-2.SP1_redhat_00001.1%3Farch=el8eap

url pkg:rpm/redhat/eap7-snakeyaml@1.33.0-2.SP1_redhat_00001.1?arch=el7eap

purl pkg:rpm/redhat/eap7-snakeyaml@1.33.0-2.SP1_redhat_00001.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-87j6-anzh-2uf1

vulnerability	VCID-kde4-epw8-w7c8

vulnerability	VCID-wdvr-ddjy-27as

vulnerability	VCID-wujp-7kc4-2ycb

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-snakeyaml@1.33.0-2.SP1_redhat_00001.1%3Farch=el7eap

url pkg:rpm/redhat/eap7-snakeyaml@1.33.0-2.SP1_redhat_00001.1?arch=el9eap

purl pkg:rpm/redhat/eap7-snakeyaml@1.33.0-2.SP1_redhat_00001.1?arch=el9eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-87j6-anzh-2uf1

vulnerability	VCID-kde4-epw8-w7c8

vulnerability	VCID-wdvr-ddjy-27as

vulnerability	VCID-wujp-7kc4-2ycb

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-snakeyaml@1.33.0-2.SP1_redhat_00001.1%3Farch=el9eap

url pkg:rpm/redhat/jenkins-2-plugins@4.9.1675668922-1?arch=el8

purl pkg:rpm/redhat/jenkins-2-plugins@4.9.1675668922-1?arch=el8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hvx-2h1t-n7hj

vulnerability	VCID-24zg-76th-b7a9

vulnerability	VCID-282p-1cbn-1ydr

vulnerability	VCID-2ef9-4t7c-9kd6

vulnerability	VCID-2gbh-nhbd-vyb3

vulnerability	VCID-44sb-6uzy-3be8

vulnerability	VCID-6edu-x9e7-mqg4

vulnerability	VCID-6fdz-pavg-uydu

vulnerability	VCID-79jf-4v34-5feg

vulnerability	VCID-8drq-ax12-d7h5

vulnerability	VCID-f9a3-vz93-zqcq

vulnerability	VCID-kshy-a9qd-9ue3

vulnerability	VCID-pae5-c62h-q7a9

vulnerability	VCID-pe9e-5tw4-rfbf

vulnerability	VCID-r8x8-fygj-77bn

vulnerability	VCID-udcj-gpwk-uudj

vulnerability	VCID-vftd-1z64-mba7

vulnerability	VCID-vm4d-svqb-dfh6

vulnerability	VCID-vyvx-hyzd-zkan

vulnerability	VCID-wbwg-kc2b-4qhc

vulnerability	VCID-xsy5-wuvz-juh6

vulnerability	VCID-yw72-1mwb-bqdc

vulnerability	VCID-zpc9-qmnr-ckga

vulnerability	VCID-zwkg-gh5x-t7a4

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jenkins-2-plugins@4.9.1675668922-1%3Farch=el8

url pkg:rpm/redhat/jenkins-2-plugins@4.10.1675407676-1?arch=el8

purl pkg:rpm/redhat/jenkins-2-plugins@4.10.1675407676-1?arch=el8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jenkins-2-plugins@4.10.1675407676-1%3Farch=el8

url pkg:rpm/redhat/jenkins-2-plugins@4.11.1683009941-1?arch=el8

purl pkg:rpm/redhat/jenkins-2-plugins@4.11.1683009941-1?arch=el8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-282p-1cbn-1ydr

vulnerability	VCID-2ef9-4t7c-9kd6

vulnerability	VCID-2gbh-nhbd-vyb3

vulnerability	VCID-6edu-x9e7-mqg4

vulnerability	VCID-6js7-4nr1-tfe9

vulnerability	VCID-767j-pk7s-sfdd

vulnerability	VCID-79jf-4v34-5feg

vulnerability	VCID-f9a3-vz93-zqcq

vulnerability	VCID-hhvt-b749-rub6

vulnerability	VCID-pe9e-5tw4-rfbf

vulnerability	VCID-ts5d-j1mw-dqbg

vulnerability	VCID-udcj-gpwk-uudj

vulnerability	VCID-ueg1-ww9r-u7gm

vulnerability	VCID-vm4d-svqb-dfh6

vulnerability	VCID-vyvx-hyzd-zkan

vulnerability	VCID-wrx9-uc8e-9fch

vulnerability	VCID-xsy5-wuvz-juh6

vulnerability	VCID-yw72-1mwb-bqdc

vulnerability	VCID-zpc9-qmnr-ckga

vulnerability	VCID-zwkg-gh5x-t7a4

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jenkins-2-plugins@4.11.1683009941-1%3Farch=el8

url pkg:rpm/redhat/jenkins-2-plugins@4.11.1698299029-1?arch=el8

purl pkg:rpm/redhat/jenkins-2-plugins@4.11.1698299029-1?arch=el8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6js7-4nr1-tfe9

vulnerability	VCID-ggkj-1b25-kyb9

vulnerability	VCID-hhvt-b749-rub6

vulnerability	VCID-ts5d-j1mw-dqbg

vulnerability	VCID-ueg1-ww9r-u7gm

vulnerability	VCID-wrx9-uc8e-9fch

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jenkins-2-plugins@4.11.1698299029-1%3Farch=el8

url pkg:rpm/redhat/jenkins-2-plugins@4.11.1706516946-1?arch=el8

purl pkg:rpm/redhat/jenkins-2-plugins@4.11.1706516946-1?arch=el8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6js7-4nr1-tfe9

vulnerability	VCID-6xxy-hbns-muak

vulnerability	VCID-hhvt-b749-rub6

vulnerability	VCID-ts5d-j1mw-dqbg

vulnerability	VCID-ueg1-ww9r-u7gm

vulnerability	VCID-wrx9-uc8e-9fch

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jenkins-2-plugins@4.11.1706516946-1%3Farch=el8

url pkg:rpm/redhat/prometheus-jmx-exporter@0.12.0-9?arch=el8_7

purl pkg:rpm/redhat/prometheus-jmx-exporter@0.12.0-9?arch=el8_7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/prometheus-jmx-exporter@0.12.0-9%3Farch=el8_7

url pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1?arch=el9sso

purl pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1?arch=el9sso

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1b3e-49vk-27h2

vulnerability	VCID-486s-u7j8-83e2

vulnerability	VCID-4ue8-9kcp-uqah

vulnerability	VCID-6bhd-zdh5-5qgz

vulnerability	VCID-6m6w-vs31-byea

vulnerability	VCID-8ra7-fpsb-5ye8

vulnerability	VCID-9gek-hwbv-87hc

vulnerability	VCID-c2nr-hks8-4qg1

vulnerability	VCID-ejyg-88gf-sfbh

vulnerability	VCID-f9a3-vz93-zqcq

vulnerability	VCID-fh9y-kdy5-guau

vulnerability	VCID-g5u6-4zxh-8ucn

vulnerability	VCID-gvc5-rtu7-eueb

vulnerability	VCID-jp51-ftxv-4ud9

vulnerability	VCID-kufg-z717-b7hm

vulnerability	VCID-mdgs-etkz-abgd

vulnerability	VCID-p8q4-rr16-6ycg

vulnerability	VCID-pe9e-5tw4-rfbf

vulnerability	VCID-pn4q-88ty-pbay

vulnerability	VCID-qvs4-a8b6-2uht

vulnerability	VCID-rg6h-uhep-kyce

vulnerability	VCID-s53x-qyc6-bfcn

vulnerability	VCID-t2ns-jx1q-2fek

vulnerability	VCID-tyy7-1dkf-uufg

vulnerability	VCID-v2tp-rt89-6ydw

vulnerability	VCID-v9w8-12zc-9ycn

vulnerability	VCID-vnt9-r111-33h3

vulnerability	VCID-xvj8-jwkd-6ubd

vulnerability	VCID-yb9d-mbgp-dfam

vulnerability	VCID-zha3-5yra-sfae

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1%3Farch=el9sso

url pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1?arch=el7sso

purl pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1?arch=el7sso

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1b3e-49vk-27h2

vulnerability	VCID-486s-u7j8-83e2

vulnerability	VCID-4ue8-9kcp-uqah

vulnerability	VCID-6bhd-zdh5-5qgz

vulnerability	VCID-6m6w-vs31-byea

vulnerability	VCID-8ra7-fpsb-5ye8

vulnerability	VCID-9gek-hwbv-87hc

vulnerability	VCID-c2nr-hks8-4qg1

vulnerability	VCID-ejyg-88gf-sfbh

vulnerability	VCID-f9a3-vz93-zqcq

vulnerability	VCID-fh9y-kdy5-guau

vulnerability	VCID-g5u6-4zxh-8ucn

vulnerability	VCID-gvc5-rtu7-eueb

vulnerability	VCID-jp51-ftxv-4ud9

vulnerability	VCID-kufg-z717-b7hm

vulnerability	VCID-mdgs-etkz-abgd

vulnerability	VCID-p8q4-rr16-6ycg

vulnerability	VCID-pe9e-5tw4-rfbf

vulnerability	VCID-pn4q-88ty-pbay

vulnerability	VCID-qvs4-a8b6-2uht

vulnerability	VCID-rg6h-uhep-kyce

vulnerability	VCID-s53x-qyc6-bfcn

vulnerability	VCID-t2ns-jx1q-2fek

vulnerability	VCID-tyy7-1dkf-uufg

vulnerability	VCID-v2tp-rt89-6ydw

vulnerability	VCID-v9w8-12zc-9ycn

vulnerability	VCID-vnt9-r111-33h3

vulnerability	VCID-xvj8-jwkd-6ubd

vulnerability	VCID-yb9d-mbgp-dfam

vulnerability	VCID-zha3-5yra-sfae

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1%3Farch=el7sso

url pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1?arch=el8sso

purl pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1?arch=el8sso

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1b3e-49vk-27h2

vulnerability	VCID-486s-u7j8-83e2

vulnerability	VCID-4ue8-9kcp-uqah

vulnerability	VCID-6bhd-zdh5-5qgz

vulnerability	VCID-6m6w-vs31-byea

vulnerability	VCID-8ra7-fpsb-5ye8

vulnerability	VCID-9gek-hwbv-87hc

vulnerability	VCID-c2nr-hks8-4qg1

vulnerability	VCID-ejyg-88gf-sfbh

vulnerability	VCID-f9a3-vz93-zqcq

vulnerability	VCID-fh9y-kdy5-guau

vulnerability	VCID-g5u6-4zxh-8ucn

vulnerability	VCID-gvc5-rtu7-eueb

vulnerability	VCID-jp51-ftxv-4ud9

vulnerability	VCID-kufg-z717-b7hm

vulnerability	VCID-mdgs-etkz-abgd

vulnerability	VCID-p8q4-rr16-6ycg

vulnerability	VCID-pe9e-5tw4-rfbf

vulnerability	VCID-pn4q-88ty-pbay

vulnerability	VCID-qvs4-a8b6-2uht

vulnerability	VCID-rg6h-uhep-kyce

vulnerability	VCID-s53x-qyc6-bfcn

vulnerability	VCID-t2ns-jx1q-2fek

vulnerability	VCID-tyy7-1dkf-uufg

vulnerability	VCID-v2tp-rt89-6ydw

vulnerability	VCID-v9w8-12zc-9ycn

vulnerability	VCID-vnt9-r111-33h3

vulnerability	VCID-xvj8-jwkd-6ubd

vulnerability	VCID-yb9d-mbgp-dfam

vulnerability	VCID-zha3-5yra-sfae

vulnerability	VCID-zpc9-qmnr-ckga

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1%3Farch=el8sso

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1471.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1471.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-1471

reference_id

reference_type

scores

value	0.93849
scoring_system	epss
scoring_elements	0.99876
published_at	2026-06-14T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-1471

reference_url

https://bitbucket.org/snakeyaml/snakeyaml

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bitbucket.org/snakeyaml/snakeyaml

reference_url

https://bitbucket.org/snakeyaml/snakeyaml/commits/5014df1a36f50aca54405bb8433bc99a8847f758

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bitbucket.org/snakeyaml/snakeyaml/commits/5014df1a36f50aca54405bb8433bc99a8847f758

reference_url

https://bitbucket.org/snakeyaml/snakeyaml/commits/acc44099f5f4af26ff86b4e4e4cc1c874e2dc5c4

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bitbucket.org/snakeyaml/snakeyaml/commits/acc44099f5f4af26ff86b4e4e4cc1c874e2dc5c4

reference_url

https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64634374

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64634374

reference_url

https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64876314

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64876314

reference_url

https://bitbucket.org/snakeyaml/snakeyaml/wiki/CVE-2022-1471

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bitbucket.org/snakeyaml/snakeyaml/wiki/CVE-2022-1471

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1471
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1471

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-1471

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-1471

reference_url

https://security.netapp.com/advisory/ntap-20230818-0015

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20230818-0015

reference_url

https://security.netapp.com/advisory/ntap-20240621-0006

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20240621-0006

reference_url

https://snyk.io/blog/unsafe-deserialization-snakeyaml-java-cve-2022-1471

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://snyk.io/blog/unsafe-deserialization-snakeyaml-java-cve-2022-1471

reference_url

http://www.openwall.com/lists/oss-security/2023/11/19/1

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/

url

http://www.openwall.com/lists/oss-security/2023/11/19/1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2150009
reference_id	2150009
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2150009

reference_url

https://confluence.atlassian.com/security/cve-2022-1471-snakeyaml-library-rce-vulnerability-in-multiple-products-1296171009.html

reference_id

cve-2022-1471-snakeyaml-library-rce-vulnerability-in-multiple-products-1296171009.html

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/

url

https://confluence.atlassian.com/security/cve-2022-1471-snakeyaml-library-rce-vulnerability-in-multiple-products-1296171009.html

reference_url

https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64581479

reference_id

cve-2022-1471-vulnerability-in#comment-64581479

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/

url

https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64581479

reference_url

https://infosecwriteups.com/%EF%B8%8F-inside-the-160-comment-fight-to-fix-snakeyamls-rce-default-1a20c5ca4d4c

reference_id

%EF%B8%8F-inside-the-160-comment-fight-to-fix-snakeyamls-rce-default-1a20c5ca4d4c

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/

url

https://infosecwriteups.com/%EF%B8%8F-inside-the-160-comment-fight-to-fix-snakeyamls-rce-default-1a20c5ca4d4c

reference_url

https://github.com/advisories/GHSA-mjmj-j48q-9wg2

reference_id

GHSA-mjmj-j48q-9wg2

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-mjmj-j48q-9wg2

reference_url

https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2

reference_id

GHSA-mjmj-j48q-9wg2

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/

url

https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2

reference_url

https://github.com/mbechler/marshalsec

reference_id

marshalsec

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/

url

https://github.com/mbechler/marshalsec

reference_url

https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true

reference_id

marshalsec.pdf?raw=true

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/

url

https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true

reference_url

https://groups.google.com/g/kubernetes-security-announce/c/mwrakFaEdnc

reference_id

mwrakFaEdnc

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/

url

https://groups.google.com/g/kubernetes-security-announce/c/mwrakFaEdnc

reference_url

https://security.netapp.com/advisory/ntap-20230818-0015/

reference_id

ntap-20230818-0015

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/

url

https://security.netapp.com/advisory/ntap-20230818-0015/

reference_url

https://security.netapp.com/advisory/ntap-20240621-0006/

reference_id

ntap-20240621-0006

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/

url

https://security.netapp.com/advisory/ntap-20240621-0006/

reference_url

http://packetstormsecurity.com/files/175095/PyTorch-Model-Server-Registration-Deserialization-Remote-Code-Execution.html

reference_id

PyTorch-Model-Server-Registration-Deserialization-Remote-Code-Execution.html

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/

url

http://packetstormsecurity.com/files/175095/PyTorch-Model-Server-Registration-Deserialization-Remote-Code-Execution.html

reference_url	https://access.redhat.com/errata/RHSA-2022:9032
reference_id	RHSA-2022:9032
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:9032

reference_url	https://access.redhat.com/errata/RHSA-2022:9058
reference_id	RHSA-2022:9058
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:9058

reference_url	https://access.redhat.com/errata/RHSA-2023:0697
reference_id	RHSA-2023:0697
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0697

reference_url	https://access.redhat.com/errata/RHSA-2023:0758
reference_id	RHSA-2023:0758
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0758

reference_url	https://access.redhat.com/errata/RHSA-2023:0777
reference_id	RHSA-2023:0777
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0777

reference_url	https://access.redhat.com/errata/RHSA-2023:1006
reference_id	RHSA-2023:1006
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1006

reference_url	https://access.redhat.com/errata/RHSA-2023:1043
reference_id	RHSA-2023:1043
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1043

reference_url	https://access.redhat.com/errata/RHSA-2023:1044
reference_id	RHSA-2023:1044
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1044

reference_url	https://access.redhat.com/errata/RHSA-2023:1045
reference_id	RHSA-2023:1045
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1045

reference_url	https://access.redhat.com/errata/RHSA-2023:1047
reference_id	RHSA-2023:1047
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1047

reference_url	https://access.redhat.com/errata/RHSA-2023:1049
reference_id	RHSA-2023:1049
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1049

reference_url	https://access.redhat.com/errata/RHSA-2023:1512
reference_id	RHSA-2023:1512
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1512

reference_url	https://access.redhat.com/errata/RHSA-2023:1513
reference_id	RHSA-2023:1513
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1513

reference_url	https://access.redhat.com/errata/RHSA-2023:1514
reference_id	RHSA-2023:1514
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1514

reference_url	https://access.redhat.com/errata/RHSA-2023:1516
reference_id	RHSA-2023:1516
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1516

reference_url	https://access.redhat.com/errata/RHSA-2023:2097
reference_id	RHSA-2023:2097
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2097

reference_url	https://access.redhat.com/errata/RHSA-2023:3198
reference_id	RHSA-2023:3198
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3198

reference_url	https://access.redhat.com/errata/RHSA-2023:4612
reference_id	RHSA-2023:4612
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4612

reference_url	https://access.redhat.com/errata/RHSA-2023:5165
reference_id	RHSA-2023:5165
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5165

reference_url	https://access.redhat.com/errata/RHSA-2023:6171
reference_id	RHSA-2023:6171
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6171

reference_url	https://access.redhat.com/errata/RHSA-2023:7697
reference_id	RHSA-2023:7697
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7697

reference_url	https://access.redhat.com/errata/RHSA-2024:0325
reference_id	RHSA-2024:0325
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0325

reference_url	https://access.redhat.com/errata/RHSA-2024:0775
reference_id	RHSA-2024:0775
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0775

reference_url	https://access.redhat.com/errata/RHSA-2024:1353
reference_id	RHSA-2024:1353
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1353

reference_url	https://access.redhat.com/errata/RHSA-2025:1746
reference_id	RHSA-2025:1746
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:1746

reference_url	https://access.redhat.com/errata/RHSA-2025:1747
reference_id	RHSA-2025:1747
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:1747

Weaknesses

cwe_id	20
name	Improper Input Validation
description	The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

cwe_id	502
name	Deserialization of Untrusted Data
description	The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

Exploits

date_added	`null`
description	The PyTorch model server contains multiple vulnerabilities that can be chained together to permit an unauthenticated remote attacker arbitrary Java code execution. The first vulnerability is that the management interface is bound to all IP addresses and not just the loop back interface as the documentation suggests. The second vulnerability (CVE-2023-43654) allows attackers with access to the management interface to register MAR model files from arbitrary servers. The third vulnerability is that when an MAR file is loaded, it can contain a YAML configuration file that when deserialized by snakeyaml, can lead to loading an arbitrary Java class.
required_action	`null`
due_date	`null`
notes	Stability: - crash-safe SideEffects: - ioc-in-logs Reliability: - repeatable-session
known_ransomware_campaign_use	`false`
source_date_published	2023-10-03
exploit_type	`null`
platform	Java
source_date_updated	`null`
data_source	Metasploit
source_url	https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/multi/http/torchserver_cve_2023_43654.rb

Severity_range_score 7.0 - 9.8

Exploitability 2.0

Weighted_severity 8.8

Risk_score 10.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zpc9-qmnr-ckga

Vulnerability Instance