Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-5kns-j1rv-9ybf

Summary The org.h2.util.JdbcUtils.getConnection method of the H2 database takes as parameters the class name of the driver and URL of the database. An attacker may pass a JNDI driver name and a URL leading to a LDAP or RMI servers, causing remote code execution. This can be exploited through various attack vectors, most notably through the H2 Console which leads to unauthenticated remote code execution.

Aliases

alias	CVE-2021-42392

Fixed_packages

url pkg:deb/debian/h2database@1.4.197-4%2Bdeb10u1

purl pkg:deb/debian/h2database@1.4.197-4%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5kns-j1rv-9ybf

vulnerability	VCID-sw4g-uf26-m3bw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/h2database@1.4.197-4%252Bdeb10u1

url	pkg:deb/debian/h2database@1.4.197-4%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/h2database@1.4.197-4%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/h2database@1.4.197-4%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/h2database@1.4.197-4%2Bdeb11u1
purl	pkg:deb/debian/h2database@1.4.197-4%2Bdeb11u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/h2database@1.4.197-4%252Bdeb11u1

url	pkg:deb/debian/h2database@2.1.210-1?distro=trixie
purl	pkg:deb/debian/h2database@2.1.210-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/h2database@2.1.210-1%3Fdistro=trixie

url	pkg:deb/debian/h2database@2.1.214-1?distro=trixie
purl	pkg:deb/debian/h2database@2.1.214-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/h2database@2.1.214-1%3Fdistro=trixie

url	pkg:deb/debian/h2database@2.2.220-1?distro=trixie
purl	pkg:deb/debian/h2database@2.2.220-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/h2database@2.2.220-1%3Fdistro=trixie

Affected_packages

url pkg:deb/debian/h2database@1.4.193-1

purl pkg:deb/debian/h2database@1.4.193-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5kns-j1rv-9ybf

vulnerability	VCID-sw4g-uf26-m3bw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/h2database@1.4.193-1

url pkg:deb/debian/h2database@1.4.197-4%2Bdeb10u1

purl pkg:deb/debian/h2database@1.4.197-4%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5kns-j1rv-9ybf

vulnerability	VCID-sw4g-uf26-m3bw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/h2database@1.4.197-4%252Bdeb10u1

url pkg:rpm/redhat/eap7-h2database@1.4.197-2.redhat_00004.1?arch=el7eap

purl pkg:rpm/redhat/eap7-h2database@1.4.197-2.redhat_00004.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5kns-j1rv-9ybf

vulnerability	VCID-sw4g-uf26-m3bw

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-h2database@1.4.197-2.redhat_00004.1%3Farch=el7eap

url pkg:rpm/redhat/eap7-h2database@1.4.197-2.redhat_00004.1?arch=el8eap

purl pkg:rpm/redhat/eap7-h2database@1.4.197-2.redhat_00004.1?arch=el8eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5kns-j1rv-9ybf

vulnerability	VCID-sw4g-uf26-m3bw

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-h2database@1.4.197-2.redhat_00004.1%3Farch=el8eap

url pkg:rpm/redhat/eap7-hal-console@3.2.17-1.Final_redhat_00001.1?arch=el7eap

purl pkg:rpm/redhat/eap7-hal-console@3.2.17-1.Final_redhat_00001.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5kns-j1rv-9ybf

vulnerability	VCID-8n99-buv5-wkes

vulnerability	VCID-d2hp-jmtk-kfb9

vulnerability	VCID-e9hn-47hj-jbbc

vulnerability	VCID-hm4x-n9xk-ckes

vulnerability	VCID-m99z-sjft-8fbs

vulnerability	VCID-nbdw-rgrx-bkeb

vulnerability	VCID-r4xe-h69g-vfhk

vulnerability	VCID-uumb-j4ue-fbfe

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-hal-console@3.2.17-1.Final_redhat_00001.1%3Farch=el7eap

url pkg:rpm/redhat/eap7-jackson-annotations@2.10.4-2.redhat_00004.1?arch=el7eap

purl pkg:rpm/redhat/eap7-jackson-annotations@2.10.4-2.redhat_00004.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5kns-j1rv-9ybf

vulnerability	VCID-8n99-buv5-wkes

vulnerability	VCID-d2hp-jmtk-kfb9

vulnerability	VCID-e9hn-47hj-jbbc

vulnerability	VCID-hm4x-n9xk-ckes

vulnerability	VCID-m99z-sjft-8fbs

vulnerability	VCID-nbdw-rgrx-bkeb

vulnerability	VCID-r4xe-h69g-vfhk

vulnerability	VCID-uumb-j4ue-fbfe

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-annotations@2.10.4-2.redhat_00004.1%3Farch=el7eap

url pkg:rpm/redhat/eap7-jackson-core@2.10.4-2.redhat_00004.1?arch=el7eap

purl pkg:rpm/redhat/eap7-jackson-core@2.10.4-2.redhat_00004.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5kns-j1rv-9ybf

vulnerability	VCID-8n99-buv5-wkes

vulnerability	VCID-d2hp-jmtk-kfb9

vulnerability	VCID-e9hn-47hj-jbbc

vulnerability	VCID-hm4x-n9xk-ckes

vulnerability	VCID-m99z-sjft-8fbs

vulnerability	VCID-nbdw-rgrx-bkeb

vulnerability	VCID-r4xe-h69g-vfhk

vulnerability	VCID-uumb-j4ue-fbfe

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-core@2.10.4-2.redhat_00004.1%3Farch=el7eap

url pkg:rpm/redhat/eap7-jackson-databind@2.10.4-4.redhat_00004.1?arch=el7eap

purl pkg:rpm/redhat/eap7-jackson-databind@2.10.4-4.redhat_00004.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5kns-j1rv-9ybf

vulnerability	VCID-8n99-buv5-wkes

vulnerability	VCID-d2hp-jmtk-kfb9

vulnerability	VCID-e9hn-47hj-jbbc

vulnerability	VCID-hm4x-n9xk-ckes

vulnerability	VCID-m99z-sjft-8fbs

vulnerability	VCID-nbdw-rgrx-bkeb

vulnerability	VCID-r4xe-h69g-vfhk

vulnerability	VCID-r94a-3fq2-efdg

vulnerability	VCID-uumb-j4ue-fbfe

vulnerability	VCID-w1c4-c4xs-yba4

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-databind@2.10.4-4.redhat_00004.1%3Farch=el7eap

url pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.10.4-2.redhat_00004.1?arch=el7eap

purl pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.10.4-2.redhat_00004.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5kns-j1rv-9ybf

vulnerability	VCID-8n99-buv5-wkes

vulnerability	VCID-d2hp-jmtk-kfb9

vulnerability	VCID-e9hn-47hj-jbbc

vulnerability	VCID-hm4x-n9xk-ckes

vulnerability	VCID-m99z-sjft-8fbs

vulnerability	VCID-nbdw-rgrx-bkeb

vulnerability	VCID-r4xe-h69g-vfhk

vulnerability	VCID-uumb-j4ue-fbfe

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.10.4-2.redhat_00004.1%3Farch=el7eap

url pkg:rpm/redhat/eap7-jackson-modules-base@2.10.4-4.redhat_00004.1?arch=el7eap

purl pkg:rpm/redhat/eap7-jackson-modules-base@2.10.4-4.redhat_00004.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5kns-j1rv-9ybf

vulnerability	VCID-8n99-buv5-wkes

vulnerability	VCID-d2hp-jmtk-kfb9

vulnerability	VCID-e9hn-47hj-jbbc

vulnerability	VCID-hm4x-n9xk-ckes

vulnerability	VCID-m99z-sjft-8fbs

vulnerability	VCID-nbdw-rgrx-bkeb

vulnerability	VCID-r4xe-h69g-vfhk

vulnerability	VCID-uumb-j4ue-fbfe

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-modules-base@2.10.4-4.redhat_00004.1%3Farch=el7eap

url pkg:rpm/redhat/eap7-jackson-modules-java8@2.10.4-2.redhat_00004.1?arch=el7eap

purl pkg:rpm/redhat/eap7-jackson-modules-java8@2.10.4-2.redhat_00004.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5kns-j1rv-9ybf

vulnerability	VCID-8n99-buv5-wkes

vulnerability	VCID-az78-umjq-z3bc

vulnerability	VCID-d2hp-jmtk-kfb9

vulnerability	VCID-e9hn-47hj-jbbc

vulnerability	VCID-hm4x-n9xk-ckes

vulnerability	VCID-m99z-sjft-8fbs

vulnerability	VCID-nbdw-rgrx-bkeb

vulnerability	VCID-r4xe-h69g-vfhk

vulnerability	VCID-r94a-3fq2-efdg

vulnerability	VCID-uumb-j4ue-fbfe

vulnerability	VCID-w1c4-c4xs-yba4

vulnerability	VCID-yywj-jh4h-qbhw

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-modules-java8@2.10.4-2.redhat_00004.1%3Farch=el7eap

url pkg:rpm/redhat/eap7-jettison@1.5.2-2.redhat_00002.1?arch=el7eap

purl pkg:rpm/redhat/eap7-jettison@1.5.2-2.redhat_00002.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5kns-j1rv-9ybf

vulnerability	VCID-8n99-buv5-wkes

vulnerability	VCID-d2hp-jmtk-kfb9

vulnerability	VCID-e9hn-47hj-jbbc

vulnerability	VCID-hm4x-n9xk-ckes

vulnerability	VCID-m99z-sjft-8fbs

vulnerability	VCID-nbdw-rgrx-bkeb

vulnerability	VCID-r4xe-h69g-vfhk

vulnerability	VCID-uumb-j4ue-fbfe

vulnerability	VCID-yywj-jh4h-qbhw

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jettison@1.5.2-2.redhat_00002.1%3Farch=el7eap

url pkg:rpm/redhat/eap7-netty@4.1.63-4.Final_redhat_00002.1?arch=el7eap

purl pkg:rpm/redhat/eap7-netty@4.1.63-4.Final_redhat_00002.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5kns-j1rv-9ybf

vulnerability	VCID-8n99-buv5-wkes

vulnerability	VCID-d2hp-jmtk-kfb9

vulnerability	VCID-e9hn-47hj-jbbc

vulnerability	VCID-hm4x-n9xk-ckes

vulnerability	VCID-m99z-sjft-8fbs

vulnerability	VCID-nbdw-rgrx-bkeb

vulnerability	VCID-r4xe-h69g-vfhk

vulnerability	VCID-uumb-j4ue-fbfe

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-netty@4.1.63-4.Final_redhat_00002.1%3Farch=el7eap

url pkg:rpm/redhat/eap7-resteasy@3.11.6-1.Final_redhat_00001.1?arch=el7eap

purl pkg:rpm/redhat/eap7-resteasy@3.11.6-1.Final_redhat_00001.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5kns-j1rv-9ybf

vulnerability	VCID-8n99-buv5-wkes

vulnerability	VCID-az78-umjq-z3bc

vulnerability	VCID-d2hp-jmtk-kfb9

vulnerability	VCID-e9hn-47hj-jbbc

vulnerability	VCID-hm4x-n9xk-ckes

vulnerability	VCID-m99z-sjft-8fbs

vulnerability	VCID-nbdw-rgrx-bkeb

vulnerability	VCID-r4xe-h69g-vfhk

vulnerability	VCID-r94a-3fq2-efdg

vulnerability	VCID-uumb-j4ue-fbfe

vulnerability	VCID-w1c4-c4xs-yba4

vulnerability	VCID-yywj-jh4h-qbhw

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-resteasy@3.11.6-1.Final_redhat_00001.1%3Farch=el7eap

url pkg:rpm/redhat/eap7-snakeyaml@1.33.0-1.SP1_redhat_00001.1?arch=el7eap

purl pkg:rpm/redhat/eap7-snakeyaml@1.33.0-1.SP1_redhat_00001.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5kns-j1rv-9ybf

vulnerability	VCID-8n99-buv5-wkes

vulnerability	VCID-az78-umjq-z3bc

vulnerability	VCID-d2hp-jmtk-kfb9

vulnerability	VCID-e9hn-47hj-jbbc

vulnerability	VCID-hm4x-n9xk-ckes

vulnerability	VCID-m99z-sjft-8fbs

vulnerability	VCID-nbdw-rgrx-bkeb

vulnerability	VCID-r4xe-h69g-vfhk

vulnerability	VCID-uumb-j4ue-fbfe

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-snakeyaml@1.33.0-1.SP1_redhat_00001.1%3Farch=el7eap

url pkg:rpm/redhat/eap7-wildfly@7.3.12-3.GA_redhat_00002.1?arch=el7eap

purl pkg:rpm/redhat/eap7-wildfly@7.3.12-3.GA_redhat_00002.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5kns-j1rv-9ybf

vulnerability	VCID-8n99-buv5-wkes

vulnerability	VCID-d2hp-jmtk-kfb9

vulnerability	VCID-e9hn-47hj-jbbc

vulnerability	VCID-hm4x-n9xk-ckes

vulnerability	VCID-m99z-sjft-8fbs

vulnerability	VCID-nbdw-rgrx-bkeb

vulnerability	VCID-r4xe-h69g-vfhk

vulnerability	VCID-uumb-j4ue-fbfe

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly@7.3.12-3.GA_redhat_00002.1%3Farch=el7eap

url pkg:rpm/redhat/rh-sso7@1-5?arch=el9sso

purl pkg:rpm/redhat/rh-sso7@1-5?arch=el9sso

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3dxq-vw4d-jfhq

vulnerability	VCID-5kns-j1rv-9ybf

vulnerability	VCID-8fr2-v728-cfcc

vulnerability	VCID-8sqn-nkzx-euec

vulnerability	VCID-8ze1-r95u-xbg8

vulnerability	VCID-9evr-uk2w-ayg6

vulnerability	VCID-ag7u-zdts-2qb1

vulnerability	VCID-apmf-stq4-8udt

vulnerability	VCID-c4ms-cx82-n7bm

vulnerability	VCID-r9dc-6tk9-qkeh

vulnerability	VCID-tqvr-tetp-8ugb

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7@1-5%3Farch=el9sso

url pkg:rpm/redhat/rh-sso7-javapackages-tools@6.0.0-7?arch=el9sso

purl pkg:rpm/redhat/rh-sso7-javapackages-tools@6.0.0-7?arch=el9sso

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3dxq-vw4d-jfhq

vulnerability	VCID-5kns-j1rv-9ybf

vulnerability	VCID-8fr2-v728-cfcc

vulnerability	VCID-8sqn-nkzx-euec

vulnerability	VCID-8ze1-r95u-xbg8

vulnerability	VCID-9evr-uk2w-ayg6

vulnerability	VCID-ag7u-zdts-2qb1

vulnerability	VCID-apmf-stq4-8udt

vulnerability	VCID-c4ms-cx82-n7bm

vulnerability	VCID-tqvr-tetp-8ugb

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-javapackages-tools@6.0.0-7%3Farch=el9sso

url pkg:rpm/redhat/rh-sso7-keycloak@15.0.8-1.redhat_00001.1?arch=el7sso

purl pkg:rpm/redhat/rh-sso7-keycloak@15.0.8-1.redhat_00001.1?arch=el7sso

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5kns-j1rv-9ybf

vulnerability	VCID-8fr2-v728-cfcc

vulnerability	VCID-8sqn-nkzx-euec

vulnerability	VCID-8ze1-r95u-xbg8

vulnerability	VCID-9evr-uk2w-ayg6

vulnerability	VCID-ag7u-zdts-2qb1

vulnerability	VCID-apmf-stq4-8udt

vulnerability	VCID-kfxs-f5j7-mfhu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@15.0.8-1.redhat_00001.1%3Farch=el7sso

url pkg:rpm/redhat/rh-sso7-keycloak@15.0.8-1.redhat_00001.1?arch=el8sso

purl pkg:rpm/redhat/rh-sso7-keycloak@15.0.8-1.redhat_00001.1?arch=el8sso

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5kns-j1rv-9ybf

vulnerability	VCID-8fr2-v728-cfcc

vulnerability	VCID-8sqn-nkzx-euec

vulnerability	VCID-8ze1-r95u-xbg8

vulnerability	VCID-9evr-uk2w-ayg6

vulnerability	VCID-ag7u-zdts-2qb1

vulnerability	VCID-apmf-stq4-8udt

vulnerability	VCID-kfxs-f5j7-mfhu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@15.0.8-1.redhat_00001.1%3Farch=el8sso

url pkg:rpm/redhat/rh-sso7-keycloak@18.0.3-1.redhat_00001.1?arch=el9sso

purl pkg:rpm/redhat/rh-sso7-keycloak@18.0.3-1.redhat_00001.1?arch=el9sso

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3dxq-vw4d-jfhq

vulnerability	VCID-5kns-j1rv-9ybf

vulnerability	VCID-8fr2-v728-cfcc

vulnerability	VCID-8sqn-nkzx-euec

vulnerability	VCID-8ze1-r95u-xbg8

vulnerability	VCID-9evr-uk2w-ayg6

vulnerability	VCID-ag7u-zdts-2qb1

vulnerability	VCID-apmf-stq4-8udt

vulnerability	VCID-c4ms-cx82-n7bm

vulnerability	VCID-r9dc-6tk9-qkeh

vulnerability	VCID-tqvr-tetp-8ugb

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@18.0.3-1.redhat_00001.1%3Farch=el9sso

url pkg:rpm/redhat/rh-sso7-keycloak@18.0.3-1.redhat_00001.1?arch=el8sso

purl pkg:rpm/redhat/rh-sso7-keycloak@18.0.3-1.redhat_00001.1?arch=el8sso

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3dxq-vw4d-jfhq

vulnerability	VCID-5kns-j1rv-9ybf

vulnerability	VCID-8fr2-v728-cfcc

vulnerability	VCID-8sqn-nkzx-euec

vulnerability	VCID-8ze1-r95u-xbg8

vulnerability	VCID-9evr-uk2w-ayg6

vulnerability	VCID-ag7u-zdts-2qb1

vulnerability	VCID-apmf-stq4-8udt

vulnerability	VCID-c4ms-cx82-n7bm

vulnerability	VCID-r9dc-6tk9-qkeh

vulnerability	VCID-tqvr-tetp-8ugb

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@18.0.3-1.redhat_00001.1%3Farch=el8sso

url pkg:rpm/redhat/rh-sso7-keycloak@18.0.3-1.redhat_00001.1?arch=el7sso

purl pkg:rpm/redhat/rh-sso7-keycloak@18.0.3-1.redhat_00001.1?arch=el7sso

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3dxq-vw4d-jfhq

vulnerability	VCID-5kns-j1rv-9ybf

vulnerability	VCID-8fr2-v728-cfcc

vulnerability	VCID-8sqn-nkzx-euec

vulnerability	VCID-8ze1-r95u-xbg8

vulnerability	VCID-9evr-uk2w-ayg6

vulnerability	VCID-ag7u-zdts-2qb1

vulnerability	VCID-apmf-stq4-8udt

vulnerability	VCID-c4ms-cx82-n7bm

vulnerability	VCID-r9dc-6tk9-qkeh

vulnerability	VCID-tqvr-tetp-8ugb

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@18.0.3-1.redhat_00001.1%3Farch=el7sso

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42392.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42392.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-42392

reference_id

reference_type

scores

value	0.90592
scoring_system	epss
scoring_elements	0.99632
published_at	2026-06-04T12:55:00Z

value	0.90592
scoring_system	epss
scoring_elements	0.99633
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-42392

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42392
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42392

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23221
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23221

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003894
reference_id	1003894
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003894

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2039403
reference_id	2039403
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2039403

reference_url	https://access.redhat.com/errata/RHSA-2022:1013
reference_id	RHSA-2022:1013
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1013

reference_url	https://access.redhat.com/errata/RHSA-2022:4918
reference_id	RHSA-2022:4918
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4918

reference_url	https://access.redhat.com/errata/RHSA-2022:4919
reference_id	RHSA-2022:4919
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4919

reference_url	https://access.redhat.com/errata/RHSA-2022:4922
reference_id	RHSA-2022:4922
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4922

reference_url	https://access.redhat.com/errata/RHSA-2022:6782
reference_id	RHSA-2022:6782
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6782

reference_url	https://access.redhat.com/errata/RHSA-2022:6783
reference_id	RHSA-2022:6783
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6783

reference_url	https://access.redhat.com/errata/RHSA-2022:6787
reference_id	RHSA-2022:6787
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6787

reference_url	https://access.redhat.com/errata/RHSA-2022:7409
reference_id	RHSA-2022:7409
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7409

reference_url	https://access.redhat.com/errata/RHSA-2022:7410
reference_id	RHSA-2022:7410
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7410

reference_url	https://access.redhat.com/errata/RHSA-2022:7411
reference_id	RHSA-2022:7411
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7411

reference_url	https://access.redhat.com/errata/RHSA-2022:7417
reference_id	RHSA-2022:7417
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7417

reference_url	https://access.redhat.com/errata/RHSA-2025:1747
reference_id	RHSA-2025:1747
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:1747

reference_url	https://usn.ubuntu.com/5365-1/
reference_id	USN-5365-1
reference_type
scores
url	https://usn.ubuntu.com/5365-1/

reference_url	https://usn.ubuntu.com/6834-1/
reference_id	USN-6834-1
reference_type
scores
url	https://usn.ubuntu.com/6834-1/

Weaknesses

cwe_id	502
name	Deserialization of Untrusted Data
description	The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

Exploits

Severity_range_score 9.8 - 9.8

Exploitability 2.0

Weighted_severity 8.8

Risk_score 10.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5kns-j1rv-9ybf

Vulnerability Instance