[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2013-0401":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T20:55:29.923Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":62,"aliases":63,"duplicate_of":9,"upstream":64,"downstream":65,"duplicates":88,"related":89,"reserved_at":9,"published_at":91,"modified_at":92,"state":93,"summary":94,"references_raw":103,"kevs":246,"epss":247,"epss_history":250,"metrics":501,"affected":504},"CVE-2013-0401","The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to execute arbitrary code via vectors related to AWT, as demonstrated by Ben Murphy during a Pwn2Own competition at CanSecWest 2013.  NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to invocation of the system class loader by the sun.awt.datatransfer.ClassLoaderObjectInputStream class, which allows remote attackers to bypass Java sandbox restrictions.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-94","Improper Control of Generation of Code ('Code Injection')","The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.","weakness","Draft","Base","Medium",[20,24,58],{"id":21,"name":22,"techniques":23},"CAPEC-242","Code Injection",[],{"id":25,"name":26,"techniques":27},"CAPEC-35","Leverage Executable Code in Non-Executable Files",[28,39,46],{"id":29,"name":30,"tactics":31,"countermeasures":38},"T1027.006","HTML Smuggling",[32,35],{"id":33,"name":34},"TA0030","Defense Evasion",{"id":36,"name":37},"TA0005","Stealth",[],{"id":40,"name":41,"tactics":42,"countermeasures":45},"T1027.009","Embedded Payloads",[43,44],{"id":33,"name":34},{"id":36,"name":37},[],{"id":47,"name":48,"tactics":49,"countermeasures":52},"T1564.009","Resource Forking",[50,51],{"id":33,"name":34},{"id":36,"name":37},[53],{"id":54,"name":55,"tactic":56},"D3-FFV","File Format Verification",{"name":57},"Isolate",{"id":59,"name":60,"techniques":61},"CAPEC-77","Manipulating User-Controlled Variables",[],[],[],[],[66,68,70,72,74,76,78,80,82,84,86],{"_key":67},"RHSA-2013:0758",{"_key":69},"RHSA-2013:0770",{"_key":71},"OPENSUSE-SU-2024:10534-1",{"_key":73},"RHSA-2013:0751",{"_key":75},"RHSA-2013:0752",{"_key":77},"RHSA-2013:0757",{"_key":79},"RHSA-2013:0822",{"_key":81},"RHSA-2013:0823",{"_key":83},"RHSA-2013:0855",{"_key":85},"RHSA-2013:1455",{"_key":87},"RHSA-2013:1456",[],[90],{"_key":71},"2013-03-08T18:00:00.000Z","2024-08-06T14:25:09.984Z","Modified",{"cisa_kev":95,"cisa_ransomware":95,"cisa_vendor":9,"epss_severity":96,"epss_score":97,"severity":98,"severity_score":99,"severity_version":100,"severity_source":101,"severity_vector":102,"severity_status":93},false,"medium",0.10134,"high",10,"v2.0","nvd","AV:N/AC:L/Au:N/C:C/I:C/A:C",[104,111,116,122,126,131,136,143,148,153,157,161,165,169,173,177,181,185,190,194,198,203,210,214,218,222,226,230,234,238,242],{"url":105,"sources":106,"tags":108},"http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00013.html",[107,101],"cve.org",[109,110],"Vendor Advisory","X Refsource SUSE",{"url":112,"sources":113,"tags":114},"http://security.gentoo.org/glsa/glsa-201406-32.xml",[107,101],[109,115],"X Refsource GENTOO",{"url":117,"sources":118,"tags":119},"http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-April/022796.html",[107,101],[120,121],"Mailing List","X Refsource MLIST",{"url":123,"sources":124,"tags":125},"http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00001.html",[107,101],[109,110],{"url":127,"sources":128,"tags":129},"http://rhn.redhat.com/errata/RHSA-2013-0758.html",[107,101],[109,130],"X Refsource REDHAT",{"url":132,"sources":133,"tags":134},"http://www.mandriva.com/security/advisories?name=MDVSA-2013:145",[107,101],[109,135],"X Refsource MANDRIVA",{"url":137,"sources":138,"tags":139},"http://www.us-cert.gov/ncas/alerts/TA13-107A",[107,101],[140,141,142],"Third Party Advisory","X Refsource CERT","US Government Resource",{"url":144,"sources":145,"tags":146},"http://blog.fuseyism.com/index.php/2013/04/25/security-icedtea-1-11-11-1-12-5-for-openjdk-6-released/",[107,101],[147],"X Refsource CONFIRM",{"url":149,"sources":150,"tags":151},"http://marc.info/?l=bugtraq&m=137283787217316&w=2",[107,101],[109,152],"X Refsource HP",{"url":154,"sources":155,"tags":156},"https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0130",[107,101],[147],{"url":158,"sources":159,"tags":160},"http://rhn.redhat.com/errata/RHSA-2013-1455.html",[107,101],[109,130],{"url":162,"sources":163,"tags":164},"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880",[107,101],[109,152],{"url":166,"sources":167,"tags":168},"http://rhn.redhat.com/errata/RHSA-2013-0757.html",[107,101],[109,130],{"url":170,"sources":171,"tags":172},"https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0124",[107,101],[147],{"url":174,"sources":175,"tags":176},"http://lists.opensuse.org/opensuse-updates/2013-05/msg00017.html",[107,101],[109,110],{"url":178,"sources":179,"tags":180},"http://www.mandriva.com/security/advisories?name=MDVSA-2013:161",[107,101],[109,135],{"url":182,"sources":183,"tags":184},"http://lists.opensuse.org/opensuse-updates/2013-06/msg00099.html",[107,101],[109,110],{"url":186,"sources":187,"tags":188},"http://www.zdnet.com/pwn2own-down-go-all-the-browsers-7000012283/",[107,101],[189],"X Refsource MISC",{"url":191,"sources":192,"tags":193},"http://rhn.redhat.com/errata/RHSA-2013-0752.html",[107,101],[109,130],{"url":195,"sources":196,"tags":197},"https://twitter.com/thezdi/status/309784608508100608",[107,101],[189],{"url":199,"sources":200,"tags":201},"http://www.ubuntu.com/usn/USN-1806-1",[107,101],[109,202],"X Refsource UBUNTU",{"url":204,"sources":205,"tags":206},"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16297",[107,101],[207,208,209],"VDB Entry","Signature","X Refsource OVAL",{"url":211,"sources":212,"tags":213},"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19641",[107,101],[207,208,209],{"url":215,"sources":216,"tags":217},"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19463",[107,101],[207,208,209],{"url":219,"sources":220,"tags":221},"https://bugzilla.redhat.com/show_bug.cgi?id=920245",[107,101],[189],{"url":223,"sources":224,"tags":225},"http://rhn.redhat.com/errata/RHSA-2013-1456.html",[107,101],[109,130],{"url":227,"sources":228,"tags":229},"http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00007.html",[107,101],[109,110],{"url":231,"sources":232,"tags":233},"http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/31c782610044",[107,101],[189],{"url":235,"sources":236,"tags":237},"http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html",[107,101],[147],{"url":239,"sources":240,"tags":241},"http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released/",[107,101],[147],{"url":243,"sources":244,"tags":245},"http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Pwn2Own-2013/ba-p/5981157",[107,101],[189],[],{"date":248,"score":97,"percentile":249},"2026-06-04",0.93237,[251,255,258,261,264,267,270,272,275,278,281,284,286,289,292,295,298,301,304,306,309,312,315,317,319,322,325,327,330,333,336,338,341,343,346,349,352,355,358,361,363,366,369,372,375,378,381,384,386,388,391,393,396,399,402,405,408,411,413,416,419,422,424,426,428,431,434,437,439,441,444,446,449,452,455,458,461,464,467,470,473,476,479,482,485,488,491,494,496,498],{"date":252,"score":253,"percentile":254},"2025-11-04",0.1295,0.93752,{"date":256,"score":253,"percentile":257},"2025-11-05",0.93751,{"date":259,"score":253,"percentile":260},"2025-11-06",0.93755,{"date":262,"score":253,"percentile":263},"2025-11-07",0.93758,{"date":265,"score":253,"percentile":266},"2025-11-08",0.9376,{"date":268,"score":253,"percentile":269},"2025-11-09",0.93759,{"date":271,"score":253,"percentile":266},"2025-11-10",{"date":273,"score":253,"percentile":274},"2025-11-11",0.93762,{"date":276,"score":253,"percentile":277},"2025-11-12",0.93768,{"date":279,"score":253,"percentile":280},"2025-11-13",0.93769,{"date":282,"score":253,"percentile":283},"2025-11-14",0.93772,{"date":285,"score":253,"percentile":280},"2025-11-15",{"date":287,"score":253,"percentile":288},"2025-11-16",0.93773,{"date":290,"score":253,"percentile":291},"2025-11-17",0.93771,{"date":293,"score":253,"percentile":294},"2025-11-18",0.93403,{"date":296,"score":253,"percentile":297},"2025-11-19",0.93406,{"date":299,"score":253,"percentile":300},"2025-11-20",0.93413,{"date":302,"score":253,"percentile":303},"2025-11-21",0.9378,{"date":305,"score":253,"percentile":303},"2025-11-22",{"date":307,"score":253,"percentile":308},"2025-11-23",0.93786,{"date":310,"score":253,"percentile":311},"2025-11-24",0.93789,{"date":313,"score":253,"percentile":314},"2025-11-25",0.9379,{"date":316,"score":253,"percentile":311},"2025-11-26",{"date":318,"score":253,"percentile":314},"2025-11-27",{"date":320,"score":253,"percentile":321},"2025-11-28",0.93783,{"date":323,"score":253,"percentile":324},"2025-11-29",0.93788,{"date":326,"score":253,"percentile":324},"2025-11-30",{"date":328,"score":253,"percentile":329},"2025-12-01",0.93832,{"date":331,"score":253,"percentile":332},"2025-12-02",0.93834,{"date":334,"score":253,"percentile":335},"2025-12-03",0.93835,{"date":337,"score":253,"percentile":324},"2025-12-04",{"date":339,"score":253,"percentile":340},"2025-12-05",0.93792,{"date":342,"score":253,"percentile":340},"2025-12-06",{"date":344,"score":253,"percentile":345},"2025-12-07",0.93791,{"date":347,"score":253,"percentile":348},"2025-12-08",0.93793,{"date":350,"score":253,"percentile":351},"2025-12-09",0.93798,{"date":353,"score":253,"percentile":354},"2025-12-10",0.93804,{"date":356,"score":253,"percentile":357},"2025-12-11",0.93808,{"date":359,"score":253,"percentile":360},"2025-12-12",0.93809,{"date":362,"score":253,"percentile":357},"2025-12-13",{"date":364,"score":253,"percentile":365},"2025-12-14",0.93807,{"date":367,"score":253,"percentile":368},"2025-12-15",0.9381,{"date":370,"score":253,"percentile":371},"2025-12-16",0.93813,{"date":373,"score":253,"percentile":374},"2025-12-17",0.93818,{"date":376,"score":253,"percentile":377},"2025-12-18",0.93822,{"date":379,"score":253,"percentile":380},"2025-12-19",0.93821,{"date":382,"score":253,"percentile":383},"2025-12-20",0.9382,{"date":385,"score":253,"percentile":380},"2025-12-21",{"date":387,"score":253,"percentile":383},"2025-12-22",{"date":389,"score":253,"percentile":390},"2025-12-23",0.93819,{"date":392,"score":253,"percentile":377},"2025-12-24",{"date":394,"score":253,"percentile":395},"2025-12-25",0.93831,{"date":397,"score":253,"percentile":398},"2025-12-26",0.93829,{"date":400,"score":253,"percentile":401},"2025-12-27",0.93877,{"date":403,"score":253,"percentile":404},"2025-12-28",0.93825,{"date":406,"score":253,"percentile":407},"2025-12-29",0.93823,{"date":409,"score":253,"percentile":410},"2025-12-30",0.93826,{"date":412,"score":253,"percentile":395},"2025-12-31",{"date":414,"score":253,"percentile":415},"2026-01-01",0.93874,{"date":417,"score":253,"percentile":418},"2026-01-02",0.93869,{"date":420,"score":253,"percentile":421},"2026-01-03",0.93867,{"date":423,"score":253,"percentile":410},"2026-01-04",{"date":425,"score":253,"percentile":407},"2026-01-05",{"date":427,"score":253,"percentile":407},"2026-01-06",{"date":429,"score":253,"percentile":430},"2026-01-07",0.93824,{"date":432,"score":253,"percentile":433},"2026-01-08",0.93827,{"date":435,"score":253,"percentile":436},"2026-01-09",0.9383,{"date":438,"score":253,"percentile":329},"2026-01-10",{"date":440,"score":253,"percentile":436},"2026-01-11",{"date":442,"score":253,"percentile":443},"2026-01-12",0.93828,{"date":445,"score":253,"percentile":443},"2026-01-13",{"date":447,"score":253,"percentile":448},"2026-01-14",0.93837,{"date":450,"score":253,"percentile":451},"2026-01-15",0.93838,{"date":453,"score":253,"percentile":454},"2026-01-16",0.93842,{"date":456,"score":253,"percentile":457},"2026-01-17",0.93847,{"date":459,"score":253,"percentile":460},"2026-01-18",0.93843,{"date":462,"score":97,"percentile":463},"2026-01-19",0.92879,{"date":465,"score":97,"percentile":466},"2026-01-20",0.92881,{"date":468,"score":97,"percentile":469},"2026-01-21",0.92887,{"date":471,"score":97,"percentile":472},"2026-01-22",0.92891,{"date":474,"score":97,"percentile":475},"2026-01-23",0.92895,{"date":477,"score":97,"percentile":478},"2026-01-24",0.929,{"date":480,"score":97,"percentile":481},"2026-01-25",0.92901,{"date":483,"score":97,"percentile":484},"2026-01-26",0.92902,{"date":486,"score":97,"percentile":487},"2026-01-27",0.92906,{"date":489,"score":97,"percentile":490},"2026-01-28",0.92908,{"date":492,"score":97,"percentile":493},"2026-01-29",0.92907,{"date":495,"score":97,"percentile":493},"2026-01-30",{"date":497,"score":97,"percentile":490},"2026-01-31",{"date":499,"score":97,"percentile":500},"2026-02-01",0.92947,[502],{"source":101,"cvss_v2_0":503,"cvss_v3_0":9,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":99,"baseSeverity":9,"vectorString":102,"impactScore":99,"exploitabilityScore":99},[505,513],{"ecosystem":9,"name":506,"vendor":507,"product":506,"cpe_part":508,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":509},"jdk","oracle","a",[510],{"version":511,"is_range":95,"range_type":512,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.7.0:update17","cpe",{"ecosystem":9,"name":514,"vendor":507,"product":514,"cpe_part":508,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":515},"jre",[516],{"version":511,"is_range":95,"range_type":512,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9}]