Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/11224?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11224?format=api", "vulnerability_id": "VCID-zpc9-qmnr-ckga", "summary": "", "aliases": [ { "alias": "CVE-2022-1471" }, { "alias": "GHSA-mjmj-j48q-9wg2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/384082?format=api", "purl": "pkg:maven/org.yaml/snakeyaml@2.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@2.0" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/451632?format=api", "purl": "pkg:maven/org.yaml/snakeyaml@1.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d22y-27n1-nkdb" }, { "vulnerability": "VCID-f9a3-vz93-zqcq" }, { "vulnerability": "VCID-gvc5-rtu7-eueb" }, { "vulnerability": "VCID-kde4-epw8-w7c8" }, { "vulnerability": "VCID-mdgs-etkz-abgd" }, { "vulnerability": "VCID-wujp-7kc4-2ycb" }, { "vulnerability": "VCID-xvj8-jwkd-6ubd" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/451633?format=api", "purl": "pkg:maven/org.yaml/snakeyaml@1.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d22y-27n1-nkdb" }, { "vulnerability": "VCID-f9a3-vz93-zqcq" }, { "vulnerability": "VCID-gvc5-rtu7-eueb" }, { "vulnerability": "VCID-kde4-epw8-w7c8" }, { "vulnerability": "VCID-mdgs-etkz-abgd" }, { "vulnerability": "VCID-wujp-7kc4-2ycb" }, { "vulnerability": "VCID-xvj8-jwkd-6ubd" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/451634?format=api", "purl": "pkg:maven/org.yaml/snakeyaml@1.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d22y-27n1-nkdb" }, { "vulnerability": "VCID-f9a3-vz93-zqcq" }, { "vulnerability": "VCID-gvc5-rtu7-eueb" }, { "vulnerability": "VCID-kde4-epw8-w7c8" }, { "vulnerability": "VCID-mdgs-etkz-abgd" }, { "vulnerability": "VCID-wujp-7kc4-2ycb" }, { "vulnerability": "VCID-xvj8-jwkd-6ubd" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/451635?format=api", "purl": "pkg:maven/org.yaml/snakeyaml@1.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d22y-27n1-nkdb" }, { "vulnerability": "VCID-f9a3-vz93-zqcq" }, { "vulnerability": "VCID-gvc5-rtu7-eueb" }, { "vulnerability": "VCID-kde4-epw8-w7c8" }, { "vulnerability": "VCID-mdgs-etkz-abgd" }, { "vulnerability": "VCID-wujp-7kc4-2ycb" }, { "vulnerability": "VCID-xvj8-jwkd-6ubd" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/451636?format=api", "purl": "pkg:maven/org.yaml/snakeyaml@1.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d22y-27n1-nkdb" }, { "vulnerability": "VCID-f9a3-vz93-zqcq" }, { "vulnerability": "VCID-gvc5-rtu7-eueb" }, { "vulnerability": "VCID-kde4-epw8-w7c8" }, { "vulnerability": "VCID-mdgs-etkz-abgd" }, { "vulnerability": "VCID-wujp-7kc4-2ycb" }, { "vulnerability": "VCID-xvj8-jwkd-6ubd" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/451637?format=api", "purl": "pkg:maven/org.yaml/snakeyaml@1.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d22y-27n1-nkdb" }, { "vulnerability": "VCID-f9a3-vz93-zqcq" }, { "vulnerability": "VCID-gvc5-rtu7-eueb" }, { "vulnerability": "VCID-kde4-epw8-w7c8" }, { "vulnerability": "VCID-mdgs-etkz-abgd" }, { "vulnerability": "VCID-wujp-7kc4-2ycb" }, { "vulnerability": "VCID-xvj8-jwkd-6ubd" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/451638?format=api", "purl": "pkg:maven/org.yaml/snakeyaml@1.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d22y-27n1-nkdb" }, { "vulnerability": "VCID-f9a3-vz93-zqcq" }, { "vulnerability": "VCID-gvc5-rtu7-eueb" }, { "vulnerability": "VCID-kde4-epw8-w7c8" }, { "vulnerability": "VCID-mdgs-etkz-abgd" }, { "vulnerability": "VCID-wujp-7kc4-2ycb" }, { "vulnerability": "VCID-xvj8-jwkd-6ubd" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/451639?format=api", "purl": "pkg:maven/org.yaml/snakeyaml@1.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d22y-27n1-nkdb" }, { "vulnerability": "VCID-f9a3-vz93-zqcq" }, { "vulnerability": "VCID-gvc5-rtu7-eueb" }, { "vulnerability": "VCID-kde4-epw8-w7c8" }, { "vulnerability": "VCID-mdgs-etkz-abgd" }, { "vulnerability": "VCID-wujp-7kc4-2ycb" }, { "vulnerability": "VCID-xvj8-jwkd-6ubd" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/451640?format=api", "purl": "pkg:maven/org.yaml/snakeyaml@1.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d22y-27n1-nkdb" }, { "vulnerability": "VCID-f9a3-vz93-zqcq" }, { "vulnerability": "VCID-gvc5-rtu7-eueb" }, { "vulnerability": "VCID-kde4-epw8-w7c8" }, { "vulnerability": "VCID-mdgs-etkz-abgd" }, { "vulnerability": "VCID-wujp-7kc4-2ycb" }, { "vulnerability": "VCID-xvj8-jwkd-6ubd" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/451641?format=api", "purl": "pkg:maven/org.yaml/snakeyaml@1.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d22y-27n1-nkdb" }, { "vulnerability": "VCID-f9a3-vz93-zqcq" }, { "vulnerability": "VCID-gvc5-rtu7-eueb" }, { "vulnerability": "VCID-kde4-epw8-w7c8" }, { "vulnerability": "VCID-mdgs-etkz-abgd" }, { "vulnerability": "VCID-wujp-7kc4-2ycb" }, { "vulnerability": "VCID-xvj8-jwkd-6ubd" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.13" }, { "url": "http://public2.vulnerablecode.io/api/packages/451642?format=api", "purl": "pkg:maven/org.yaml/snakeyaml@1.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d22y-27n1-nkdb" }, { "vulnerability": "VCID-f9a3-vz93-zqcq" }, { "vulnerability": "VCID-gvc5-rtu7-eueb" }, { "vulnerability": "VCID-kde4-epw8-w7c8" }, { "vulnerability": "VCID-mdgs-etkz-abgd" }, { "vulnerability": "VCID-wujp-7kc4-2ycb" }, { "vulnerability": "VCID-xvj8-jwkd-6ubd" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/451643?format=api", "purl": "pkg:maven/org.yaml/snakeyaml@1.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d22y-27n1-nkdb" }, { "vulnerability": "VCID-f9a3-vz93-zqcq" }, { "vulnerability": "VCID-gvc5-rtu7-eueb" }, { "vulnerability": "VCID-kde4-epw8-w7c8" }, { "vulnerability": "VCID-mdgs-etkz-abgd" }, { "vulnerability": "VCID-wujp-7kc4-2ycb" }, { "vulnerability": "VCID-xvj8-jwkd-6ubd" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.15" }, { "url": "http://public2.vulnerablecode.io/api/packages/451644?format=api", "purl": "pkg:maven/org.yaml/snakeyaml@1.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d22y-27n1-nkdb" }, { "vulnerability": "VCID-f9a3-vz93-zqcq" }, { "vulnerability": "VCID-gvc5-rtu7-eueb" }, { "vulnerability": "VCID-kde4-epw8-w7c8" }, { "vulnerability": "VCID-mdgs-etkz-abgd" }, { "vulnerability": "VCID-wujp-7kc4-2ycb" }, { "vulnerability": "VCID-xvj8-jwkd-6ubd" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.16" }, { "url": "http://public2.vulnerablecode.io/api/packages/451645?format=api", "purl": "pkg:maven/org.yaml/snakeyaml@1.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d22y-27n1-nkdb" }, { "vulnerability": "VCID-f9a3-vz93-zqcq" }, { "vulnerability": "VCID-gvc5-rtu7-eueb" }, { "vulnerability": "VCID-kde4-epw8-w7c8" }, { "vulnerability": "VCID-mdgs-etkz-abgd" }, { "vulnerability": "VCID-wujp-7kc4-2ycb" }, { "vulnerability": "VCID-xvj8-jwkd-6ubd" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/451646?format=api", "purl": "pkg:maven/org.yaml/snakeyaml@1.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d22y-27n1-nkdb" }, { "vulnerability": "VCID-f9a3-vz93-zqcq" }, { "vulnerability": "VCID-gvc5-rtu7-eueb" }, { "vulnerability": "VCID-kde4-epw8-w7c8" }, { "vulnerability": "VCID-mdgs-etkz-abgd" }, { "vulnerability": "VCID-wujp-7kc4-2ycb" }, { "vulnerability": "VCID-xvj8-jwkd-6ubd" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/451647?format=api", "purl": "pkg:maven/org.yaml/snakeyaml@1.19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d22y-27n1-nkdb" }, { "vulnerability": "VCID-f9a3-vz93-zqcq" }, { "vulnerability": "VCID-gvc5-rtu7-eueb" }, { "vulnerability": "VCID-kde4-epw8-w7c8" }, { "vulnerability": "VCID-mdgs-etkz-abgd" }, { "vulnerability": "VCID-wujp-7kc4-2ycb" }, { "vulnerability": "VCID-xvj8-jwkd-6ubd" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.19" }, { "url": "http://public2.vulnerablecode.io/api/packages/451648?format=api", "purl": "pkg:maven/org.yaml/snakeyaml@1.20", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d22y-27n1-nkdb" }, { "vulnerability": "VCID-f9a3-vz93-zqcq" }, { "vulnerability": "VCID-gvc5-rtu7-eueb" }, { "vulnerability": "VCID-kde4-epw8-w7c8" }, { "vulnerability": "VCID-mdgs-etkz-abgd" }, { "vulnerability": "VCID-wujp-7kc4-2ycb" }, { "vulnerability": "VCID-xvj8-jwkd-6ubd" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.20" }, { "url": "http://public2.vulnerablecode.io/api/packages/451649?format=api", "purl": "pkg:maven/org.yaml/snakeyaml@1.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d22y-27n1-nkdb" }, { "vulnerability": "VCID-f9a3-vz93-zqcq" }, { "vulnerability": "VCID-gvc5-rtu7-eueb" }, { "vulnerability": "VCID-kde4-epw8-w7c8" }, { "vulnerability": "VCID-mdgs-etkz-abgd" }, { "vulnerability": "VCID-wujp-7kc4-2ycb" }, { "vulnerability": "VCID-xvj8-jwkd-6ubd" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/451650?format=api", "purl": "pkg:maven/org.yaml/snakeyaml@1.22", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d22y-27n1-nkdb" }, { "vulnerability": "VCID-f9a3-vz93-zqcq" }, { "vulnerability": "VCID-gvc5-rtu7-eueb" }, { "vulnerability": "VCID-kde4-epw8-w7c8" }, { "vulnerability": "VCID-mdgs-etkz-abgd" }, { "vulnerability": "VCID-wujp-7kc4-2ycb" }, { "vulnerability": "VCID-xvj8-jwkd-6ubd" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.22" }, { "url": "http://public2.vulnerablecode.io/api/packages/451651?format=api", "purl": "pkg:maven/org.yaml/snakeyaml@1.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d22y-27n1-nkdb" }, { "vulnerability": "VCID-f9a3-vz93-zqcq" }, { "vulnerability": "VCID-gvc5-rtu7-eueb" }, { "vulnerability": "VCID-kde4-epw8-w7c8" }, { "vulnerability": "VCID-mdgs-etkz-abgd" }, { "vulnerability": "VCID-wujp-7kc4-2ycb" }, { "vulnerability": "VCID-xvj8-jwkd-6ubd" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/451652?format=api", "purl": "pkg:maven/org.yaml/snakeyaml@1.24", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d22y-27n1-nkdb" }, { "vulnerability": "VCID-f9a3-vz93-zqcq" }, { "vulnerability": "VCID-gvc5-rtu7-eueb" }, { "vulnerability": "VCID-kde4-epw8-w7c8" }, { "vulnerability": "VCID-mdgs-etkz-abgd" }, { "vulnerability": "VCID-wujp-7kc4-2ycb" }, { "vulnerability": "VCID-xvj8-jwkd-6ubd" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.24" }, { "url": "http://public2.vulnerablecode.io/api/packages/451653?format=api", "purl": "pkg:maven/org.yaml/snakeyaml@1.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d22y-27n1-nkdb" }, { "vulnerability": "VCID-f9a3-vz93-zqcq" }, { "vulnerability": "VCID-gvc5-rtu7-eueb" }, { "vulnerability": "VCID-kde4-epw8-w7c8" }, { "vulnerability": "VCID-mdgs-etkz-abgd" }, { "vulnerability": "VCID-wujp-7kc4-2ycb" }, { "vulnerability": "VCID-xvj8-jwkd-6ubd" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/383278?format=api", "purl": "pkg:maven/org.yaml/snakeyaml@1.26", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-f9a3-vz93-zqcq" }, { "vulnerability": "VCID-gvc5-rtu7-eueb" }, { "vulnerability": "VCID-kde4-epw8-w7c8" }, { "vulnerability": "VCID-mdgs-etkz-abgd" }, { "vulnerability": "VCID-wujp-7kc4-2ycb" }, { "vulnerability": "VCID-xvj8-jwkd-6ubd" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.26" }, { "url": "http://public2.vulnerablecode.io/api/packages/582320?format=api", "purl": "pkg:maven/org.yaml/snakeyaml@1.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-f9a3-vz93-zqcq" }, { "vulnerability": "VCID-gvc5-rtu7-eueb" }, { "vulnerability": "VCID-kde4-epw8-w7c8" }, { "vulnerability": "VCID-mdgs-etkz-abgd" }, { "vulnerability": "VCID-wujp-7kc4-2ycb" }, { "vulnerability": "VCID-xvj8-jwkd-6ubd" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/582321?format=api", "purl": "pkg:maven/org.yaml/snakeyaml@1.28", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-f9a3-vz93-zqcq" }, { "vulnerability": "VCID-gvc5-rtu7-eueb" }, { "vulnerability": "VCID-kde4-epw8-w7c8" }, { "vulnerability": "VCID-mdgs-etkz-abgd" }, { "vulnerability": "VCID-wujp-7kc4-2ycb" }, { "vulnerability": "VCID-xvj8-jwkd-6ubd" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.28" }, { "url": "http://public2.vulnerablecode.io/api/packages/582322?format=api", "purl": "pkg:maven/org.yaml/snakeyaml@1.29", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-f9a3-vz93-zqcq" }, { "vulnerability": "VCID-gvc5-rtu7-eueb" }, { "vulnerability": "VCID-kde4-epw8-w7c8" }, { "vulnerability": "VCID-mdgs-etkz-abgd" }, { "vulnerability": "VCID-wujp-7kc4-2ycb" }, { "vulnerability": "VCID-xvj8-jwkd-6ubd" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.29" }, { "url": "http://public2.vulnerablecode.io/api/packages/582323?format=api", "purl": "pkg:maven/org.yaml/snakeyaml@1.30", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-f9a3-vz93-zqcq" }, { "vulnerability": "VCID-gvc5-rtu7-eueb" }, { "vulnerability": "VCID-kde4-epw8-w7c8" }, { "vulnerability": "VCID-mdgs-etkz-abgd" }, { "vulnerability": "VCID-wujp-7kc4-2ycb" }, { "vulnerability": "VCID-xvj8-jwkd-6ubd" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.30" }, { "url": "http://public2.vulnerablecode.io/api/packages/26064?format=api", "purl": "pkg:maven/org.yaml/snakeyaml@1.31", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kde4-epw8-w7c8" }, { "vulnerability": "VCID-wujp-7kc4-2ycb" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.31" }, { "url": "http://public2.vulnerablecode.io/api/packages/26116?format=api", "purl": "pkg:maven/org.yaml/snakeyaml@1.32", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.32" }, { "url": "http://public2.vulnerablecode.io/api/packages/601916?format=api", "purl": "pkg:maven/org.yaml/snakeyaml@1.33", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.yaml/snakeyaml@1.33" }, { "url": "http://public2.vulnerablecode.io/api/packages/338107?format=api", "purl": "pkg:rpm/redhat/candlepin@4.2.13-1?arch=el8sat", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4vx9-twgz-xbcs" }, { "vulnerability": "VCID-6r2h-5gfg-wfgq" }, { "vulnerability": "VCID-92cp-kc76-5yfu" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-f9a3-vz93-zqcq" }, { "vulnerability": "VCID-gvc5-rtu7-eueb" }, { "vulnerability": "VCID-kde4-epw8-w7c8" }, { "vulnerability": "VCID-mdgs-etkz-abgd" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-ts5d-j1mw-dqbg" }, { "vulnerability": "VCID-xvj8-jwkd-6ubd" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/candlepin@4.2.13-1%3Farch=el8sat" }, { "url": "http://public2.vulnerablecode.io/api/packages/338842?format=api", "purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.10.4-2.redhat_00004.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1b3e-49vk-27h2" }, { "vulnerability": "VCID-5awv-7w7c-sfgn" }, { "vulnerability": "VCID-8ra7-fpsb-5ye8" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-aauw-24tq-nfdc" }, { "vulnerability": "VCID-gygt-yqzu-tqgd" }, { "vulnerability": "VCID-mpz4-6qzq-9ycm" }, { "vulnerability": "VCID-pe9e-5tw4-rfbf" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-t2ns-jx1q-2fek" }, { "vulnerability": "VCID-ts5d-j1mw-dqbg" }, { "vulnerability": "VCID-wauh-sfrw-mbff" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-modules-java8@2.10.4-2.redhat_00004.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/338850?format=api", "purl": "pkg:rpm/redhat/eap7-resteasy@3.0.27-1.Final_redhat_00001.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4n15-13mm-sqfr" }, { "vulnerability": "VCID-5awv-7w7c-sfgn" }, { "vulnerability": "VCID-7zr2-u3f1-jqd1" }, { "vulnerability": "VCID-8ra7-fpsb-5ye8" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-9wy4-n4u7-pycp" }, { "vulnerability": "VCID-aauw-24tq-nfdc" }, { "vulnerability": "VCID-dach-1bmd-67eb" }, { "vulnerability": "VCID-djr3-bksw-ruc5" }, { "vulnerability": "VCID-e865-k4uj-u7dc" }, { "vulnerability": "VCID-gygt-yqzu-tqgd" }, { "vulnerability": "VCID-pe9e-5tw4-rfbf" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-t2ns-jx1q-2fek" }, { "vulnerability": "VCID-ts5d-j1mw-dqbg" }, { "vulnerability": "VCID-wauh-sfrw-mbff" }, { "vulnerability": "VCID-yn5b-b6qq-xffs" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-resteasy@3.0.27-1.Final_redhat_00001.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/338840?format=api", "purl": "pkg:rpm/redhat/eap7-resteasy@3.11.6-1.Final_redhat_00001.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1b3e-49vk-27h2" }, { "vulnerability": "VCID-5awv-7w7c-sfgn" }, { "vulnerability": "VCID-8ra7-fpsb-5ye8" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-aauw-24tq-nfdc" }, { "vulnerability": "VCID-gygt-yqzu-tqgd" }, { "vulnerability": "VCID-mpz4-6qzq-9ycm" }, { "vulnerability": "VCID-pe9e-5tw4-rfbf" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-t2ns-jx1q-2fek" }, { "vulnerability": "VCID-ts5d-j1mw-dqbg" }, { "vulnerability": "VCID-wauh-sfrw-mbff" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-resteasy@3.11.6-1.Final_redhat_00001.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/338849?format=api", "purl": "pkg:rpm/redhat/eap7-snakeyaml@1.33.0-1.SP1_redhat_00001.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1b3e-49vk-27h2" }, { "vulnerability": "VCID-5awv-7w7c-sfgn" }, { "vulnerability": "VCID-aauw-24tq-nfdc" }, { "vulnerability": "VCID-gygt-yqzu-tqgd" }, { "vulnerability": "VCID-mpz4-6qzq-9ycm" }, { "vulnerability": "VCID-pe9e-5tw4-rfbf" }, { "vulnerability": "VCID-t2ns-jx1q-2fek" }, { "vulnerability": "VCID-ts5d-j1mw-dqbg" }, { "vulnerability": "VCID-wauh-sfrw-mbff" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-snakeyaml@1.33.0-1.SP1_redhat_00001.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/338856?format=api", "purl": "pkg:rpm/redhat/eap7-snakeyaml@1.33.0-1.SP1_redhat_00001.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5awv-7w7c-sfgn" }, { "vulnerability": "VCID-8ra7-fpsb-5ye8" }, { "vulnerability": "VCID-aauw-24tq-nfdc" }, { "vulnerability": "VCID-pe9e-5tw4-rfbf" }, { "vulnerability": "VCID-ts5d-j1mw-dqbg" }, { "vulnerability": "VCID-wauh-sfrw-mbff" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-snakeyaml@1.33.0-1.SP1_redhat_00001.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/338717?format=api", "purl": "pkg:rpm/redhat/eap7-snakeyaml@1.33.0-2.SP1_redhat_00001.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-87j6-anzh-2uf1" }, { "vulnerability": "VCID-kde4-epw8-w7c8" }, { "vulnerability": "VCID-wdvr-ddjy-27as" }, { "vulnerability": "VCID-wujp-7kc4-2ycb" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-snakeyaml@1.33.0-2.SP1_redhat_00001.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/338737?format=api", "purl": "pkg:rpm/redhat/eap7-snakeyaml@1.33.0-2.SP1_redhat_00001.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-87j6-anzh-2uf1" }, { "vulnerability": "VCID-kde4-epw8-w7c8" }, { "vulnerability": "VCID-wdvr-ddjy-27as" }, { "vulnerability": "VCID-wujp-7kc4-2ycb" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-snakeyaml@1.33.0-2.SP1_redhat_00001.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/338757?format=api", "purl": "pkg:rpm/redhat/eap7-snakeyaml@1.33.0-2.SP1_redhat_00001.1?arch=el9eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-87j6-anzh-2uf1" }, { "vulnerability": "VCID-kde4-epw8-w7c8" }, { "vulnerability": "VCID-wdvr-ddjy-27as" }, { "vulnerability": "VCID-wujp-7kc4-2ycb" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-snakeyaml@1.33.0-2.SP1_redhat_00001.1%3Farch=el9eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/338945?format=api", "purl": "pkg:rpm/redhat/jenkins-2-plugins@4.9.1675668922-1?arch=el8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hvx-2h1t-n7hj" }, { "vulnerability": "VCID-24zg-76th-b7a9" }, { "vulnerability": "VCID-282p-1cbn-1ydr" }, { "vulnerability": "VCID-2ef9-4t7c-9kd6" }, { "vulnerability": "VCID-2gbh-nhbd-vyb3" }, { "vulnerability": "VCID-44sb-6uzy-3be8" }, { "vulnerability": "VCID-6edu-x9e7-mqg4" }, { "vulnerability": "VCID-6fdz-pavg-uydu" }, { "vulnerability": "VCID-79jf-4v34-5feg" }, { "vulnerability": "VCID-8drq-ax12-d7h5" }, { "vulnerability": "VCID-f9a3-vz93-zqcq" }, { "vulnerability": "VCID-kshy-a9qd-9ue3" }, { "vulnerability": "VCID-pae5-c62h-q7a9" }, { "vulnerability": "VCID-pe9e-5tw4-rfbf" }, { "vulnerability": "VCID-r8x8-fygj-77bn" }, { "vulnerability": "VCID-udcj-gpwk-uudj" }, { "vulnerability": "VCID-vftd-1z64-mba7" }, { "vulnerability": "VCID-vm4d-svqb-dfh6" }, { "vulnerability": "VCID-vyvx-hyzd-zkan" }, { "vulnerability": "VCID-wbwg-kc2b-4qhc" }, { "vulnerability": "VCID-xsy5-wuvz-juh6" }, { "vulnerability": "VCID-yw72-1mwb-bqdc" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" }, { "vulnerability": "VCID-zwkg-gh5x-t7a4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jenkins-2-plugins@4.9.1675668922-1%3Farch=el8" }, { "url": "http://public2.vulnerablecode.io/api/packages/339106?format=api", "purl": "pkg:rpm/redhat/jenkins-2-plugins@4.10.1675407676-1?arch=el8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jenkins-2-plugins@4.10.1675407676-1%3Farch=el8" }, { "url": "http://public2.vulnerablecode.io/api/packages/338444?format=api", "purl": "pkg:rpm/redhat/jenkins-2-plugins@4.11.1683009941-1?arch=el8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-282p-1cbn-1ydr" }, { "vulnerability": "VCID-2ef9-4t7c-9kd6" }, { "vulnerability": "VCID-2gbh-nhbd-vyb3" }, { "vulnerability": "VCID-6edu-x9e7-mqg4" }, { "vulnerability": "VCID-6js7-4nr1-tfe9" }, { "vulnerability": "VCID-767j-pk7s-sfdd" }, { "vulnerability": "VCID-79jf-4v34-5feg" }, { "vulnerability": "VCID-f9a3-vz93-zqcq" }, { "vulnerability": "VCID-hhvt-b749-rub6" }, { "vulnerability": "VCID-pe9e-5tw4-rfbf" }, { "vulnerability": "VCID-ts5d-j1mw-dqbg" }, { "vulnerability": "VCID-udcj-gpwk-uudj" }, { "vulnerability": "VCID-ueg1-ww9r-u7gm" }, { "vulnerability": "VCID-vm4d-svqb-dfh6" }, { "vulnerability": "VCID-vyvx-hyzd-zkan" }, { "vulnerability": "VCID-wrx9-uc8e-9fch" }, { "vulnerability": "VCID-xsy5-wuvz-juh6" }, { "vulnerability": "VCID-yw72-1mwb-bqdc" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" }, { "vulnerability": "VCID-zwkg-gh5x-t7a4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jenkins-2-plugins@4.11.1683009941-1%3Farch=el8" }, { "url": "http://public2.vulnerablecode.io/api/packages/336652?format=api", "purl": "pkg:rpm/redhat/jenkins-2-plugins@4.11.1698299029-1?arch=el8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6js7-4nr1-tfe9" }, { "vulnerability": "VCID-ggkj-1b25-kyb9" }, { "vulnerability": "VCID-hhvt-b749-rub6" }, { "vulnerability": "VCID-ts5d-j1mw-dqbg" }, { "vulnerability": "VCID-ueg1-ww9r-u7gm" }, { "vulnerability": "VCID-wrx9-uc8e-9fch" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jenkins-2-plugins@4.11.1698299029-1%3Farch=el8" }, { "url": "http://public2.vulnerablecode.io/api/packages/337214?format=api", "purl": "pkg:rpm/redhat/jenkins-2-plugins@4.11.1706516946-1?arch=el8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6js7-4nr1-tfe9" }, { "vulnerability": "VCID-6xxy-hbns-muak" }, { "vulnerability": "VCID-hhvt-b749-rub6" }, { "vulnerability": "VCID-ts5d-j1mw-dqbg" }, { "vulnerability": "VCID-ueg1-ww9r-u7gm" }, { "vulnerability": "VCID-wrx9-uc8e-9fch" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jenkins-2-plugins@4.11.1706516946-1%3Farch=el8" }, { "url": "http://public2.vulnerablecode.io/api/packages/339105?format=api", "purl": "pkg:rpm/redhat/prometheus-jmx-exporter@0.12.0-9?arch=el8_7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/prometheus-jmx-exporter@0.12.0-9%3Farch=el8_7" }, { "url": "http://public2.vulnerablecode.io/api/packages/338384?format=api", "purl": "pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1?arch=el9sso", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1b3e-49vk-27h2" }, { "vulnerability": "VCID-486s-u7j8-83e2" }, { "vulnerability": "VCID-4ue8-9kcp-uqah" }, { "vulnerability": "VCID-6bhd-zdh5-5qgz" }, { "vulnerability": "VCID-6m6w-vs31-byea" }, { "vulnerability": "VCID-8ra7-fpsb-5ye8" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-c2nr-hks8-4qg1" }, { "vulnerability": "VCID-ejyg-88gf-sfbh" }, { "vulnerability": "VCID-f9a3-vz93-zqcq" }, { "vulnerability": "VCID-fh9y-kdy5-guau" }, { "vulnerability": "VCID-g5u6-4zxh-8ucn" }, { "vulnerability": "VCID-gvc5-rtu7-eueb" }, { "vulnerability": "VCID-jp51-ftxv-4ud9" }, { "vulnerability": "VCID-kufg-z717-b7hm" }, { "vulnerability": "VCID-mdgs-etkz-abgd" }, { "vulnerability": "VCID-p8q4-rr16-6ycg" }, { "vulnerability": "VCID-pe9e-5tw4-rfbf" }, { "vulnerability": "VCID-pn4q-88ty-pbay" }, { "vulnerability": "VCID-qvs4-a8b6-2uht" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-s53x-qyc6-bfcn" }, { "vulnerability": "VCID-t2ns-jx1q-2fek" }, { "vulnerability": "VCID-tyy7-1dkf-uufg" }, { "vulnerability": "VCID-v2tp-rt89-6ydw" }, { "vulnerability": "VCID-v9w8-12zc-9ycn" }, { "vulnerability": "VCID-vnt9-r111-33h3" }, { "vulnerability": "VCID-xvj8-jwkd-6ubd" }, { "vulnerability": "VCID-yb9d-mbgp-dfam" }, { "vulnerability": "VCID-zha3-5yra-sfae" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1%3Farch=el9sso" }, { "url": "http://public2.vulnerablecode.io/api/packages/338385?format=api", "purl": "pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1?arch=el7sso", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1b3e-49vk-27h2" }, { "vulnerability": "VCID-486s-u7j8-83e2" }, { "vulnerability": "VCID-4ue8-9kcp-uqah" }, { "vulnerability": "VCID-6bhd-zdh5-5qgz" }, { "vulnerability": "VCID-6m6w-vs31-byea" }, { "vulnerability": "VCID-8ra7-fpsb-5ye8" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-c2nr-hks8-4qg1" }, { "vulnerability": "VCID-ejyg-88gf-sfbh" }, { "vulnerability": "VCID-f9a3-vz93-zqcq" }, { "vulnerability": "VCID-fh9y-kdy5-guau" }, { "vulnerability": "VCID-g5u6-4zxh-8ucn" }, { "vulnerability": "VCID-gvc5-rtu7-eueb" }, { "vulnerability": "VCID-jp51-ftxv-4ud9" }, { "vulnerability": "VCID-kufg-z717-b7hm" }, { "vulnerability": "VCID-mdgs-etkz-abgd" }, { "vulnerability": "VCID-p8q4-rr16-6ycg" }, { "vulnerability": "VCID-pe9e-5tw4-rfbf" }, { "vulnerability": "VCID-pn4q-88ty-pbay" }, { "vulnerability": "VCID-qvs4-a8b6-2uht" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-s53x-qyc6-bfcn" }, { "vulnerability": "VCID-t2ns-jx1q-2fek" }, { "vulnerability": "VCID-tyy7-1dkf-uufg" }, { "vulnerability": "VCID-v2tp-rt89-6ydw" }, { "vulnerability": "VCID-v9w8-12zc-9ycn" }, { "vulnerability": "VCID-vnt9-r111-33h3" }, { "vulnerability": "VCID-xvj8-jwkd-6ubd" }, { "vulnerability": "VCID-yb9d-mbgp-dfam" }, { "vulnerability": "VCID-zha3-5yra-sfae" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1%3Farch=el7sso" }, { "url": "http://public2.vulnerablecode.io/api/packages/338383?format=api", "purl": "pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1?arch=el8sso", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1b3e-49vk-27h2" }, { "vulnerability": "VCID-486s-u7j8-83e2" }, { "vulnerability": "VCID-4ue8-9kcp-uqah" }, { "vulnerability": "VCID-6bhd-zdh5-5qgz" }, { "vulnerability": "VCID-6m6w-vs31-byea" }, { "vulnerability": "VCID-8ra7-fpsb-5ye8" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-c2nr-hks8-4qg1" }, { "vulnerability": "VCID-ejyg-88gf-sfbh" }, { "vulnerability": "VCID-f9a3-vz93-zqcq" }, { "vulnerability": "VCID-fh9y-kdy5-guau" }, { "vulnerability": "VCID-g5u6-4zxh-8ucn" }, { "vulnerability": "VCID-gvc5-rtu7-eueb" }, { "vulnerability": "VCID-jp51-ftxv-4ud9" }, { "vulnerability": "VCID-kufg-z717-b7hm" }, { "vulnerability": "VCID-mdgs-etkz-abgd" }, { "vulnerability": "VCID-p8q4-rr16-6ycg" }, { "vulnerability": "VCID-pe9e-5tw4-rfbf" }, { "vulnerability": "VCID-pn4q-88ty-pbay" }, { "vulnerability": "VCID-qvs4-a8b6-2uht" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-s53x-qyc6-bfcn" }, { "vulnerability": "VCID-t2ns-jx1q-2fek" }, { "vulnerability": "VCID-tyy7-1dkf-uufg" }, { "vulnerability": "VCID-v2tp-rt89-6ydw" }, { "vulnerability": "VCID-v9w8-12zc-9ycn" }, { "vulnerability": "VCID-vnt9-r111-33h3" }, { "vulnerability": "VCID-xvj8-jwkd-6ubd" }, { "vulnerability": "VCID-yb9d-mbgp-dfam" }, { "vulnerability": "VCID-zha3-5yra-sfae" }, { "vulnerability": "VCID-zpc9-qmnr-ckga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1%3Farch=el8sso" } ], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1471.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1471.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1471", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.93849", "scoring_system": "epss", "scoring_elements": "0.99876", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1471" }, { "reference_url": "https://bitbucket.org/snakeyaml/snakeyaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bitbucket.org/snakeyaml/snakeyaml" }, { "reference_url": "https://bitbucket.org/snakeyaml/snakeyaml/commits/5014df1a36f50aca54405bb8433bc99a8847f758", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bitbucket.org/snakeyaml/snakeyaml/commits/5014df1a36f50aca54405bb8433bc99a8847f758" }, { "reference_url": "https://bitbucket.org/snakeyaml/snakeyaml/commits/acc44099f5f4af26ff86b4e4e4cc1c874e2dc5c4", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bitbucket.org/snakeyaml/snakeyaml/commits/acc44099f5f4af26ff86b4e4e4cc1c874e2dc5c4" }, { "reference_url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64634374", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64634374" }, { "reference_url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64876314", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64876314" }, { "reference_url": "https://bitbucket.org/snakeyaml/snakeyaml/wiki/CVE-2022-1471", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bitbucket.org/snakeyaml/snakeyaml/wiki/CVE-2022-1471" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1471", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1471" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230818-0015", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20230818-0015" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006" }, { "reference_url": "https://snyk.io/blog/unsafe-deserialization-snakeyaml-java-cve-2022-1471", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://snyk.io/blog/unsafe-deserialization-snakeyaml-java-cve-2022-1471" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/11/19/1", "reference_id": "1", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/11/19/1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009", "reference_id": "2150009", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009" }, { "reference_url": "https://confluence.atlassian.com/security/cve-2022-1471-snakeyaml-library-rce-vulnerability-in-multiple-products-1296171009.html", "reference_id": "cve-2022-1471-snakeyaml-library-rce-vulnerability-in-multiple-products-1296171009.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/" } ], "url": "https://confluence.atlassian.com/security/cve-2022-1471-snakeyaml-library-rce-vulnerability-in-multiple-products-1296171009.html" }, { "reference_url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64581479", "reference_id": "cve-2022-1471-vulnerability-in#comment-64581479", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/" } ], "url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64581479" }, { "reference_url": "https://infosecwriteups.com/%EF%B8%8F-inside-the-160-comment-fight-to-fix-snakeyamls-rce-default-1a20c5ca4d4c", "reference_id": "%EF%B8%8F-inside-the-160-comment-fight-to-fix-snakeyamls-rce-default-1a20c5ca4d4c", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/" } ], "url": "https://infosecwriteups.com/%EF%B8%8F-inside-the-160-comment-fight-to-fix-snakeyamls-rce-default-1a20c5ca4d4c" }, { "reference_url": "https://github.com/advisories/GHSA-mjmj-j48q-9wg2", "reference_id": "GHSA-mjmj-j48q-9wg2", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mjmj-j48q-9wg2" }, { "reference_url": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2", "reference_id": "GHSA-mjmj-j48q-9wg2", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/" } ], "url": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2" }, { "reference_url": "https://github.com/mbechler/marshalsec", "reference_id": "marshalsec", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/" } ], "url": "https://github.com/mbechler/marshalsec" }, { "reference_url": "https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", "reference_id": "marshalsec.pdf?raw=true", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/" } ], "url": "https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true" }, { "reference_url": "https://groups.google.com/g/kubernetes-security-announce/c/mwrakFaEdnc", "reference_id": "mwrakFaEdnc", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/" } ], "url": "https://groups.google.com/g/kubernetes-security-announce/c/mwrakFaEdnc" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230818-0015/", "reference_id": "ntap-20230818-0015", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230818-0015/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006/", "reference_id": "ntap-20240621-0006", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" }, { "reference_url": "http://packetstormsecurity.com/files/175095/PyTorch-Model-Server-Registration-Deserialization-Remote-Code-Execution.html", "reference_id": "PyTorch-Model-Server-Registration-Deserialization-Remote-Code-Execution.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/" } ], "url": "http://packetstormsecurity.com/files/175095/PyTorch-Model-Server-Registration-Deserialization-Remote-Code-Execution.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:9032", "reference_id": "RHSA-2022:9032", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:9032" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:9058", "reference_id": "RHSA-2022:9058", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:9058" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0697", "reference_id": "RHSA-2023:0697", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0697" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0758", "reference_id": "RHSA-2023:0758", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0758" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0777", "reference_id": "RHSA-2023:0777", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0777" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1006", "reference_id": "RHSA-2023:1006", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1043", "reference_id": "RHSA-2023:1043", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1043" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1044", "reference_id": "RHSA-2023:1044", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1044" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1045", "reference_id": "RHSA-2023:1045", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1045" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1047", "reference_id": "RHSA-2023:1047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1049", "reference_id": "RHSA-2023:1049", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1049" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1512", "reference_id": "RHSA-2023:1512", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1512" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1513", "reference_id": "RHSA-2023:1513", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1513" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1514", "reference_id": "RHSA-2023:1514", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1514" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1516", "reference_id": "RHSA-2023:1516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2097", "reference_id": "RHSA-2023:2097", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2097" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3198", "reference_id": "RHSA-2023:3198", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3198" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4612", "reference_id": "RHSA-2023:4612", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4612" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5165", "reference_id": "RHSA-2023:5165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6171", "reference_id": "RHSA-2023:6171", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6171" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7697", "reference_id": "RHSA-2023:7697", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7697" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0325", "reference_id": "RHSA-2024:0325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0775", "reference_id": "RHSA-2024:0775", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0775" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1353", "reference_id": "RHSA-2024:1353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1746", "reference_id": "RHSA-2025:1746", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1746" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1747", "reference_id": "RHSA-2025:1747", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1747" } ], "weaknesses": [ { "cwe_id": 20, "name": "Improper Input Validation", "description": "The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly." }, { "cwe_id": 502, "name": "Deserialization of Untrusted Data", "description": "The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." } ], "exploits": [ { "date_added": null, "description": "The PyTorch model server contains multiple vulnerabilities that can be chained together to permit an\n unauthenticated remote attacker arbitrary Java code execution. The first vulnerability is that the management\n interface is bound to all IP addresses and not just the loop back interface as the documentation suggests. The\n second vulnerability (CVE-2023-43654) allows attackers with access to the management interface to register MAR\n model files from arbitrary servers. The third vulnerability is that when an MAR file is loaded, it can contain a\n YAML configuration file that when deserialized by snakeyaml, can lead to loading an arbitrary Java class.", "required_action": null, "due_date": null, "notes": "Stability:\n - crash-safe\nSideEffects:\n - ioc-in-logs\nReliability:\n - repeatable-session\n", "known_ransomware_campaign_use": false, "source_date_published": "2023-10-03", "exploit_type": null, "platform": "Java", "source_date_updated": null, "data_source": "Metasploit", "source_url": "https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/multi/http/torchserver_cve_2023_43654.rb" } ], "severity_range_score": "7.0 - 9.8", "exploitability": "2.0", "weighted_severity": "8.8", "risk_score": 10.0, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zpc9-qmnr-ckga" }