Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/103191?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/103191?format=api", "purl": "pkg:rpm/redhat/eap7-mod_cluster@1.4.1-1.Final_redhat_00001.1?arch=el7eap", "type": "rpm", "namespace": "redhat", "name": "eap7-mod_cluster", "version": "1.4.1-1.Final_redhat_00001.1", "qualifiers": { "arch": "el7eap" }, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33846?format=api", "vulnerability_id": "VCID-5ske-cfcx-6fbw", "summary": "Denial of Service in Cryptacular\nCiphertextHeader.java in Cryptacular before 1.2.4, as used in Apereo CAS and other products, allows attackers to trigger excessive memory allocation during a decode operation, because the nonce array length associated with "new byte" may depend on untrusted input within the header of encoded data.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7226.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7226.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-7226", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03282", "scoring_system": "epss", "scoring_elements": "0.87181", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03282", "scoring_system": "epss", "scoring_elements": "0.87185", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03282", "scoring_system": "epss", "scoring_elements": "0.87192", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03282", "scoring_system": "epss", "scoring_elements": "0.87178", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03282", "scoring_system": "epss", "scoring_elements": "0.8717", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03282", "scoring_system": "epss", "scoring_elements": "0.8715", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03282", "scoring_system": "epss", "scoring_elements": "0.87126", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03282", "scoring_system": "epss", "scoring_elements": "0.87154", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03282", "scoring_system": "epss", "scoring_elements": "0.87137", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-7226" }, { "reference_url": "https://github.com/apereo/cas/commit/8810f2b6c71d73341d4dde6b09a18eb46cfd6d45", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apereo/cas/commit/8810f2b6c71d73341d4dde6b09a18eb46cfd6d45" }, { "reference_url": "https://github.com/apereo/cas/commit/93b1c3e9d90e36a19d0fa0f6efb863c6f0235e75", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apereo/cas/commit/93b1c3e9d90e36a19d0fa0f6efb863c6f0235e75" }, { "reference_url": "https://github.com/apereo/cas/commit/a042808d6adbbf44753d52c55cac5f533e24101f", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apereo/cas/commit/a042808d6adbbf44753d52c55cac5f533e24101f" }, { "reference_url": "https://github.com/apereo/cas/pull/4685", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apereo/cas/pull/4685" }, { "reference_url": "https://github.com/vt-middleware/cryptacular", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/vt-middleware/cryptacular" }, { "reference_url": "https://github.com/vt-middleware/cryptacular/blob/fafccd07ab1214e3588a35afe3c361519129605f/src/main/java/org/cryptacular/CiphertextHeader.java#L153", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/vt-middleware/cryptacular/blob/fafccd07ab1214e3588a35afe3c361519129605f/src/main/java/org/cryptacular/CiphertextHeader.java#L153" }, { "reference_url": "https://github.com/vt-middleware/cryptacular/blob/master/src/main/java/org/cryptacular/CiphertextHeader.java#L153", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/vt-middleware/cryptacular/blob/master/src/main/java/org/cryptacular/CiphertextHeader.java#L153" }, { "reference_url": "https://github.com/vt-middleware/cryptacular/commit/311baf12252abf21947afd07bf0a0291ec3ec796", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/vt-middleware/cryptacular/commit/311baf12252abf21947afd07bf0a0291ec3ec796" }, { "reference_url": "https://github.com/vt-middleware/cryptacular/commit/ec2fb65f2455c479376695e3d75d30c7f6884b3f", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/vt-middleware/cryptacular/commit/ec2fb65f2455c479376695e3d75d30c7f6884b3f" }, { "reference_url": "https://github.com/vt-middleware/cryptacular/issues/52", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/vt-middleware/cryptacular/issues/52" }, { "reference_url": "https://github.com/vt-middleware/cryptacular/pull/56", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/vt-middleware/cryptacular/pull/56" }, { "reference_url": "https://lists.apache.org/thread.html/r0847c7eb78c8f9e87d5b841fbd5da52b2ad4b4345e04b51c30621d88@%3Ccommits.tomee.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r0847c7eb78c8f9e87d5b841fbd5da52b2ad4b4345e04b51c30621d88@%3Ccommits.tomee.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r209de85beae4d257d27fc577e3a3e97039bdb4c2dc6f4a8e5a5a5811@%3Ccommits.tomee.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r209de85beae4d257d27fc577e3a3e97039bdb4c2dc6f4a8e5a5a5811@%3Ccommits.tomee.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r2237a27040b57adc2fcc5570bd530ad2038e67fcb2a3ce65283d3143@%3Ccommits.tomee.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r2237a27040b57adc2fcc5570bd530ad2038e67fcb2a3ce65283d3143@%3Ccommits.tomee.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r380781f5b489cb3c818536cd3b3757e806bfe0bca188591e0051ac03@%3Ccommits.ws.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r380781f5b489cb3c818536cd3b3757e806bfe0bca188591e0051ac03@%3Ccommits.ws.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r4a62133ad01d5f963755021027a4cce23f76b8674a13860d2978c7c8@%3Ccommits.tomee.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r4a62133ad01d5f963755021027a4cce23f76b8674a13860d2978c7c8@%3Ccommits.tomee.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r77c48cd851f60833df9a9c9c31f12243508e15d1b2a0961066d44fc6@%3Ccommits.tomee.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r77c48cd851f60833df9a9c9c31f12243508e15d1b2a0961066d44fc6@%3Ccommits.tomee.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rc36b75cabb4d700b48035d15ad8b8c2712bb32123572a1bdaec2510a@%3Cdev.ws.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rc36b75cabb4d700b48035d15ad8b8c2712bb32123572a1bdaec2510a@%3Cdev.ws.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re04e4f8f0d095387fb6b0ff9016a0af8c93f42e1de93b09298bfa547@%3Ccommits.ws.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/re04e4f8f0d095387fb6b0ff9016a0af8c93f42e1de93b09298bfa547@%3Ccommits.ws.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re7f46c4cc29a4616e0aa669c84a0eb34832e83a8eef05189e2e59b44@%3Cdev.ws.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/re7f46c4cc29a4616e0aa669c84a0eb34832e83a8eef05189e2e59b44@%3Cdev.ws.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rfa4647c58e375996e62a9094bffff6dc350ec311ba955b430e738945@%3Cdev.ws.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rfa4647c58e375996e62a9094bffff6dc350ec311ba955b430e738945@%3Cdev.ws.apache.org%3E" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7226", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7226" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1801380", "reference_id": "1801380", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1801380" }, { "reference_url": "https://github.com/advisories/GHSA-x64g-4xx9-fh6x", "reference_id": "GHSA-x64g-4xx9-fh6x", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-x64g-4xx9-fh6x" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2058", "reference_id": "RHSA-2020:2058", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2058" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2059", "reference_id": "RHSA-2020:2059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2060", "reference_id": "RHSA-2020:2060", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2060" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2061", "reference_id": "RHSA-2020:2061", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2061" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2112", "reference_id": "RHSA-2020:2112", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2112" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2511", "reference_id": "RHSA-2020:2511", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2511" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2512", "reference_id": "RHSA-2020:2512", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2512" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2513", "reference_id": "RHSA-2020:2513", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2513" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2515", "reference_id": "RHSA-2020:2515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5568", "reference_id": "RHSA-2020:5568", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5568" } ], "fixed_packages": [], "aliases": [ "CVE-2020-7226", "GHSA-x64g-4xx9-fh6x" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5ske-cfcx-6fbw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33316?format=api", "vulnerability_id": "VCID-7x9r-v8nm-nbf7", "summary": "Improper Restriction of XML External Entity Reference in jackson-mapper-asl\nA flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries. XML external entity vulnerabilities similar to CVE-2016-3720 also affects codehaus jackson-mapper-asl libraries but in different classes.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10172.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10172.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10172", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68344", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68377", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.6839", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68363", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68347", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68296", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68319", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68299", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68279", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10172" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10172", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10172" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10172", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10172" }, { "reference_url": "https://lists.apache.org/thread.html/r0066c1e862613de402fee04e81cbe00bcd64b64a2711beb9a13c3b25@%3Ccommits.cassandra.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r0066c1e862613de402fee04e81cbe00bcd64b64a2711beb9a13c3b25@%3Ccommits.cassandra.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r0066c1e862613de402fee04e81cbe00bcd64b64a2711beb9a13c3b25%40%3Ccommits.cassandra.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r0066c1e862613de402fee04e81cbe00bcd64b64a2711beb9a13c3b25%40%3Ccommits.cassandra.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r04ecadefb27cda84b699130b11b96427f1d8a7a4066d8292f7f15ed8@%3Ccommon-issues.hadoop.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r04ecadefb27cda84b699130b11b96427f1d8a7a4066d8292f7f15ed8@%3Ccommon-issues.hadoop.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r04ecadefb27cda84b699130b11b96427f1d8a7a4066d8292f7f15ed8%40%3Ccommon-issues.hadoop.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r04ecadefb27cda84b699130b11b96427f1d8a7a4066d8292f7f15ed8%40%3Ccommon-issues.hadoop.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r08e1b73fabd986dcd2ddd7d09480504d1472264bed2f19b1d2002a9c@%3Ccommon-issues.hadoop.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r08e1b73fabd986dcd2ddd7d09480504d1472264bed2f19b1d2002a9c@%3Ccommon-issues.hadoop.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r08e1b73fabd986dcd2ddd7d09480504d1472264bed2f19b1d2002a9c%40%3Ccommon-issues.hadoop.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r08e1b73fabd986dcd2ddd7d09480504d1472264bed2f19b1d2002a9c%40%3Ccommon-issues.hadoop.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r0d8c3e32a0a2d8a0b6118f5b3487d363afdda80c996d7b930097383d@%3Ccommon-issues.hadoop.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r0d8c3e32a0a2d8a0b6118f5b3487d363afdda80c996d7b930097383d@%3Ccommon-issues.hadoop.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r0d8c3e32a0a2d8a0b6118f5b3487d363afdda80c996d7b930097383d%40%3Ccommon-issues.hadoop.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r0d8c3e32a0a2d8a0b6118f5b3487d363afdda80c996d7b930097383d%40%3Ccommon-issues.hadoop.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r0fbf2c60967bc9f73d7f5a62ad3b955789f9a14b950f42e99fca9b4e@%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r0fbf2c60967bc9f73d7f5a62ad3b955789f9a14b950f42e99fca9b4e@%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r0fbf2c60967bc9f73d7f5a62ad3b955789f9a14b950f42e99fca9b4e%40%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r0fbf2c60967bc9f73d7f5a62ad3b955789f9a14b950f42e99fca9b4e%40%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r1cc8bce2cf3dfce08a64c4fa20bf38d33b56ad995cee2e382f522f83@%3Ccommon-issues.hadoop.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r1cc8bce2cf3dfce08a64c4fa20bf38d33b56ad995cee2e382f522f83@%3Ccommon-issues.hadoop.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r1cc8bce2cf3dfce08a64c4fa20bf38d33b56ad995cee2e382f522f83%40%3Ccommon-issues.hadoop.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r1cc8bce2cf3dfce08a64c4fa20bf38d33b56ad995cee2e382f522f83%40%3Ccommon-issues.hadoop.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r1edabcfacdad42d3c830464e9cf07a9a489059a7b7a8642cf055542d@%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r1edabcfacdad42d3c830464e9cf07a9a489059a7b7a8642cf055542d@%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r1edabcfacdad42d3c830464e9cf07a9a489059a7b7a8642cf055542d%40%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r1edabcfacdad42d3c830464e9cf07a9a489059a7b7a8642cf055542d%40%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r1f07e61b3ebabd3e5b4aa97bf1b26d98b793fdfa29a23dac60633f55@%3Ccommon-issues.hadoop.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r1f07e61b3ebabd3e5b4aa97bf1b26d98b793fdfa29a23dac60633f55@%3Ccommon-issues.hadoop.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r1f07e61b3ebabd3e5b4aa97bf1b26d98b793fdfa29a23dac60633f55%40%3Ccommon-issues.hadoop.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r1f07e61b3ebabd3e5b4aa97bf1b26d98b793fdfa29a23dac60633f55%40%3Ccommon-issues.hadoop.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r21ac3570ce865b8f1e5d26e492aeb714a6aaa53a0c9a6f72ef181556@%3Ccommits.cassandra.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r21ac3570ce865b8f1e5d26e492aeb714a6aaa53a0c9a6f72ef181556@%3Ccommits.cassandra.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r21ac3570ce865b8f1e5d26e492aeb714a6aaa53a0c9a6f72ef181556%40%3Ccommits.cassandra.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r21ac3570ce865b8f1e5d26e492aeb714a6aaa53a0c9a6f72ef181556%40%3Ccommits.cassandra.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r25e25973e9577c62fd0221b4b52990851adf11cbe33036bd67d4b13d@%3Ccommits.cassandra.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r25e25973e9577c62fd0221b4b52990851adf11cbe33036bd67d4b13d@%3Ccommits.cassandra.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r25e25973e9577c62fd0221b4b52990851adf11cbe33036bd67d4b13d%40%3Ccommits.cassandra.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r25e25973e9577c62fd0221b4b52990851adf11cbe33036bd67d4b13d%40%3Ccommits.cassandra.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r33d25a342af84102903cd9dec8338a5bcba3ecfce10505bdfe793b92@%3Ccommon-issues.hadoop.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r33d25a342af84102903cd9dec8338a5bcba3ecfce10505bdfe793b92@%3Ccommon-issues.hadoop.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r33d25a342af84102903cd9dec8338a5bcba3ecfce10505bdfe793b92%40%3Ccommon-issues.hadoop.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r33d25a342af84102903cd9dec8338a5bcba3ecfce10505bdfe793b92%40%3Ccommon-issues.hadoop.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r356592d9874ab4bc9da4754592f8aa6edc894c95e17e58484bc2af7a@%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r356592d9874ab4bc9da4754592f8aa6edc894c95e17e58484bc2af7a@%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r356592d9874ab4bc9da4754592f8aa6edc894c95e17e58484bc2af7a%40%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r356592d9874ab4bc9da4754592f8aa6edc894c95e17e58484bc2af7a%40%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r37eb6579fa0bf94a72b6c978e2fee96f68a2b1b3ac1b1ce60aee86cf@%3Ccommits.cassandra.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r37eb6579fa0bf94a72b6c978e2fee96f68a2b1b3ac1b1ce60aee86cf@%3Ccommits.cassandra.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r37eb6579fa0bf94a72b6c978e2fee96f68a2b1b3ac1b1ce60aee86cf%40%3Ccommits.cassandra.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r37eb6579fa0bf94a72b6c978e2fee96f68a2b1b3ac1b1ce60aee86cf%40%3Ccommits.cassandra.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r385c35a7c6f4acaacf37fe22922bb8e2aed9d322d0fa6dc1d45acddb@%3Ccommits.cassandra.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r385c35a7c6f4acaacf37fe22922bb8e2aed9d322d0fa6dc1d45acddb@%3Ccommits.cassandra.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r385c35a7c6f4acaacf37fe22922bb8e2aed9d322d0fa6dc1d45acddb%40%3Ccommits.cassandra.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r385c35a7c6f4acaacf37fe22922bb8e2aed9d322d0fa6dc1d45acddb%40%3Ccommits.cassandra.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r386966780034aadee69ffd82d44555117c9339545b9ce990fe490a3e@%3Ccommits.cassandra.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r386966780034aadee69ffd82d44555117c9339545b9ce990fe490a3e@%3Ccommits.cassandra.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r386966780034aadee69ffd82d44555117c9339545b9ce990fe490a3e%40%3Ccommits.cassandra.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r386966780034aadee69ffd82d44555117c9339545b9ce990fe490a3e%40%3Ccommits.cassandra.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r4176155240cdc36aad7869932d9c29551742c7fa630f209fb4a8e649@%3Ccommon-issues.hadoop.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r4176155240cdc36aad7869932d9c29551742c7fa630f209fb4a8e649@%3Ccommon-issues.hadoop.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r4176155240cdc36aad7869932d9c29551742c7fa630f209fb4a8e649%40%3Ccommon-issues.hadoop.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r4176155240cdc36aad7869932d9c29551742c7fa630f209fb4a8e649%40%3Ccommon-issues.hadoop.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r43c6f75d203b8afc4fbd6c3200db0384a18a11c59d085b1a9bb0ccfe@%3Cuser.hadoop.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r43c6f75d203b8afc4fbd6c3200db0384a18a11c59d085b1a9bb0ccfe@%3Cuser.hadoop.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r43c6f75d203b8afc4fbd6c3200db0384a18a11c59d085b1a9bb0ccfe%40%3Cuser.hadoop.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r43c6f75d203b8afc4fbd6c3200db0384a18a11c59d085b1a9bb0ccfe%40%3Cuser.hadoop.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r48a32f2dd6976d33f7a12b7e09ec7ea1895f8facba82b565587c28ac@%3Ccommon-issues.hadoop.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r48a32f2dd6976d33f7a12b7e09ec7ea1895f8facba82b565587c28ac@%3Ccommon-issues.hadoop.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r48a32f2dd6976d33f7a12b7e09ec7ea1895f8facba82b565587c28ac%40%3Ccommon-issues.hadoop.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r48a32f2dd6976d33f7a12b7e09ec7ea1895f8facba82b565587c28ac%40%3Ccommon-issues.hadoop.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r4bbfa1439d7a4e1712e260bfc3d90f7cf997abfd641cccde6432d4ab@%3Ccommits.cassandra.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r4bbfa1439d7a4e1712e260bfc3d90f7cf997abfd641cccde6432d4ab@%3Ccommits.cassandra.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r4bbfa1439d7a4e1712e260bfc3d90f7cf997abfd641cccde6432d4ab%40%3Ccommits.cassandra.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r4bbfa1439d7a4e1712e260bfc3d90f7cf997abfd641cccde6432d4ab%40%3Ccommits.cassandra.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r500867b74f42230a3d65b8aec31fc93ac390eeae737c91a759ab94cb@%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r500867b74f42230a3d65b8aec31fc93ac390eeae737c91a759ab94cb@%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r500867b74f42230a3d65b8aec31fc93ac390eeae737c91a759ab94cb%40%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r500867b74f42230a3d65b8aec31fc93ac390eeae737c91a759ab94cb%40%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r5f16a1bd31a7e94ca78eda686179930781aa3a4a990cd55986703581@%3Cdev.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r5f16a1bd31a7e94ca78eda686179930781aa3a4a990cd55986703581@%3Cdev.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r5f16a1bd31a7e94ca78eda686179930781aa3a4a990cd55986703581%40%3Cdev.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r5f16a1bd31a7e94ca78eda686179930781aa3a4a990cd55986703581%40%3Cdev.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r634468eb3218ab02713128ff6f4818c618622b2b3de4d958138dde49@%3Ccommits.cassandra.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r634468eb3218ab02713128ff6f4818c618622b2b3de4d958138dde49@%3Ccommits.cassandra.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r634468eb3218ab02713128ff6f4818c618622b2b3de4d958138dde49%40%3Ccommits.cassandra.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r634468eb3218ab02713128ff6f4818c618622b2b3de4d958138dde49%40%3Ccommits.cassandra.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r68acf97f4526ba59a33cc6e592261ea4f85d890f99e79c82d57dd589@%3Cissues.spark.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r68acf97f4526ba59a33cc6e592261ea4f85d890f99e79c82d57dd589@%3Cissues.spark.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r68acf97f4526ba59a33cc6e592261ea4f85d890f99e79c82d57dd589%40%3Cissues.spark.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r68acf97f4526ba59a33cc6e592261ea4f85d890f99e79c82d57dd589%40%3Cissues.spark.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r6dea2a887f5eb1d68f124d64b14cd1a04f682f06de8cd01b7e4214e0@%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r6dea2a887f5eb1d68f124d64b14cd1a04f682f06de8cd01b7e4214e0@%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r6dea2a887f5eb1d68f124d64b14cd1a04f682f06de8cd01b7e4214e0%40%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r6dea2a887f5eb1d68f124d64b14cd1a04f682f06de8cd01b7e4214e0%40%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r80e8882c86c9c17a57396a5ef7c4f08878d629a0291243411be0de3a@%3Ccommits.cassandra.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r80e8882c86c9c17a57396a5ef7c4f08878d629a0291243411be0de3a@%3Ccommits.cassandra.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r80e8882c86c9c17a57396a5ef7c4f08878d629a0291243411be0de3a%40%3Ccommits.cassandra.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r80e8882c86c9c17a57396a5ef7c4f08878d629a0291243411be0de3a%40%3Ccommits.cassandra.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ra37700b842790883b9082e6b281fb7596f571b13078a4856cd38f2c2@%3Ccommits.cassandra.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/ra37700b842790883b9082e6b281fb7596f571b13078a4856cd38f2c2@%3Ccommits.cassandra.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ra37700b842790883b9082e6b281fb7596f571b13078a4856cd38f2c2%40%3Ccommits.cassandra.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/ra37700b842790883b9082e6b281fb7596f571b13078a4856cd38f2c2%40%3Ccommits.cassandra.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb036bf32e4dacc49335e3bdc1be8e53d6f54df692ac8e2251a6884bd@%3Ccommon-issues.hadoop.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rb036bf32e4dacc49335e3bdc1be8e53d6f54df692ac8e2251a6884bd@%3Ccommon-issues.hadoop.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb036bf32e4dacc49335e3bdc1be8e53d6f54df692ac8e2251a6884bd%40%3Ccommon-issues.hadoop.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rb036bf32e4dacc49335e3bdc1be8e53d6f54df692ac8e2251a6884bd%40%3Ccommon-issues.hadoop.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb47911c179c9f3e8ea3f134b5645e63cd20c6fc63bd0b43ab5864bd1@%3Ccommits.cassandra.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rb47911c179c9f3e8ea3f134b5645e63cd20c6fc63bd0b43ab5864bd1@%3Ccommits.cassandra.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb47911c179c9f3e8ea3f134b5645e63cd20c6fc63bd0b43ab5864bd1%40%3Ccommits.cassandra.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rb47911c179c9f3e8ea3f134b5645e63cd20c6fc63bd0b43ab5864bd1%40%3Ccommits.cassandra.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb8c09b14fd57d855dc21e0a037dc29258c2cbe9c1966bfff453a02e4@%3Ccommon-issues.hadoop.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rb8c09b14fd57d855dc21e0a037dc29258c2cbe9c1966bfff453a02e4@%3Ccommon-issues.hadoop.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb8c09b14fd57d855dc21e0a037dc29258c2cbe9c1966bfff453a02e4%40%3Ccommon-issues.hadoop.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rb8c09b14fd57d855dc21e0a037dc29258c2cbe9c1966bfff453a02e4%40%3Ccommon-issues.hadoop.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rce00a1c60f7df4b10e72fa87827c102f55b074bb91993631df2c21f9@%3Cdev.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rce00a1c60f7df4b10e72fa87827c102f55b074bb91993631df2c21f9@%3Cdev.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rce00a1c60f7df4b10e72fa87827c102f55b074bb91993631df2c21f9%40%3Cdev.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rce00a1c60f7df4b10e72fa87827c102f55b074bb91993631df2c21f9%40%3Cdev.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd27730cfc3066dfcf15927c8e800603728d5dedf17eee1f8c6e3507c@%3Ccommon-issues.hadoop.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rd27730cfc3066dfcf15927c8e800603728d5dedf17eee1f8c6e3507c@%3Ccommon-issues.hadoop.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd27730cfc3066dfcf15927c8e800603728d5dedf17eee1f8c6e3507c%40%3Ccommon-issues.hadoop.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rd27730cfc3066dfcf15927c8e800603728d5dedf17eee1f8c6e3507c%40%3Ccommon-issues.hadoop.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd3a34d663e2a25b9ab1e8a1a94712cd5f100f098578aec79af48161e@%3Ccommon-dev.hadoop.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rd3a34d663e2a25b9ab1e8a1a94712cd5f100f098578aec79af48161e@%3Ccommon-dev.hadoop.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd3a34d663e2a25b9ab1e8a1a94712cd5f100f098578aec79af48161e%40%3Ccommon-dev.hadoop.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rd3a34d663e2a25b9ab1e8a1a94712cd5f100f098578aec79af48161e%40%3Ccommon-dev.hadoop.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re07c51a8026c11e6e5513bfdc66d52d1c1027053e480fb8073356257@%3Ccommits.cassandra.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/re07c51a8026c11e6e5513bfdc66d52d1c1027053e480fb8073356257@%3Ccommits.cassandra.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re07c51a8026c11e6e5513bfdc66d52d1c1027053e480fb8073356257%40%3Ccommits.cassandra.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/re07c51a8026c11e6e5513bfdc66d52d1c1027053e480fb8073356257%40%3Ccommits.cassandra.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re646dcc2739d92117bf9a76a33c600ed3b65e8b4e9b6f441e366b72b@%3Ccommits.cassandra.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/re646dcc2739d92117bf9a76a33c600ed3b65e8b4e9b6f441e366b72b@%3Ccommits.cassandra.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re646dcc2739d92117bf9a76a33c600ed3b65e8b4e9b6f441e366b72b%40%3Ccommits.cassandra.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/re646dcc2739d92117bf9a76a33c600ed3b65e8b4e9b6f441e366b72b%40%3Ccommits.cassandra.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00037.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00037.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00039.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00039.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10172", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10172" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1715075", "reference_id": "1715075", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1715075" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:spark:3.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:spark:3.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:spark:3.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-mapper-asl:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:fasterxml:jackson-mapper-asl:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-mapper-asl:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_fuse:7.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:jboss_fuse:7.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_fuse:7.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://github.com/advisories/GHSA-r6j9-8759-g62w", "reference_id": "GHSA-r6j9-8759-g62w", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r6j9-8759-g62w" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2058", "reference_id": "RHSA-2020:2058", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2058" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2059", "reference_id": "RHSA-2020:2059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2060", "reference_id": "RHSA-2020:2060", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2060" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2061", "reference_id": "RHSA-2020:2061", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2061" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2112", "reference_id": "RHSA-2020:2112", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2112" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2511", "reference_id": "RHSA-2020:2511", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2511" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2512", "reference_id": "RHSA-2020:2512", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2512" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2513", "reference_id": "RHSA-2020:2513", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2513" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2515", "reference_id": "RHSA-2020:2515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3192", "reference_id": "RHSA-2020:3192", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3192" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3585", "reference_id": "RHSA-2020:3585", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3585" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3779", "reference_id": "RHSA-2020:3779", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3779" }, { "reference_url": "https://usn.ubuntu.com/4741-1/", "reference_id": "USN-4741-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4741-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2019-10172", "GHSA-r6j9-8759-g62w" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7x9r-v8nm-nbf7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81591?format=api", "vulnerability_id": "VCID-7zwc-x1sz-6fc5", "summary": "Soteria: security identity corruption across concurrent threads", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1732.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1732.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1732", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32729", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.3286", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32895", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32716", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32764", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32791", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32792", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32755", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1732" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1801726", "reference_id": "1801726", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1801726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2058", "reference_id": "RHSA-2020:2058", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2058" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2059", "reference_id": "RHSA-2020:2059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2060", "reference_id": "RHSA-2020:2060", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2060" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2061", "reference_id": "RHSA-2020:2061", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2061" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2333", "reference_id": "RHSA-2020:2333", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2333" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2905", "reference_id": "RHSA-2020:2905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2905" } ], "fixed_packages": [], "aliases": [ "CVE-2020-1732" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7zwc-x1sz-6fc5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/58699?format=api", "vulnerability_id": "VCID-dvxb-wu3m-xuaz", "summary": "Improper Authorization in Undertoe\nA file inclusion vulnerability was found in the AJP connector enabled with a default AJP configuration port of 8009 in Undertow version 2.0.29.Final and before and was fixed in 2.0.30.Final. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instances where the vulnerable server allows file uploads, an attacker could upload malicious JavaServer Pages (JSP) code within a variety of file types and trigger this vulnerability to gain remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1745.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1745.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1745", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00636", "scoring_system": "epss", "scoring_elements": "0.70413", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00636", "scoring_system": "epss", "scoring_elements": "0.7035", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00636", "scoring_system": "epss", "scoring_elements": "0.70362", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00636", "scoring_system": "epss", "scoring_elements": "0.70379", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00636", "scoring_system": "epss", "scoring_elements": "0.70358", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00636", "scoring_system": "epss", "scoring_elements": "0.70403", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00636", "scoring_system": "epss", "scoring_elements": "0.70418", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00636", "scoring_system": "epss", "scoring_elements": "0.70442", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00636", "scoring_system": "epss", "scoring_elements": "0.70428", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1745" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1745", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1745" }, { "reference_url": "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1745", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1745" }, { "reference_url": "https://www.cnvd.org.cn/webinfo/show/5415", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.cnvd.org.cn/webinfo/show/5415" }, { "reference_url": "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1807305", "reference_id": "1807305", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1807305" }, { "reference_url": "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/", "reference_id": "CVE-2020-1938-APACHE-TOMCAT-AJP-CONNECTOR-REMOTE-CODE-EXECUTION-VULNERABILITY-ALERT", "reference_type": "", "scores": [], "url": "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/" }, { "reference_url": "https://github.com/advisories/GHSA-gv2w-88hx-8m9r", "reference_id": "GHSA-gv2w-88hx-8m9r", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-gv2w-88hx-8m9r" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0812", "reference_id": "RHSA-2020:0812", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0812" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0813", "reference_id": "RHSA-2020:0813", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0813" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0952", "reference_id": "RHSA-2020:0952", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0952" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0961", "reference_id": "RHSA-2020:0961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0962", "reference_id": "RHSA-2020:0962", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0962" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2058", "reference_id": "RHSA-2020:2058", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2058" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2059", "reference_id": "RHSA-2020:2059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2060", "reference_id": "RHSA-2020:2060", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2060" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2061", "reference_id": "RHSA-2020:2061", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2061" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2333", "reference_id": "RHSA-2020:2333", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2333" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2367", "reference_id": "RHSA-2020:2367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2511", "reference_id": "RHSA-2020:2511", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2511" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2512", "reference_id": "RHSA-2020:2512", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2512" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2513", "reference_id": "RHSA-2020:2513", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2513" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2515", "reference_id": "RHSA-2020:2515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2905", "reference_id": "RHSA-2020:2905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3192", "reference_id": "RHSA-2020:3192", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3192" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3779", "reference_id": "RHSA-2020:3779", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3779" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5856", "reference_id": "RHSA-2024:5856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5856" } ], "fixed_packages": [], "aliases": [ "CVE-2020-1745", "GHSA-gv2w-88hx-8m9r" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dvxb-wu3m-xuaz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34033?format=api", "vulnerability_id": "VCID-edja-kj1j-7kh5", "summary": "Private key leak in Apache CXF\nApache CXF ships with a OpenId Connect JWK Keys service, which allows a client to obtain the public keys in JWK format, which can then be used to verify the signature of tokens issued by the service. Typically, the service obtains the public key from a local keystore (JKS/PKCS12) by specifing the path of the keystore and the alias of the keystore entry. This case is not vulnerable. However it is also possible to obtain the keys from a JWK keystore file, by setting the configuration parameter `rs.security.keystore.type` to `jwk`. For this case all keys are returned in this file "as is", including all private key and secret key credentials. This is an obvious security risk if the user has configured the signature keystore file with private or secret key credentials. From CXF 3.3.5 and 3.2.12, it is mandatory to specify an alias corresponding to the id of the key in the JWK file, and only this key is returned. In addition, any private key information is omitted by default. `oct` keys, which contain secret keys, are not returned at all.", "references": [ { "reference_url": "http://cxf.apache.org/security-advisories.data/CVE-2019-12423.txt.asc?version=1&modificationDate=1579178393000&api=v2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://cxf.apache.org/security-advisories.data/CVE-2019-12423.txt.asc?version=1&modificationDate=1579178393000&api=v2" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12423.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12423.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12423", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01164", "scoring_system": "epss", "scoring_elements": "0.78645", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01164", "scoring_system": "epss", "scoring_elements": "0.78621", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01164", "scoring_system": "epss", "scoring_elements": "0.78614", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01164", "scoring_system": "epss", "scoring_elements": "0.78569", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01164", "scoring_system": "epss", "scoring_elements": "0.78576", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01164", "scoring_system": "epss", "scoring_elements": "0.78589", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01164", "scoring_system": "epss", "scoring_elements": "0.78607", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01164", "scoring_system": "epss", "scoring_elements": "0.78619", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01164", "scoring_system": "epss", "scoring_elements": "0.78627", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12423" }, { "reference_url": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd588ff96f18563aeb5f87ac8c6bce7aae86cb1a4d4be483f96e7208c@%3Cannounce.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rd588ff96f18563aeb5f87ac8c6bce7aae86cb1a4d4be483f96e7208c@%3Cannounce.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12423", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12423" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuApr2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797006", "reference_id": "1797006", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797006" }, { "reference_url": "https://github.com/advisories/GHSA-42f2-f9vc-6365", "reference_id": "GHSA-42f2-f9vc-6365", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-42f2-f9vc-6365" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2058", "reference_id": "RHSA-2020:2058", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2058" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2059", "reference_id": "RHSA-2020:2059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2060", "reference_id": "RHSA-2020:2060", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2060" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2061", "reference_id": "RHSA-2020:2061", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2061" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2333", "reference_id": "RHSA-2020:2333", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2333" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2511", "reference_id": "RHSA-2020:2511", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2511" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2512", "reference_id": "RHSA-2020:2512", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2512" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2513", "reference_id": "RHSA-2020:2513", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2513" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2515", "reference_id": "RHSA-2020:2515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2905", "reference_id": "RHSA-2020:2905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3196", "reference_id": "RHSA-2020:3196", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3196" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3197", "reference_id": "RHSA-2020:3197", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3197" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5568", "reference_id": "RHSA-2020:5568", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5568" } ], "fixed_packages": [], "aliases": [ "CVE-2019-12423", "GHSA-42f2-f9vc-6365" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-edja-kj1j-7kh5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35668?format=api", "vulnerability_id": "VCID-k6c9-mckm-cyhy", "summary": "HTTP Request Smuggling in Undertow\nA flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes. This flaw allows an attacker to take advantage of HTTP request smuggling.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10719.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10719.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10719", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.3782", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37803", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37926", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37854", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37845", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37881", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37719", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37867", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.379", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10719" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10719", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10719" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10719", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10719" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220210-0014", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20220210-0014" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220210-0014/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20220210-0014/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828459", "reference_id": "1828459", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828459" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969913", "reference_id": "969913", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969913" }, { "reference_url": "https://github.com/advisories/GHSA-cccf-7xw3-p2vr", "reference_id": "GHSA-cccf-7xw3-p2vr", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cccf-7xw3-p2vr" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2058", "reference_id": "RHSA-2020:2058", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2058" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2059", "reference_id": "RHSA-2020:2059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2060", "reference_id": "RHSA-2020:2060", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2060" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2061", "reference_id": "RHSA-2020:2061", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2061" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2511", "reference_id": "RHSA-2020:2511", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2511" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2512", "reference_id": "RHSA-2020:2512", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2512" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2513", "reference_id": "RHSA-2020:2513", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2513" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2515", "reference_id": "RHSA-2020:2515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2813", "reference_id": "RHSA-2020:2813", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2813" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2905", "reference_id": "RHSA-2020:2905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3585", "reference_id": "RHSA-2020:3585", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3585" } ], "fixed_packages": [], "aliases": [ "CVE-2020-10719", "GHSA-cccf-7xw3-p2vr" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k6c9-mckm-cyhy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46272?format=api", "vulnerability_id": "VCID-sev5-dmhe-p3e3", "summary": "Privilege Context Switching Error in wildlfy\nA flaw was found in wildfly. The EJBContext principle is not popped back after invoking another EJB using a different Security Domain. The highest threat from this vulnerability is to data confidentiality and integrity. Versions before wildfly 20.0.0.Final are affected.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1719.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1719.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1719", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.31338", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.31514", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.31385", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.31416", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.31419", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.31376", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.31332", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.31473", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1719" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1796617", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1796617" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1719", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1719" }, { "reference_url": "https://github.com/advisories/GHSA-p9cf-qjxq-vxw6", "reference_id": "GHSA-p9cf-qjxq-vxw6", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-p9cf-qjxq-vxw6" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2058", "reference_id": "RHSA-2020:2058", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2058" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2059", "reference_id": "RHSA-2020:2059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2060", "reference_id": "RHSA-2020:2060", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2060" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2061", "reference_id": "RHSA-2020:2061", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2061" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2112", "reference_id": "RHSA-2020:2112", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2112" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2511", "reference_id": "RHSA-2020:2511", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2511" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2512", "reference_id": "RHSA-2020:2512", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2512" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2513", "reference_id": "RHSA-2020:2513", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2513" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2515", "reference_id": "RHSA-2020:2515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2905", "reference_id": "RHSA-2020:2905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3585", "reference_id": "RHSA-2020:3585", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3585" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3779", "reference_id": "RHSA-2020:3779", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3779" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5568", "reference_id": "RHSA-2020:5568", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5568" } ], "fixed_packages": [], "aliases": [ "CVE-2020-1719", "GHSA-p9cf-qjxq-vxw6" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sev5-dmhe-p3e3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56902?format=api", "vulnerability_id": "VCID-sxup-wzjc-tue1", "summary": "Improper Input Validation in Undertow\nA flaw was found in all undertow-2.x.x SP1 versions prior to undertow-2.0.30.SP1, all undertow-1.x.x and undertow-2.x.x versions prior to undertow-2.1.0.Final, where the Servlet container causes servletPath to normalize incorrectly by truncating the path after semicolon which may lead to an application mapping resulting in the security bypass.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1757.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1757.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1757", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00463", "scoring_system": "epss", "scoring_elements": "0.64302", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00463", "scoring_system": "epss", "scoring_elements": "0.64329", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00463", "scoring_system": "epss", "scoring_elements": "0.64315", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00463", "scoring_system": "epss", "scoring_elements": "0.64342", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00463", "scoring_system": "epss", "scoring_elements": "0.64223", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00463", "scoring_system": "epss", "scoring_elements": "0.64281", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00463", "scoring_system": "epss", "scoring_elements": "0.64331", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00463", "scoring_system": "epss", "scoring_elements": "0.6431", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00463", "scoring_system": "epss", "scoring_elements": "0.64266", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1757" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1757", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1757" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1757", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1757" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1752770", "reference_id": "1752770", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1752770" }, { "reference_url": "https://github.com/advisories/GHSA-2w73-fqqj-c92p", "reference_id": "GHSA-2w73-fqqj-c92p", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2w73-fqqj-c92p" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2058", "reference_id": "RHSA-2020:2058", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2058" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2059", "reference_id": "RHSA-2020:2059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2060", "reference_id": "RHSA-2020:2060", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2060" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2061", "reference_id": "RHSA-2020:2061", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2061" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2112", "reference_id": "RHSA-2020:2112", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2112" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2511", "reference_id": "RHSA-2020:2511", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2511" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2512", "reference_id": "RHSA-2020:2512", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2512" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2513", "reference_id": "RHSA-2020:2513", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2513" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2515", "reference_id": "RHSA-2020:2515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2905", "reference_id": "RHSA-2020:2905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3192", "reference_id": "RHSA-2020:3192", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3192" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3779", "reference_id": "RHSA-2020:3779", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3779" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5856", "reference_id": "RHSA-2024:5856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5856" } ], "fixed_packages": [], "aliases": [ "CVE-2020-1757", "GHSA-2w73-fqqj-c92p" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sxup-wzjc-tue1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35291?format=api", "vulnerability_id": "VCID-urxh-sp91-kuet", "summary": "Allocation of Resources Without Limits or Throttling in Undertow\nA flaw was discovered in Undertow in versions before Undertow 2.1.1.Final where certain requests to the \"Expect: 100-continue\" header may cause an out of memory error. This flaw may potentially lead to a denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10705.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10705.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10705", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00299", "scoring_system": "epss", "scoring_elements": "0.53269", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00299", "scoring_system": "epss", "scoring_elements": "0.53202", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00299", "scoring_system": "epss", "scoring_elements": "0.53234", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00299", "scoring_system": "epss", "scoring_elements": "0.53254", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00299", "scoring_system": "epss", "scoring_elements": "0.53286", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00299", "scoring_system": "epss", "scoring_elements": "0.53301", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00299", "scoring_system": "epss", "scoring_elements": "0.53186", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00299", "scoring_system": "epss", "scoring_elements": "0.5325", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00299", "scoring_system": "epss", "scoring_elements": "0.53209", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10705" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1803241", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1803241" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10705", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10705" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220210-0014", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20220210-0014" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220210-0014/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20220210-0014/" }, { "reference_url": "https://github.com/advisories/GHSA-g4cp-h53p-v3v8", "reference_id": "GHSA-g4cp-h53p-v3v8", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-g4cp-h53p-v3v8" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2058", "reference_id": "RHSA-2020:2058", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2058" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2059", "reference_id": "RHSA-2020:2059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2060", "reference_id": "RHSA-2020:2060", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2060" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2061", "reference_id": "RHSA-2020:2061", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2061" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2511", "reference_id": "RHSA-2020:2511", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2511" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2512", "reference_id": "RHSA-2020:2512", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2512" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2513", "reference_id": "RHSA-2020:2513", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2513" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2515", "reference_id": "RHSA-2020:2515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2905", "reference_id": "RHSA-2020:2905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3585", "reference_id": "RHSA-2020:3585", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3585" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16668", "reference_id": "RHSA-2025:16668", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16668" } ], "fixed_packages": [], "aliases": [ "CVE-2020-10705", "GHSA-g4cp-h53p-v3v8" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-urxh-sp91-kuet" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13459?format=api", "vulnerability_id": "VCID-vhk6-ks9x-1kes", "summary": "Incorrect Authorization\nA flaw was found in SmallRye's API through version 1.6.1. The API can allow other code running within the application server to potentially obtain the ClassLoader, bypassing any permissions checks that should have been applied. The largest threat from this vulnerability is a threat to data confidentiality. This is fixed in SmallRye 1.6.2", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1729.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1729.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1729", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11354", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.1142", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11479", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11268", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.1135", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11408", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11415", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11382", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.1128", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1729" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1802444", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1802444" }, { "reference_url": "https://github.com/smallrye/smallrye-config/commit/fb0def6f61c09a2a80c9145e4ec6521225cd0b99", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/smallrye/smallrye-config/commit/fb0def6f61c09a2a80c9145e4ec6521225cd0b99" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1729", "reference_id": "CVE-2020-1729", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1729" }, { "reference_url": "https://github.com/advisories/GHSA-54fx-gm74-q676", "reference_id": "GHSA-54fx-gm74-q676", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-54fx-gm74-q676" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2058", "reference_id": "RHSA-2020:2058", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2058" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2059", "reference_id": "RHSA-2020:2059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2060", "reference_id": "RHSA-2020:2060", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2060" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2061", "reference_id": "RHSA-2020:2061", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2061" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2067", "reference_id": "RHSA-2020:2067", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2067" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2511", "reference_id": "RHSA-2020:2511", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2511" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2512", "reference_id": "RHSA-2020:2512", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2512" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2513", "reference_id": "RHSA-2020:2513", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2513" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2515", "reference_id": "RHSA-2020:2515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2515" } ], "fixed_packages": [], "aliases": [ "CVE-2020-1729", "GHSA-54fx-gm74-q676" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vhk6-ks9x-1kes" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33690?format=api", "vulnerability_id": "VCID-wkt1-qfpk-ybg4", "summary": "Reflected Cross-Site Scripting in Apache CXF\nBy default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. This webpage is vulnerable to a reflected Cross-Site Scripting (XSS) attack, which allows a malicious actor to inject javascript into the web page. Please note that the attack exploits a feature which is not typically not present in modern browsers, who remove dot segments before sending the request. However, Mobile applications may be vulnerable.", "references": [ { "reference_url": "http://cxf.apache.org/security-advisories.data/CVE-2019-17573.txt.asc?version=1&modificationDate=1579178542000&api=v2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://cxf.apache.org/security-advisories.data/CVE-2019-17573.txt.asc?version=1&modificationDate=1579178542000&api=v2" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17573.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17573.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17573", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.16126", "scoring_system": "epss", "scoring_elements": "0.94792", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.16126", "scoring_system": "epss", "scoring_elements": "0.94788", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.16126", "scoring_system": "epss", "scoring_elements": "0.94784", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.16126", "scoring_system": "epss", "scoring_elements": "0.94796", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.16126", "scoring_system": "epss", "scoring_elements": "0.94774", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.16126", "scoring_system": "epss", "scoring_elements": "0.94773", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.16126", "scoring_system": "epss", "scoring_elements": "0.9477", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.16126", "scoring_system": "epss", "scoring_elements": "0.9476", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.16126", "scoring_system": "epss", "scoring_elements": "0.94797", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17573" }, { "reference_url": "https://github.com/apache/cxf/commit/a02e96ba1095596bef481919f16a90c5e80a92c8", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/cxf/commit/a02e96ba1095596bef481919f16a90c5e80a92c8" }, { "reference_url": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r51fdd73548290b2dfd0b48f7ab69bf9ae064dd100364cd8a15f0b3ec@%3Cannounce.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r51fdd73548290b2dfd0b48f7ab69bf9ae064dd100364cd8a15f0b3ec@%3Cannounce.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r51fdd73548290b2dfd0b48f7ab69bf9ae064dd100364cd8a15f0b3ec@%3Cdev.cxf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r51fdd73548290b2dfd0b48f7ab69bf9ae064dd100364cd8a15f0b3ec@%3Cdev.cxf.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r51fdd73548290b2dfd0b48f7ab69bf9ae064dd100364cd8a15f0b3ec@%3Cusers.cxf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r51fdd73548290b2dfd0b48f7ab69bf9ae064dd100364cd8a15f0b3ec@%3Cusers.cxf.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r81a41a2915985d49bc3ea57dde2018b03584a863878a8532a89f993f@%3Cusers.cxf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r81a41a2915985d49bc3ea57dde2018b03584a863878a8532a89f993f@%3Cusers.cxf.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf3b50583fefce2810cbd37c3d358cbcd9a03e750005950bf54546194@%3Cannounce.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rf3b50583fefce2810cbd37c3d358cbcd9a03e750005950bf54546194@%3Cannounce.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17573", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17573" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuApr2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2020/11/12/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2020/11/12/2" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797011", "reference_id": "1797011", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797011" }, { "reference_url": "https://github.com/advisories/GHSA-f93p-f762-vr53", "reference_id": "GHSA-f93p-f762-vr53", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-f93p-f762-vr53" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2058", "reference_id": "RHSA-2020:2058", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2058" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2059", "reference_id": "RHSA-2020:2059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2060", "reference_id": "RHSA-2020:2060", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2060" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2061", "reference_id": "RHSA-2020:2061", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2061" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2112", "reference_id": "RHSA-2020:2112", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2112" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2333", "reference_id": "RHSA-2020:2333", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2333" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2511", "reference_id": "RHSA-2020:2511", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2511" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2512", "reference_id": "RHSA-2020:2512", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2512" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2513", "reference_id": "RHSA-2020:2513", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2513" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2515", "reference_id": "RHSA-2020:2515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2905", "reference_id": "RHSA-2020:2905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3192", "reference_id": "RHSA-2020:3192", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3192" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3196", "reference_id": "RHSA-2020:3196", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3196" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3197", "reference_id": "RHSA-2020:3197", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3197" } ], "fixed_packages": [], "aliases": [ "CVE-2019-17573", "GHSA-f93p-f762-vr53" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wkt1-qfpk-ybg4" } ], "fixing_vulnerabilities": [], "risk_score": "4.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-mod_cluster@1.4.1-1.Final_redhat_00001.1%3Farch=el7eap" }