Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/226356?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/226356?format=api", "purl": "pkg:maven/org.apache.camel/camel-http4@2.3.0", "type": "maven", "namespace": "org.apache.camel", "name": "camel-http4", "version": "2.3.0", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "2.15.5", "latest_non_vulnerable_version": "2.16.1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40295?format=api", "vulnerability_id": "VCID-uadd-hzsv-yybe", "summary": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')\nApache Camel 2.6.x through 2.14.x, 2.15.x before 2.15.5, and 2.16.x before 2.16.1, when using (1) camel-jetty or (2) camel-servlet as a consumer in Camel routes, allow remote attackers to execute arbitrary commands via a crafted serialized Java object in an HTTP request.", "references": [ { "reference_url": "http://packetstormsecurity.com/files/134946/Apache-Camel-Java-Object-Deserialization.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://packetstormsecurity.com/files/134946/Apache-Camel-Java-Object-Deserialization.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2035.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2035.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5348.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5348.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5348", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06832", "scoring_system": "epss", "scoring_elements": "0.91503", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5348" }, { "reference_url": "https://github.com/apache/camel", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/camel" }, { "reference_url": "https://github.com/apache/camel/commit/0afcf721ff209eb10a24c5e4b48ca9d6727ea99a", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/camel/commit/0afcf721ff209eb10a24c5e4b48ca9d6727ea99a" }, { "reference_url": "https://github.com/apache/camel/commit/13e43c1412ad72d99030b4eb4cb72c84fa57d5ff", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/camel/commit/13e43c1412ad72d99030b4eb4cb72c84fa57d5ff" }, { "reference_url": "https://github.com/apache/camel/commit/190d7c81b7e3ce767514e319630b1bbaf27e6817", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/camel/commit/190d7c81b7e3ce767514e319630b1bbaf27e6817" }, { "reference_url": "https://github.com/apache/camel/commit/1b1ccbcd94860f6f1d8caf98fb59e6ab7b3940b4", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/camel/commit/1b1ccbcd94860f6f1d8caf98fb59e6ab7b3940b4" }, { "reference_url": "https://github.com/apache/camel/commit/23655fe0c15189ca41a6e99c31a3c38001a7cdb0", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/camel/commit/23655fe0c15189ca41a6e99c31a3c38001a7cdb0" }, { "reference_url": "https://github.com/apache/camel/commit/32eacdaff16f8709da55e27b83fa21a16d739f63", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/camel/commit/32eacdaff16f8709da55e27b83fa21a16d739f63" }, { "reference_url": "https://github.com/apache/camel/commit/349109b0834764560f0be69eb74f43a16bd220b0", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/camel/commit/349109b0834764560f0be69eb74f43a16bd220b0" }, { "reference_url": "https://github.com/apache/camel/commit/44e6a3036e5a11d90b60c142cf51ed74b792de31", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/camel/commit/44e6a3036e5a11d90b60c142cf51ed74b792de31" }, { "reference_url": "https://github.com/apache/camel/commit/4f065fe07c1dcd7b451e6005a6dc8e96d77da43e", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/camel/commit/4f065fe07c1dcd7b451e6005a6dc8e96d77da43e" }, { "reference_url": "https://github.com/apache/camel/commit/515c822148d52de9e7cdf4f6b01f7b793f2f273f", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/camel/commit/515c822148d52de9e7cdf4f6b01f7b793f2f273f" }, { "reference_url": "https://github.com/apache/camel/commit/5ea0a6f6c6a54f1cddf9691a99b0c237afc95348", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/camel/commit/5ea0a6f6c6a54f1cddf9691a99b0c237afc95348" }, { "reference_url": "https://github.com/apache/camel/commit/735ee02c693964b5f700af13a2adfeae56b848a4", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/camel/commit/735ee02c693964b5f700af13a2adfeae56b848a4" }, { "reference_url": "https://github.com/apache/camel/commit/7e28d0af471ea992eb74807a4abd1626b88d678a", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/camel/commit/7e28d0af471ea992eb74807a4abd1626b88d678a" }, { "reference_url": "https://github.com/apache/camel/commit/92081b203523c5ed502ed41df43cbd8655caf9b9", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/camel/commit/92081b203523c5ed502ed41df43cbd8655caf9b9" }, { "reference_url": "https://github.com/apache/camel/commit/94330f99acb6f28155793b253de9956c3798f3bb", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/camel/commit/94330f99acb6f28155793b253de9956c3798f3bb" }, { "reference_url": "https://github.com/apache/camel/commit/9cbd5867fe73ef07ecba6f16d64689632e3f2a16", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/camel/commit/9cbd5867fe73ef07ecba6f16d64689632e3f2a16" }, { "reference_url": "https://github.com/apache/camel/commit/a68434c258cdcd30587ae7adc5dabbac43eadbbf", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/camel/commit/a68434c258cdcd30587ae7adc5dabbac43eadbbf" }, { "reference_url": "https://github.com/apache/camel/commit/c47cffcadabca0c588753555a386942184a33627", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/camel/commit/c47cffcadabca0c588753555a386942184a33627" }, { "reference_url": "https://github.com/apache/camel/commit/c558f30a6d3820faa3d8c4ad5e54448914ec60d0", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/camel/commit/c558f30a6d3820faa3d8c4ad5e54448914ec60d0" }, { "reference_url": "https://github.com/apache/camel/commit/c703479f5880a099c38f2fd5e63c7d9f0567e5ff", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/camel/commit/c703479f5880a099c38f2fd5e63c7d9f0567e5ff" }, { "reference_url": "https://github.com/apache/camel/commit/d853853469292cd54fd9662c3605030ab5a9566b", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/camel/commit/d853853469292cd54fd9662c3605030ab5a9566b" }, { "reference_url": "https://github.com/apache/camel/commit/e7fd5f049c2fd51a528f8062da91a1c75e33b0e8", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/camel/commit/e7fd5f049c2fd51a528f8062da91a1c75e33b0e8" }, { "reference_url": "https://github.com/apache/camel/commit/ec4a48d38e7335b40efcb14979fad8144eb00acf", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/camel/commit/ec4a48d38e7335b40efcb14979fad8144eb00acf" }, { "reference_url": "https://github.com/apache/camel/commit/f7f0b18f6924fe0b01f32a25ed1e38e29b1bf8e5", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/camel/commit/f7f0b18f6924fe0b01f32a25ed1e38e29b1bf8e5" }, { "reference_url": "https://issues.apache.org/jira/browse/CAMEL-9309", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://issues.apache.org/jira/browse/CAMEL-9309" }, { "reference_url": "https://lists.apache.org/thread.html/2318d7f7d87724d8716cd650c21b31cb06e4d34f6d0f5ee42f28fdaf@%3Ccommits.camel.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/2318d7f7d87724d8716cd650c21b31cb06e4d34f6d0f5ee42f28fdaf@%3Ccommits.camel.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/b4014ea7c5830ca1fc28edd5cafedfe93ad4af2d9e69c961c5def31d@%3Ccommits.camel.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/b4014ea7c5830ca1fc28edd5cafedfe93ad4af2d9e69c961c5def31d@%3Ccommits.camel.apache.org%3E" }, { "reference_url": "http://www.securityfocus.com/archive/1/537147/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/archive/1/537147/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/80696", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/80696" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1292849", "reference_id": "1292849", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1292849" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5348", "reference_id": "CVE-2015-5348", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5348" }, { "reference_url": "http://camel.apache.org/security-advisories.data/CVE-2015-5348.txt.asc", "reference_id": "CVE-2015-5348.TXT.ASC", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://camel.apache.org/security-advisories.data/CVE-2015-5348.txt.asc" }, { "reference_url": "https://github.com/advisories/GHSA-26v6-w6fw-rh94", "reference_id": "GHSA-26v6-w6fw-rh94", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-26v6-w6fw-rh94" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2035", "reference_id": "RHSA-2016:2035", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2035" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56677?format=api", "purl": "pkg:maven/org.apache.camel/camel-http4@2.15.5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.camel/camel-http4@2.15.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/56678?format=api", "purl": "pkg:maven/org.apache.camel/camel-http4@2.16.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.camel/camel-http4@2.16.1" } ], "aliases": [ "CVE-2015-5348", "GHSA-26v6-w6fw-rh94" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uadd-hzsv-yybe" } ], "fixing_vulnerabilities": [], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.camel/camel-http4@2.3.0" }