Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-std1-uc1d-cyg6
Vulnerability ID VCID-std1-uc1d-cyg6
Aliases CVE-2021-29506
GHSA-hf44-3mx6-vhhw
Summary
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-400 Uncontrolled Resource Consumption
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
epss 0.00376 https://api.first.org/data/v1/epss?cve=CVE-2021-29506
cvssv3.1 6.5 https://github.com/graphhopper/graphhopper/commit/eb189be1fa7443ebf4ae881e737a18f818c95f41
generic_textual MODERATE https://github.com/graphhopper/graphhopper/commit/eb189be1fa7443ebf4ae881e737a18f818c95f41
cvssv3.1 6.5 https://github.com/graphhopper/graphhopper/pull/2304
generic_textual MODERATE https://github.com/graphhopper/graphhopper/pull/2304
cvssv3.1 6.5 https://github.com/graphhopper/graphhopper/security/advisories/GHSA-hf44-3mx6-vhhw
generic_textual MODERATE https://github.com/graphhopper/graphhopper/security/advisories/GHSA-hf44-3mx6-vhhw
cvssv3.1 6.5 https://nvd.nist.gov/vuln/detail/CVE-2021-29506
generic_textual MODERATE https://nvd.nist.gov/vuln/detail/CVE-2021-29506
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2021-29506
https://github.com/graphhopper/graphhopper/commit/eb189be1fa7443ebf4ae881e737a18f818c95f41
https://github.com/graphhopper/graphhopper/pull/2304
https://github.com/graphhopper/graphhopper/security/advisories/GHSA-hf44-3mx6-vhhw
https://nvd.nist.gov/vuln/detail/CVE-2021-29506
GHSA-hf44-3mx6-vhhw https://github.com/advisories/GHSA-hf44-3mx6-vhhw
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/graphhopper/graphhopper/commit/eb189be1fa7443ebf4ae881e737a18f818c95f41
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/graphhopper/graphhopper/pull/2304
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/graphhopper/graphhopper/security/advisories/GHSA-hf44-3mx6-vhhw
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2021-29506
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.59593
EPSS Score 0.00376
Published At June 11, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-12T02:00:16.703868+00:00 EPSS Importer Import https://epss.cyentia.com/epss_scores-current.csv.gz 38.6.0