Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-d6hk-e64u-tbcj
Summary
File system access via H2 in Apache Ignite
Apache Ignite uses H2 database to build SQL distributed execution engine. H2 provides SQL functions which could be used by attacker to access to a filesystem.
Aliases
0
alias CVE-2020-1963
1
alias GHSA-5wm5-8q42-rhxg
Fixed_packages
0
url pkg:maven/org.apache.ignite/ignite-core@2.8.1
purl pkg:maven/org.apache.ignite/ignite-core@2.8.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-t38y-1dv8-b7av
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.ignite/ignite-core@2.8.1
Affected_packages
0
url pkg:maven/org.apache.ignite/ignite-core@1.0.0-RC1
purl pkg:maven/org.apache.ignite/ignite-core@1.0.0-RC1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16c2-gkg9-qbaj
1
vulnerability VCID-66b8-a5kh-yfhw
2
vulnerability VCID-8xff-d5ab-bqgf
3
vulnerability VCID-d6hk-e64u-tbcj
4
vulnerability VCID-kxtv-ma18-8fer
5
vulnerability VCID-ykug-1dhq-tygt
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.ignite/ignite-core@1.0.0-RC1
1
url pkg:maven/org.apache.ignite/ignite-core@1.0.0-RC3
purl pkg:maven/org.apache.ignite/ignite-core@1.0.0-RC3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16c2-gkg9-qbaj
1
vulnerability VCID-66b8-a5kh-yfhw
2
vulnerability VCID-8xff-d5ab-bqgf
3
vulnerability VCID-d6hk-e64u-tbcj
4
vulnerability VCID-kxtv-ma18-8fer
5
vulnerability VCID-ykug-1dhq-tygt
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.ignite/ignite-core@1.0.0-RC3
2
url pkg:maven/org.apache.ignite/ignite-core@1.0.0
purl pkg:maven/org.apache.ignite/ignite-core@1.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16c2-gkg9-qbaj
1
vulnerability VCID-66b8-a5kh-yfhw
2
vulnerability VCID-8xff-d5ab-bqgf
3
vulnerability VCID-d6hk-e64u-tbcj
4
vulnerability VCID-kxtv-ma18-8fer
5
vulnerability VCID-s8a4-9j7s-8fc8
6
vulnerability VCID-ykug-1dhq-tygt
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.ignite/ignite-core@1.0.0
3
url pkg:maven/org.apache.ignite/ignite-core@1.1.0-incubating
purl pkg:maven/org.apache.ignite/ignite-core@1.1.0-incubating
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16c2-gkg9-qbaj
1
vulnerability VCID-66b8-a5kh-yfhw
2
vulnerability VCID-8xff-d5ab-bqgf
3
vulnerability VCID-d6hk-e64u-tbcj
4
vulnerability VCID-kxtv-ma18-8fer
5
vulnerability VCID-s8a4-9j7s-8fc8
6
vulnerability VCID-ykug-1dhq-tygt
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.ignite/ignite-core@1.1.0-incubating
4
url pkg:maven/org.apache.ignite/ignite-core@1.2.0-incubating
purl pkg:maven/org.apache.ignite/ignite-core@1.2.0-incubating
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16c2-gkg9-qbaj
1
vulnerability VCID-66b8-a5kh-yfhw
2
vulnerability VCID-8xff-d5ab-bqgf
3
vulnerability VCID-d6hk-e64u-tbcj
4
vulnerability VCID-kxtv-ma18-8fer
5
vulnerability VCID-s8a4-9j7s-8fc8
6
vulnerability VCID-ykug-1dhq-tygt
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.ignite/ignite-core@1.2.0-incubating
5
url pkg:maven/org.apache.ignite/ignite-core@1.3.0-incubating
purl pkg:maven/org.apache.ignite/ignite-core@1.3.0-incubating
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16c2-gkg9-qbaj
1
vulnerability VCID-66b8-a5kh-yfhw
2
vulnerability VCID-8xff-d5ab-bqgf
3
vulnerability VCID-d6hk-e64u-tbcj
4
vulnerability VCID-kxtv-ma18-8fer
5
vulnerability VCID-s8a4-9j7s-8fc8
6
vulnerability VCID-ykug-1dhq-tygt
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.ignite/ignite-core@1.3.0-incubating
6
url pkg:maven/org.apache.ignite/ignite-core@1.4.0
purl pkg:maven/org.apache.ignite/ignite-core@1.4.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16c2-gkg9-qbaj
1
vulnerability VCID-66b8-a5kh-yfhw
2
vulnerability VCID-8xff-d5ab-bqgf
3
vulnerability VCID-d6hk-e64u-tbcj
4
vulnerability VCID-kxtv-ma18-8fer
5
vulnerability VCID-s8a4-9j7s-8fc8
6
vulnerability VCID-ykug-1dhq-tygt
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.ignite/ignite-core@1.4.0
7
url pkg:maven/org.apache.ignite/ignite-core@1.5.0-b1
purl pkg:maven/org.apache.ignite/ignite-core@1.5.0-b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16c2-gkg9-qbaj
1
vulnerability VCID-66b8-a5kh-yfhw
2
vulnerability VCID-8xff-d5ab-bqgf
3
vulnerability VCID-d6hk-e64u-tbcj
4
vulnerability VCID-kxtv-ma18-8fer
5
vulnerability VCID-s8a4-9j7s-8fc8
6
vulnerability VCID-ykug-1dhq-tygt
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.ignite/ignite-core@1.5.0-b1
8
url pkg:maven/org.apache.ignite/ignite-core@1.5.0.final
purl pkg:maven/org.apache.ignite/ignite-core@1.5.0.final
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16c2-gkg9-qbaj
1
vulnerability VCID-66b8-a5kh-yfhw
2
vulnerability VCID-8xff-d5ab-bqgf
3
vulnerability VCID-d6hk-e64u-tbcj
4
vulnerability VCID-kxtv-ma18-8fer
5
vulnerability VCID-s8a4-9j7s-8fc8
6
vulnerability VCID-ykug-1dhq-tygt
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.ignite/ignite-core@1.5.0.final
9
url pkg:maven/org.apache.ignite/ignite-core@1.6.0
purl pkg:maven/org.apache.ignite/ignite-core@1.6.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16c2-gkg9-qbaj
1
vulnerability VCID-66b8-a5kh-yfhw
2
vulnerability VCID-8xff-d5ab-bqgf
3
vulnerability VCID-d6hk-e64u-tbcj
4
vulnerability VCID-kxtv-ma18-8fer
5
vulnerability VCID-s8a4-9j7s-8fc8
6
vulnerability VCID-ykug-1dhq-tygt
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.ignite/ignite-core@1.6.0
10
url pkg:maven/org.apache.ignite/ignite-core@1.7.0
purl pkg:maven/org.apache.ignite/ignite-core@1.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16c2-gkg9-qbaj
1
vulnerability VCID-66b8-a5kh-yfhw
2
vulnerability VCID-8xff-d5ab-bqgf
3
vulnerability VCID-d6hk-e64u-tbcj
4
vulnerability VCID-kxtv-ma18-8fer
5
vulnerability VCID-s8a4-9j7s-8fc8
6
vulnerability VCID-ykug-1dhq-tygt
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.ignite/ignite-core@1.7.0
11
url pkg:maven/org.apache.ignite/ignite-core@1.8.0
purl pkg:maven/org.apache.ignite/ignite-core@1.8.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16c2-gkg9-qbaj
1
vulnerability VCID-66b8-a5kh-yfhw
2
vulnerability VCID-8xff-d5ab-bqgf
3
vulnerability VCID-d6hk-e64u-tbcj
4
vulnerability VCID-kxtv-ma18-8fer
5
vulnerability VCID-s8a4-9j7s-8fc8
6
vulnerability VCID-ykug-1dhq-tygt
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.ignite/ignite-core@1.8.0
12
url pkg:maven/org.apache.ignite/ignite-core@1.9.0
purl pkg:maven/org.apache.ignite/ignite-core@1.9.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16c2-gkg9-qbaj
1
vulnerability VCID-8xff-d5ab-bqgf
2
vulnerability VCID-d6hk-e64u-tbcj
3
vulnerability VCID-kxtv-ma18-8fer
4
vulnerability VCID-s8a4-9j7s-8fc8
5
vulnerability VCID-ykug-1dhq-tygt
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.ignite/ignite-core@1.9.0
13
url pkg:maven/org.apache.ignite/ignite-core@2.0.0
purl pkg:maven/org.apache.ignite/ignite-core@2.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16c2-gkg9-qbaj
1
vulnerability VCID-8xff-d5ab-bqgf
2
vulnerability VCID-d6hk-e64u-tbcj
3
vulnerability VCID-kxtv-ma18-8fer
4
vulnerability VCID-s8a4-9j7s-8fc8
5
vulnerability VCID-ykug-1dhq-tygt
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.ignite/ignite-core@2.0.0
14
url pkg:maven/org.apache.ignite/ignite-core@2.1.0
purl pkg:maven/org.apache.ignite/ignite-core@2.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8xff-d5ab-bqgf
1
vulnerability VCID-d6hk-e64u-tbcj
2
vulnerability VCID-kxtv-ma18-8fer
3
vulnerability VCID-s8a4-9j7s-8fc8
4
vulnerability VCID-ykug-1dhq-tygt
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.ignite/ignite-core@2.1.0
15
url pkg:maven/org.apache.ignite/ignite-core@2.2.0
purl pkg:maven/org.apache.ignite/ignite-core@2.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8xff-d5ab-bqgf
1
vulnerability VCID-d6hk-e64u-tbcj
2
vulnerability VCID-s8a4-9j7s-8fc8
3
vulnerability VCID-ykug-1dhq-tygt
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.ignite/ignite-core@2.2.0
16
url pkg:maven/org.apache.ignite/ignite-core@2.3.0
purl pkg:maven/org.apache.ignite/ignite-core@2.3.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8xff-d5ab-bqgf
1
vulnerability VCID-d6hk-e64u-tbcj
2
vulnerability VCID-s8a4-9j7s-8fc8
3
vulnerability VCID-ykug-1dhq-tygt
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.ignite/ignite-core@2.3.0
17
url pkg:maven/org.apache.ignite/ignite-core@2.4.0
purl pkg:maven/org.apache.ignite/ignite-core@2.4.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-d6hk-e64u-tbcj
1
vulnerability VCID-s8a4-9j7s-8fc8
2
vulnerability VCID-ykug-1dhq-tygt
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.ignite/ignite-core@2.4.0
18
url pkg:maven/org.apache.ignite/ignite-core@2.5.0
purl pkg:maven/org.apache.ignite/ignite-core@2.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-d6hk-e64u-tbcj
1
vulnerability VCID-s8a4-9j7s-8fc8
2
vulnerability VCID-ykug-1dhq-tygt
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.ignite/ignite-core@2.5.0
19
url pkg:maven/org.apache.ignite/ignite-core@2.6.0
purl pkg:maven/org.apache.ignite/ignite-core@2.6.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-d6hk-e64u-tbcj
1
vulnerability VCID-t38y-1dv8-b7av
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.ignite/ignite-core@2.6.0
20
url pkg:maven/org.apache.ignite/ignite-core@2.7.0
purl pkg:maven/org.apache.ignite/ignite-core@2.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-d6hk-e64u-tbcj
1
vulnerability VCID-t38y-1dv8-b7av
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.ignite/ignite-core@2.7.0
21
url pkg:maven/org.apache.ignite/ignite-core@2.7.5
purl pkg:maven/org.apache.ignite/ignite-core@2.7.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-d6hk-e64u-tbcj
1
vulnerability VCID-t38y-1dv8-b7av
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.ignite/ignite-core@2.7.5
22
url pkg:maven/org.apache.ignite/ignite-core@2.7.6
purl pkg:maven/org.apache.ignite/ignite-core@2.7.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-d6hk-e64u-tbcj
1
vulnerability VCID-t38y-1dv8-b7av
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.ignite/ignite-core@2.7.6
23
url pkg:maven/org.apache.ignite/ignite-core@2.8.0
purl pkg:maven/org.apache.ignite/ignite-core@2.8.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-d6hk-e64u-tbcj
1
vulnerability VCID-t38y-1dv8-b7av
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.ignite/ignite-core@2.8.0
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1963.json
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1963.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1963
reference_id
reference_type
scores
0
value 0.04667
scoring_system epss
scoring_elements 0.89427
published_at 2026-05-14T12:55:00Z
1
value 0.04667
scoring_system epss
scoring_elements 0.89277
published_at 2026-04-01T12:55:00Z
2
value 0.04667
scoring_system epss
scoring_elements 0.89282
published_at 2026-04-02T12:55:00Z
3
value 0.04667
scoring_system epss
scoring_elements 0.89296
published_at 2026-04-04T12:55:00Z
4
value 0.04667
scoring_system epss
scoring_elements 0.89299
published_at 2026-04-07T12:55:00Z
5
value 0.04667
scoring_system epss
scoring_elements 0.89316
published_at 2026-04-08T12:55:00Z
6
value 0.04667
scoring_system epss
scoring_elements 0.8932
published_at 2026-04-09T12:55:00Z
7
value 0.04667
scoring_system epss
scoring_elements 0.89329
published_at 2026-04-11T12:55:00Z
8
value 0.04667
scoring_system epss
scoring_elements 0.89327
published_at 2026-04-12T12:55:00Z
9
value 0.04667
scoring_system epss
scoring_elements 0.89323
published_at 2026-04-13T12:55:00Z
10
value 0.04667
scoring_system epss
scoring_elements 0.89337
published_at 2026-04-16T12:55:00Z
11
value 0.04667
scoring_system epss
scoring_elements 0.89336
published_at 2026-04-18T12:55:00Z
12
value 0.04667
scoring_system epss
scoring_elements 0.89331
published_at 2026-04-21T12:55:00Z
13
value 0.04667
scoring_system epss
scoring_elements 0.89349
published_at 2026-04-24T12:55:00Z
14
value 0.04667
scoring_system epss
scoring_elements 0.89353
published_at 2026-04-26T12:55:00Z
15
value 0.04667
scoring_system epss
scoring_elements 0.89356
published_at 2026-04-29T12:55:00Z
16
value 0.04667
scoring_system epss
scoring_elements 0.89366
published_at 2026-05-05T12:55:00Z
17
value 0.04667
scoring_system epss
scoring_elements 0.89384
published_at 2026-05-07T12:55:00Z
18
value 0.04667
scoring_system epss
scoring_elements 0.89397
published_at 2026-05-09T12:55:00Z
19
value 0.04667
scoring_system epss
scoring_elements 0.89395
published_at 2026-05-11T12:55:00Z
20
value 0.04667
scoring_system epss
scoring_elements 0.89406
published_at 2026-05-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1963
2
reference_url https://lists.apache.org/thread.html/r119024ef71c8d39f952df0950a275d09714715179aff544aea0129a3@%3Cuser.ignite.apache.org%3E
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r119024ef71c8d39f952df0950a275d09714715179aff544aea0129a3@%3Cuser.ignite.apache.org%3E
3
reference_url https://lists.apache.org/thread.html/r1933faf8a26c431f38a5f8dbbfab80254454e54e33a79be474b67dc4%40%3Cdev.ignite.apache.org%3E
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r1933faf8a26c431f38a5f8dbbfab80254454e54e33a79be474b67dc4%40%3Cdev.ignite.apache.org%3E
4
reference_url https://lists.apache.org/thread.html/rd43ae18588fd7bdb375be63bc95a651aab319ced6306759e1237ce67@%3Cdev.ignite.apache.org%3E
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rd43ae18588fd7bdb375be63bc95a651aab319ced6306759e1237ce67@%3Cdev.ignite.apache.org%3E
5
reference_url https://lists.apache.org/thread.html/rdf37011b92a31a67c299ff45655e2638f194fc814e5c6e2fde352884@%3Cdev.ignite.apache.org%3E
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rdf37011b92a31a67c299ff45655e2638f194fc814e5c6e2fde352884@%3Cdev.ignite.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/rdf37011b92a31a67c299ff45655e2638f194fc814e5c6e2fde352884@%3Cuser.ignite.apache.org%3E
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rdf37011b92a31a67c299ff45655e2638f194fc814e5c6e2fde352884@%3Cuser.ignite.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/re7b43cf8333ee30b6589e465f72a6ed4a082222612d1a0fdd30beb94@%3Cdev.ignite.apache.org%3E
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/re7b43cf8333ee30b6589e465f72a6ed4a082222612d1a0fdd30beb94@%3Cdev.ignite.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/re7b43cf8333ee30b6589e465f72a6ed4a082222612d1a0fdd30beb94@%3Cuser.ignite.apache.org%3E
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/re7b43cf8333ee30b6589e465f72a6ed4a082222612d1a0fdd30beb94@%3Cuser.ignite.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/rf032a13a4711f88c0a2c0734eecbee1026cc1b6cde27d16a653f8755@%3Cdev.ignite.apache.org%3E
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf032a13a4711f88c0a2c0734eecbee1026cc1b6cde27d16a653f8755@%3Cdev.ignite.apache.org%3E
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-1963
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-1963
11
reference_url https://www.oracle.com/security-alerts/cpujan2022.html
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2022.html
12
reference_url http://www.openwall.com/lists/oss-security/2020/06/03/2
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2020/06/03/2
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1847145
reference_id 1847145
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1847145
14
reference_url https://github.com/advisories/GHSA-5wm5-8q42-rhxg
reference_id GHSA-5wm5-8q42-rhxg
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5wm5-8q42-rhxg
Weaknesses
0
cwe_id 862
name Missing Authorization
description The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
1
cwe_id 863
name Incorrect Authorization
description The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.
2
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
3
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
Exploits
Severity_range_score9.0 - 10.0
Exploitability0.5
Weighted_severity9.0
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-d6hk-e64u-tbcj