Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-8977-tjss-w7ba

Summary

Incomplete fix for Apache Log4j vulnerability
The fix to address [CVE-2021-44228](https://nvd.nist.gov/vuln/detail/CVE-2021-44228) in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allow attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with either a Context Lookup (for example, $${ctx:loginId}) or a Thread Context Map pattern (%X, %mdc, or %MDC) to craft malicious input data using a JNDI Lookup pattern resulting in a remote code execution (RCE) attack.

Aliases

alias	CVE-2021-45046

alias	GHSA-7rjr-3q55-vv33

Fixed_packages

url	pkg:deb/debian/apache-log4j2@2.16.0-1~deb11u1?distro=trixie
purl	pkg:deb/debian/apache-log4j2@2.16.0-1~deb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j2@2.16.0-1~deb11u1%3Fdistro=trixie

url	pkg:deb/debian/apache-log4j2@2.16.0-1?distro=trixie
purl	pkg:deb/debian/apache-log4j2@2.16.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j2@2.16.0-1%3Fdistro=trixie

url pkg:deb/debian/apache-log4j2@2.17.1-1~deb10u1

purl pkg:deb/debian/apache-log4j2@2.17.1-1~deb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gcyx-fdns-k3bt

vulnerability	VCID-r67p-yqg2-9bbq

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j2@2.17.1-1~deb10u1

url	pkg:deb/debian/apache-log4j2@2.17.1-1~deb11u1?distro=trixie
purl	pkg:deb/debian/apache-log4j2@2.17.1-1~deb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j2@2.17.1-1~deb11u1%3Fdistro=trixie

url pkg:deb/debian/apache-log4j2@2.19.0-2?distro=trixie

purl pkg:deb/debian/apache-log4j2@2.19.0-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gcyx-fdns-k3bt

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j2@2.19.0-2%3Fdistro=trixie

url	pkg:ebuild/net-wireless/unifi@6.5.55
purl	pkg:ebuild/net-wireless/unifi@6.5.55
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/net-wireless/unifi@6.5.55

url pkg:maven/org.apache.logging.log4j/log4j@2.3.1

purl pkg:maven/org.apache.logging.log4j/log4j@2.3.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-74dr-6hxt-tbgu

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-mz9r-j78c-dfe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.3.1

url	pkg:maven/org.apache.logging.log4j/log4j@2.12.3
purl	pkg:maven/org.apache.logging.log4j/log4j@2.12.3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.12.3

url	pkg:maven/org.apache.logging.log4j/log4j@2.17.0
purl	pkg:maven/org.apache.logging.log4j/log4j@2.17.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.17.0

url pkg:maven/org.apache.logging.log4j/log4j-core@2.12.2

purl pkg:maven/org.apache.logging.log4j/log4j-core@2.12.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gcyx-fdns-k3bt

vulnerability	VCID-mz9r-j78c-dfe3

vulnerability	VCID-r67p-yqg2-9bbq

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.12.2

url pkg:maven/org.apache.logging.log4j/log4j-core@2.16.0

purl pkg:maven/org.apache.logging.log4j/log4j-core@2.16.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gcyx-fdns-k3bt

vulnerability	VCID-r67p-yqg2-9bbq

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.16.0

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.9.2

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.9.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gnhu-4afv-pfhy

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.9.2

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.8

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gnhu-4afv-pfhy

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.8

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.11

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.11

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.12

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.12

Affected_packages

url pkg:deb/debian/apache-log4j2@2.0~beta9-1

purl pkg:deb/debian/apache-log4j2@2.0~beta9-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-74dr-6hxt-tbgu

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gcyx-fdns-k3bt

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-mz9r-j78c-dfe3

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j2@2.0~beta9-1

url pkg:deb/debian/apache-log4j2@2.7-2

purl pkg:deb/debian/apache-log4j2@2.7-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gcyx-fdns-k3bt

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-mz9r-j78c-dfe3

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j2@2.7-2

url pkg:maven/org.apache.logging.log4j/log4j@2.0

purl pkg:maven/org.apache.logging.log4j/log4j@2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-74dr-6hxt-tbgu

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-mz9r-j78c-dfe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.0

url pkg:maven/org.apache.logging.log4j/log4j@2.0.1

purl pkg:maven/org.apache.logging.log4j/log4j@2.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-74dr-6hxt-tbgu

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-mz9r-j78c-dfe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.0.1

url pkg:maven/org.apache.logging.log4j/log4j@2.0.2

purl pkg:maven/org.apache.logging.log4j/log4j@2.0.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-74dr-6hxt-tbgu

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-mz9r-j78c-dfe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.0.2

url pkg:maven/org.apache.logging.log4j/log4j@2.1

purl pkg:maven/org.apache.logging.log4j/log4j@2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-74dr-6hxt-tbgu

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-mz9r-j78c-dfe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.1

url pkg:maven/org.apache.logging.log4j/log4j@2.2

purl pkg:maven/org.apache.logging.log4j/log4j@2.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-74dr-6hxt-tbgu

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-mz9r-j78c-dfe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.2

url pkg:maven/org.apache.logging.log4j/log4j@2.3

purl pkg:maven/org.apache.logging.log4j/log4j@2.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-74dr-6hxt-tbgu

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-mz9r-j78c-dfe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.3

url pkg:maven/org.apache.logging.log4j/log4j@2.4

purl pkg:maven/org.apache.logging.log4j/log4j@2.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-74dr-6hxt-tbgu

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-mz9r-j78c-dfe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.4

url pkg:maven/org.apache.logging.log4j/log4j@2.4.1

purl pkg:maven/org.apache.logging.log4j/log4j@2.4.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-74dr-6hxt-tbgu

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-mz9r-j78c-dfe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.4.1

url pkg:maven/org.apache.logging.log4j/log4j@2.5

purl pkg:maven/org.apache.logging.log4j/log4j@2.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-74dr-6hxt-tbgu

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-mz9r-j78c-dfe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.5

url pkg:maven/org.apache.logging.log4j/log4j@2.6

purl pkg:maven/org.apache.logging.log4j/log4j@2.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-74dr-6hxt-tbgu

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-mz9r-j78c-dfe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.6

url pkg:maven/org.apache.logging.log4j/log4j@2.6.1

purl pkg:maven/org.apache.logging.log4j/log4j@2.6.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-74dr-6hxt-tbgu

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-mz9r-j78c-dfe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.6.1

url pkg:maven/org.apache.logging.log4j/log4j@2.6.2

purl pkg:maven/org.apache.logging.log4j/log4j@2.6.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-74dr-6hxt-tbgu

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-mz9r-j78c-dfe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.6.2

url pkg:maven/org.apache.logging.log4j/log4j@2.7

purl pkg:maven/org.apache.logging.log4j/log4j@2.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-74dr-6hxt-tbgu

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-mz9r-j78c-dfe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.7

url pkg:maven/org.apache.logging.log4j/log4j@2.8

purl pkg:maven/org.apache.logging.log4j/log4j@2.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-74dr-6hxt-tbgu

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-mz9r-j78c-dfe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.8

url pkg:maven/org.apache.logging.log4j/log4j@2.8.1

purl pkg:maven/org.apache.logging.log4j/log4j@2.8.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-74dr-6hxt-tbgu

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-mz9r-j78c-dfe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.8.1

url pkg:maven/org.apache.logging.log4j/log4j@2.8.2

purl pkg:maven/org.apache.logging.log4j/log4j@2.8.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-mz9r-j78c-dfe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.8.2

url pkg:maven/org.apache.logging.log4j/log4j@2.9.0

purl pkg:maven/org.apache.logging.log4j/log4j@2.9.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-mz9r-j78c-dfe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.9.0

url pkg:maven/org.apache.logging.log4j/log4j@2.9.1

purl pkg:maven/org.apache.logging.log4j/log4j@2.9.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-mz9r-j78c-dfe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.9.1

url pkg:maven/org.apache.logging.log4j/log4j@2.10.0

purl pkg:maven/org.apache.logging.log4j/log4j@2.10.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-mz9r-j78c-dfe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.10.0

url pkg:maven/org.apache.logging.log4j/log4j@2.11.0

purl pkg:maven/org.apache.logging.log4j/log4j@2.11.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-mz9r-j78c-dfe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.11.0

url pkg:maven/org.apache.logging.log4j/log4j@2.11.1

purl pkg:maven/org.apache.logging.log4j/log4j@2.11.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-mz9r-j78c-dfe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.11.1

url pkg:maven/org.apache.logging.log4j/log4j@2.11.2

purl pkg:maven/org.apache.logging.log4j/log4j@2.11.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-mz9r-j78c-dfe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.11.2

url pkg:maven/org.apache.logging.log4j/log4j@2.12.0

purl pkg:maven/org.apache.logging.log4j/log4j@2.12.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-mz9r-j78c-dfe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.12.0

url pkg:maven/org.apache.logging.log4j/log4j@2.12.1

purl pkg:maven/org.apache.logging.log4j/log4j@2.12.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-mz9r-j78c-dfe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.12.1

url pkg:maven/org.apache.logging.log4j/log4j@2.12.2

purl pkg:maven/org.apache.logging.log4j/log4j@2.12.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-mz9r-j78c-dfe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.12.2

url pkg:maven/org.apache.logging.log4j/log4j@2.13

purl pkg:maven/org.apache.logging.log4j/log4j@2.13

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.13

url pkg:maven/org.apache.logging.log4j/log4j@2.13.0

purl pkg:maven/org.apache.logging.log4j/log4j@2.13.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-mz9r-j78c-dfe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.13.0

url pkg:maven/org.apache.logging.log4j/log4j@2.13.1

purl pkg:maven/org.apache.logging.log4j/log4j@2.13.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-mz9r-j78c-dfe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.13.1

url pkg:maven/org.apache.logging.log4j/log4j@2.13.2

purl pkg:maven/org.apache.logging.log4j/log4j@2.13.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-jwav-88m7-6fhz

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.13.2

url pkg:maven/org.apache.logging.log4j/log4j@2.13.3

purl pkg:maven/org.apache.logging.log4j/log4j@2.13.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-jwav-88m7-6fhz

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.13.3

url pkg:maven/org.apache.logging.log4j/log4j@2.14.0

purl pkg:maven/org.apache.logging.log4j/log4j@2.14.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-jwav-88m7-6fhz

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.14.0

url pkg:maven/org.apache.logging.log4j/log4j@2.14.1

purl pkg:maven/org.apache.logging.log4j/log4j@2.14.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-jwav-88m7-6fhz

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.14.1

url pkg:maven/org.apache.logging.log4j/log4j@2.15.0

purl pkg:maven/org.apache.logging.log4j/log4j@2.15.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.15.0

url pkg:maven/org.apache.logging.log4j/log4j@2.16.0

purl pkg:maven/org.apache.logging.log4j/log4j@2.16.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.16.0

url pkg:maven/org.apache.logging.log4j/log4j-core@2.13.0

purl pkg:maven/org.apache.logging.log4j/log4j-core@2.13.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gcyx-fdns-k3bt

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-mz9r-j78c-dfe3

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.13.0

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.0

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gnhu-4afv-pfhy

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.0

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.1

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gnhu-4afv-pfhy

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.1

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.2

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gnhu-4afv-pfhy

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.2

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.3

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gnhu-4afv-pfhy

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.3

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.4

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gnhu-4afv-pfhy

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.4

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.5

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gnhu-4afv-pfhy

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.5

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.6

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gnhu-4afv-pfhy

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.6

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.7

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gnhu-4afv-pfhy

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.7

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.9.0

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.9.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gnhu-4afv-pfhy

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.9.0

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.9.1

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.9.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gnhu-4afv-pfhy

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.9.1

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.0

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gnhu-4afv-pfhy

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.0

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.1

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gnhu-4afv-pfhy

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.1

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.2

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gnhu-4afv-pfhy

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.2

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.3

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gnhu-4afv-pfhy

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.3

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.4

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gnhu-4afv-pfhy

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.4

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.5

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gnhu-4afv-pfhy

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.5

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.6

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gnhu-4afv-pfhy

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.6

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.7

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gnhu-4afv-pfhy

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.7

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.0

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gnhu-4afv-pfhy

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.0

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.1

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gnhu-4afv-pfhy

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.1

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.2

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gnhu-4afv-pfhy

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.2

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.3

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gnhu-4afv-pfhy

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.3

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.4

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gnhu-4afv-pfhy

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.4

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.5

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gnhu-4afv-pfhy

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.5

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.6

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gnhu-4afv-pfhy

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.6

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.7

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gnhu-4afv-pfhy

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.7

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.8

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gnhu-4afv-pfhy

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.8

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.9

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gnhu-4afv-pfhy

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.9

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.10

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.10

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.0

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gnhu-4afv-pfhy

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.0

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.1

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gnhu-4afv-pfhy

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.1

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.2

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gnhu-4afv-pfhy

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.2

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.3

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gnhu-4afv-pfhy

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.3

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.4

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gnhu-4afv-pfhy

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.4

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.5

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gnhu-4afv-pfhy

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.5

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.6

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gnhu-4afv-pfhy

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.6

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.7

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gnhu-4afv-pfhy

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.7

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.8

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gnhu-4afv-pfhy

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.8

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.9

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gnhu-4afv-pfhy

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.9

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.10

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-gnhu-4afv-pfhy

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.10

url pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.11

purl pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.11

url pkg:rpm/redhat/eap7-apache-cxf@3.1.16-4.redhat_00003.1.ep7?arch=el7

purl pkg:rpm/redhat/eap7-apache-cxf@3.1.16-4.redhat_00003.1.ep7?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-j986-mtma-b3bw

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-netd-rr9e-wbg5

vulnerability	VCID-qruf-r6dc-3ugj

vulnerability	VCID-wp9q-eurd-43dx

vulnerability	VCID-xzs8-rbhd-mkbp

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-apache-cxf@3.1.16-4.redhat_00003.1.ep7%3Farch=el7

url pkg:rpm/redhat/eap7-hal-console@3.2.17-1.Final_redhat_00001.1?arch=el7eap

purl pkg:rpm/redhat/eap7-hal-console@3.2.17-1.Final_redhat_00001.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-9bk7-2rsc-nbd6

vulnerability	VCID-j986-mtma-b3bw

vulnerability	VCID-jstt-6zs3-ybew

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-netd-rr9e-wbg5

vulnerability	VCID-qruf-r6dc-3ugj

vulnerability	VCID-turp-dju7-c7fx

vulnerability	VCID-xzs8-rbhd-mkbp

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-hal-console@3.2.17-1.Final_redhat_00001.1%3Farch=el7eap

url pkg:rpm/redhat/eap7-jackson-annotations@2.10.4-2.redhat_00004.1?arch=el7eap

purl pkg:rpm/redhat/eap7-jackson-annotations@2.10.4-2.redhat_00004.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-9bk7-2rsc-nbd6

vulnerability	VCID-j986-mtma-b3bw

vulnerability	VCID-jstt-6zs3-ybew

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-netd-rr9e-wbg5

vulnerability	VCID-qruf-r6dc-3ugj

vulnerability	VCID-turp-dju7-c7fx

vulnerability	VCID-xzs8-rbhd-mkbp

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-annotations@2.10.4-2.redhat_00004.1%3Farch=el7eap

url pkg:rpm/redhat/eap7-jackson-core@2.10.4-2.redhat_00004.1?arch=el7eap

purl pkg:rpm/redhat/eap7-jackson-core@2.10.4-2.redhat_00004.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-9bk7-2rsc-nbd6

vulnerability	VCID-j986-mtma-b3bw

vulnerability	VCID-jstt-6zs3-ybew

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-netd-rr9e-wbg5

vulnerability	VCID-qruf-r6dc-3ugj

vulnerability	VCID-turp-dju7-c7fx

vulnerability	VCID-xzs8-rbhd-mkbp

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-core@2.10.4-2.redhat_00004.1%3Farch=el7eap

url pkg:rpm/redhat/eap7-jackson-databind@2.8.11.6-2.SP1_redhat_00002.1.ep7?arch=el7

purl pkg:rpm/redhat/eap7-jackson-databind@2.8.11.6-2.SP1_redhat_00002.1.ep7?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qfd-jjh1-d3fx

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-j986-mtma-b3bw

vulnerability	VCID-jvp6-892x-nkc7

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-netd-rr9e-wbg5

vulnerability	VCID-qruf-r6dc-3ugj

vulnerability	VCID-ruae-hqdg-m7ek

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-wdgx-34uc-2qa4

vulnerability	VCID-wp9q-eurd-43dx

vulnerability	VCID-xnyb-nuwm-pkdr

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-databind@2.8.11.6-2.SP1_redhat_00002.1.ep7%3Farch=el7

url pkg:rpm/redhat/eap7-jackson-databind@2.10.4-4.redhat_00004.1?arch=el7eap

purl pkg:rpm/redhat/eap7-jackson-databind@2.10.4-4.redhat_00004.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-9bk7-2rsc-nbd6

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-j986-mtma-b3bw

vulnerability	VCID-jstt-6zs3-ybew

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-netd-rr9e-wbg5

vulnerability	VCID-qruf-r6dc-3ugj

vulnerability	VCID-turp-dju7-c7fx

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-xzs8-rbhd-mkbp

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-databind@2.10.4-4.redhat_00004.1%3Farch=el7eap

url pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.10.4-2.redhat_00004.1?arch=el7eap

purl pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.10.4-2.redhat_00004.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-9bk7-2rsc-nbd6

vulnerability	VCID-j986-mtma-b3bw

vulnerability	VCID-jstt-6zs3-ybew

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-netd-rr9e-wbg5

vulnerability	VCID-qruf-r6dc-3ugj

vulnerability	VCID-turp-dju7-c7fx

vulnerability	VCID-xzs8-rbhd-mkbp

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.10.4-2.redhat_00004.1%3Farch=el7eap

url pkg:rpm/redhat/eap7-jackson-modules-base@2.10.4-4.redhat_00004.1?arch=el7eap

purl pkg:rpm/redhat/eap7-jackson-modules-base@2.10.4-4.redhat_00004.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-9bk7-2rsc-nbd6

vulnerability	VCID-j986-mtma-b3bw

vulnerability	VCID-jstt-6zs3-ybew

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-netd-rr9e-wbg5

vulnerability	VCID-qruf-r6dc-3ugj

vulnerability	VCID-turp-dju7-c7fx

vulnerability	VCID-xzs8-rbhd-mkbp

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-modules-base@2.10.4-4.redhat_00004.1%3Farch=el7eap

url pkg:rpm/redhat/eap7-jackson-modules-java8@2.10.4-2.redhat_00004.1?arch=el7eap

purl pkg:rpm/redhat/eap7-jackson-modules-java8@2.10.4-2.redhat_00004.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-9bk7-2rsc-nbd6

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-dmkc-42vj-gbhc

vulnerability	VCID-j986-mtma-b3bw

vulnerability	VCID-jstt-6zs3-ybew

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-netd-rr9e-wbg5

vulnerability	VCID-qruf-r6dc-3ugj

vulnerability	VCID-turp-dju7-c7fx

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-wp9q-eurd-43dx

vulnerability	VCID-xzs8-rbhd-mkbp

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-modules-java8@2.10.4-2.redhat_00004.1%3Farch=el7eap

url pkg:rpm/redhat/eap7-jettison@1.3.8-2.redhat_00002.1.ep7?arch=el7

purl pkg:rpm/redhat/eap7-jettison@1.3.8-2.redhat_00002.1.ep7?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-j986-mtma-b3bw

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-netd-rr9e-wbg5

vulnerability	VCID-qruf-r6dc-3ugj

vulnerability	VCID-wp9q-eurd-43dx

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jettison@1.3.8-2.redhat_00002.1.ep7%3Farch=el7

url pkg:rpm/redhat/eap7-jettison@1.5.2-2.redhat_00002.1?arch=el7eap

purl pkg:rpm/redhat/eap7-jettison@1.5.2-2.redhat_00002.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-9bk7-2rsc-nbd6

vulnerability	VCID-j986-mtma-b3bw

vulnerability	VCID-jstt-6zs3-ybew

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-netd-rr9e-wbg5

vulnerability	VCID-qruf-r6dc-3ugj

vulnerability	VCID-turp-dju7-c7fx

vulnerability	VCID-wp9q-eurd-43dx

vulnerability	VCID-xzs8-rbhd-mkbp

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jettison@1.5.2-2.redhat_00002.1%3Farch=el7eap

url pkg:rpm/redhat/eap7-log4j@2.17.1-1.redhat_00001.1?arch=el7eap

purl pkg:rpm/redhat/eap7-log4j@2.17.1-1.redhat_00001.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1vfk-arae-ubha

vulnerability	VCID-698m-2hju-2qcv

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-9k99-jzq8-fyge

vulnerability	VCID-bbq3-tx7c-yucn

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-log4j@2.17.1-1.redhat_00001.1%3Farch=el7eap

url pkg:rpm/redhat/eap7-log4j@2.17.1-1.redhat_00001.1?arch=el8eap

purl pkg:rpm/redhat/eap7-log4j@2.17.1-1.redhat_00001.1?arch=el8eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1vfk-arae-ubha

vulnerability	VCID-698m-2hju-2qcv

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-9k99-jzq8-fyge

vulnerability	VCID-bbq3-tx7c-yucn

vulnerability	VCID-r67p-yqg2-9bbq

vulnerability	VCID-sjuz-dd96-sqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-log4j@2.17.1-1.redhat_00001.1%3Farch=el8eap

url pkg:rpm/redhat/eap7-netty@4.1.63-1.Final_redhat_00002.1.ep7?arch=el7

purl pkg:rpm/redhat/eap7-netty@4.1.63-1.Final_redhat_00002.1.ep7?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-j986-mtma-b3bw

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-netd-rr9e-wbg5

vulnerability	VCID-qruf-r6dc-3ugj

vulnerability	VCID-wp9q-eurd-43dx

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-netty@4.1.63-1.Final_redhat_00002.1.ep7%3Farch=el7

url pkg:rpm/redhat/eap7-netty@4.1.63-4.Final_redhat_00002.1?arch=el7eap

purl pkg:rpm/redhat/eap7-netty@4.1.63-4.Final_redhat_00002.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-9bk7-2rsc-nbd6

vulnerability	VCID-j986-mtma-b3bw

vulnerability	VCID-jstt-6zs3-ybew

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-netd-rr9e-wbg5

vulnerability	VCID-qruf-r6dc-3ugj

vulnerability	VCID-turp-dju7-c7fx

vulnerability	VCID-xzs8-rbhd-mkbp

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-netty@4.1.63-4.Final_redhat_00002.1%3Farch=el7eap

url pkg:rpm/redhat/eap7-resteasy@3.0.27-1.Final_redhat_00001.1.ep7?arch=el7

purl pkg:rpm/redhat/eap7-resteasy@3.0.27-1.Final_redhat_00001.1.ep7?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qfd-jjh1-d3fx

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-9bk7-2rsc-nbd6

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-dmkc-42vj-gbhc

vulnerability	VCID-j986-mtma-b3bw

vulnerability	VCID-jvp6-892x-nkc7

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-netd-rr9e-wbg5

vulnerability	VCID-q6t7-9mjk-7fdd

vulnerability	VCID-qruf-r6dc-3ugj

vulnerability	VCID-ruae-hqdg-m7ek

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-wdgx-34uc-2qa4

vulnerability	VCID-wp9q-eurd-43dx

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-xzs8-rbhd-mkbp

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-resteasy@3.0.27-1.Final_redhat_00001.1.ep7%3Farch=el7

url pkg:rpm/redhat/eap7-resteasy@3.11.6-1.Final_redhat_00001.1?arch=el7eap

purl pkg:rpm/redhat/eap7-resteasy@3.11.6-1.Final_redhat_00001.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-9bk7-2rsc-nbd6

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-dmkc-42vj-gbhc

vulnerability	VCID-j986-mtma-b3bw

vulnerability	VCID-jstt-6zs3-ybew

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-netd-rr9e-wbg5

vulnerability	VCID-qruf-r6dc-3ugj

vulnerability	VCID-turp-dju7-c7fx

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-wp9q-eurd-43dx

vulnerability	VCID-xzs8-rbhd-mkbp

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-resteasy@3.11.6-1.Final_redhat_00001.1%3Farch=el7eap

url pkg:rpm/redhat/eap7-snakeyaml@1.33.0-1.SP1_redhat_00001.1?arch=el7eap

purl pkg:rpm/redhat/eap7-snakeyaml@1.33.0-1.SP1_redhat_00001.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-9bk7-2rsc-nbd6

vulnerability	VCID-dmkc-42vj-gbhc

vulnerability	VCID-j986-mtma-b3bw

vulnerability	VCID-jstt-6zs3-ybew

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-netd-rr9e-wbg5

vulnerability	VCID-qruf-r6dc-3ugj

vulnerability	VCID-turp-dju7-c7fx

vulnerability	VCID-xzs8-rbhd-mkbp

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-snakeyaml@1.33.0-1.SP1_redhat_00001.1%3Farch=el7eap

url pkg:rpm/redhat/eap7-snakeyaml@1.33.0-1.SP1_redhat_00001.1.ep7?arch=el7

purl pkg:rpm/redhat/eap7-snakeyaml@1.33.0-1.SP1_redhat_00001.1.ep7?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-dmkc-42vj-gbhc

vulnerability	VCID-j986-mtma-b3bw

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-netd-rr9e-wbg5

vulnerability	VCID-qruf-r6dc-3ugj

vulnerability	VCID-wp9q-eurd-43dx

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-snakeyaml@1.33.0-1.SP1_redhat_00001.1.ep7%3Farch=el7

url pkg:rpm/redhat/eap7-velocity@1.7.0-3.redhat_00006.1.ep7?arch=el7

purl pkg:rpm/redhat/eap7-velocity@1.7.0-3.redhat_00006.1.ep7?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-9bk7-2rsc-nbd6

vulnerability	VCID-j986-mtma-b3bw

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-netd-rr9e-wbg5

vulnerability	VCID-qruf-r6dc-3ugj

vulnerability	VCID-wp9q-eurd-43dx

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-velocity@1.7.0-3.redhat_00006.1.ep7%3Farch=el7

url pkg:rpm/redhat/eap7-wildfly@7.1.9-2.GA_redhat_00002.1.ep7?arch=el7

purl pkg:rpm/redhat/eap7-wildfly@7.1.9-2.GA_redhat_00002.1.ep7?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-j986-mtma-b3bw

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-netd-rr9e-wbg5

vulnerability	VCID-q6t7-9mjk-7fdd

vulnerability	VCID-qruf-r6dc-3ugj

vulnerability	VCID-wp9q-eurd-43dx

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly@7.1.9-2.GA_redhat_00002.1.ep7%3Farch=el7

url pkg:rpm/redhat/eap7-wildfly@7.3.12-3.GA_redhat_00002.1?arch=el7eap

purl pkg:rpm/redhat/eap7-wildfly@7.3.12-3.GA_redhat_00002.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8977-tjss-w7ba

vulnerability	VCID-9bk7-2rsc-nbd6

vulnerability	VCID-j986-mtma-b3bw

vulnerability	VCID-jstt-6zs3-ybew

vulnerability	VCID-jwav-88m7-6fhz

vulnerability	VCID-netd-rr9e-wbg5

vulnerability	VCID-qruf-r6dc-3ugj

vulnerability	VCID-turp-dju7-c7fx

vulnerability	VCID-xzs8-rbhd-mkbp

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly@7.3.12-3.GA_redhat_00002.1%3Farch=el7eap

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-45046.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-45046.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-45046

reference_id

reference_type

scores

value	0.9434
scoring_system	epss
scoring_elements	0.99954
published_at	2026-04-09T12:55:00Z

value	0.9434
scoring_system	epss
scoring_elements	0.99955
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-45046

reference_url

https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf

reference_id

reference_type

scores

value	9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	9.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/

url

https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf

reference_url

https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf

reference_id

reference_type

scores

value	9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	9.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/

url

https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf

reference_url

https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf

reference_id

reference_type

scores

value	9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	9.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/

url

https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf

reference_url

https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf

reference_id

reference_type

scores

value	9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	9.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/

url

https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45046
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45046

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EOKPQGV24RRBBI4TBZUDQMM4MEH7MXCY

reference_id

reference_type

scores

value	9.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EOKPQGV24RRBBI4TBZUDQMM4MEH7MXCY

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SIG7FZULMNK2XF6FZRU4VWYDQXNMUGAJ

reference_id

reference_type

scores

value	9.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SIG7FZULMNK2XF6FZRU4VWYDQXNMUGAJ

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EOKPQGV24RRBBI4TBZUDQMM4MEH7MXCY

reference_id

reference_type

scores

value	9.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EOKPQGV24RRBBI4TBZUDQMM4MEH7MXCY

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SIG7FZULMNK2XF6FZRU4VWYDQXNMUGAJ

reference_id

reference_type

scores

value	9.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SIG7FZULMNK2XF6FZRU4VWYDQXNMUGAJ

reference_url

https://logging.apache.org/log4j/2.x/security.html

reference_id

reference_type

scores

value	9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	9.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/

url

https://logging.apache.org/log4j/2.x/security.html

reference_url

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032

reference_id

reference_type

scores

value	9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	9.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/

url

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032

reference_url

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd

reference_id

reference_type

scores

value	9.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd

reference_url

https://security.gentoo.org/glsa/202310-16

reference_id

reference_type

scores

value	9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	9.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/

url

https://security.gentoo.org/glsa/202310-16

reference_url

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd

reference_id

reference_type

scores

value	9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	9.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/

url

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd

reference_url

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-45046

reference_id

reference_type

scores

value	9.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-45046

reference_url

https://www.cve.org/CVERecord?id=CVE-2021-44228

reference_id

reference_type

scores

value	9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	9.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/

url

https://www.cve.org/CVERecord?id=CVE-2021-44228

reference_url

https://www.debian.org/security/2021/dsa-5022

reference_id

reference_type

scores

value	9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	9.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/

url

https://www.debian.org/security/2021/dsa-5022

reference_url

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html

reference_id

reference_type

scores

value	9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	9.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/

url

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html

reference_url

https://www.kb.cert.org/vuls/id/930724

reference_id

reference_type

scores

value	9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	9.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/

url

https://www.kb.cert.org/vuls/id/930724

reference_url

https://www.openwall.com/lists/oss-security/2021/12/14/4

reference_id

reference_type

scores

value	9.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.openwall.com/lists/oss-security/2021/12/14/4

reference_url

https://www.oracle.com/security-alerts/alert-cve-2021-44228.html

reference_id

reference_type

scores

value	9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	9.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/

url

https://www.oracle.com/security-alerts/alert-cve-2021-44228.html

reference_url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_id

reference_type

scores

value	9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	9.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/

url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_id

reference_type

scores

value	9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	9.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/

url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_url

https://www.oracle.com/security-alerts/cpujul2022.html

reference_id

reference_type

scores

value	9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	9.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/

url

https://www.oracle.com/security-alerts/cpujul2022.html

reference_url

http://www.openwall.com/lists/oss-security/2021/12/14/4

reference_id

reference_type

scores

value	9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	9.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/

url

http://www.openwall.com/lists/oss-security/2021/12/14/4

reference_url

http://www.openwall.com/lists/oss-security/2021/12/15/3

reference_id

reference_type

scores

value	9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	9.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/

url

http://www.openwall.com/lists/oss-security/2021/12/15/3

reference_url

http://www.openwall.com/lists/oss-security/2021/12/18/1

reference_id

reference_type

scores

value	9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	9.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/

url

http://www.openwall.com/lists/oss-security/2021/12/18/1

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1001729
reference_id	1001729
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1001729

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2032580
reference_id	2032580
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2032580

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-45046

reference_id

CVE-2021-45046

reference_type

scores

value	9.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-45046

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EOKPQGV24RRBBI4TBZUDQMM4MEH7MXCY/

reference_id

EOKPQGV24RRBBI4TBZUDQMM4MEH7MXCY

reference_type

scores

value	9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EOKPQGV24RRBBI4TBZUDQMM4MEH7MXCY/

reference_url

https://github.com/advisories/GHSA-7rjr-3q55-vv33

reference_id

GHSA-7rjr-3q55-vv33

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-7rjr-3q55-vv33

reference_url

https://github.com/advisories/GHSA-jfh8-c2jp-5v3q

reference_id

GHSA-jfh8-c2jp-5v3q

reference_type

scores

value	9.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-jfh8-c2jp-5v3q

reference_url	https://access.redhat.com/errata/RHSA-2021:5094
reference_id	RHSA-2021:5094
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5094

reference_url	https://access.redhat.com/errata/RHSA-2021:5106
reference_id	RHSA-2021:5106
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5106

reference_url	https://access.redhat.com/errata/RHSA-2021:5107
reference_id	RHSA-2021:5107
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5107

reference_url	https://access.redhat.com/errata/RHSA-2021:5108
reference_id	RHSA-2021:5108
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5108

reference_url	https://access.redhat.com/errata/RHSA-2021:5127
reference_id	RHSA-2021:5127
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5127

reference_url	https://access.redhat.com/errata/RHSA-2021:5128
reference_id	RHSA-2021:5128
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5128

reference_url	https://access.redhat.com/errata/RHSA-2021:5129
reference_id	RHSA-2021:5129
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5129

reference_url	https://access.redhat.com/errata/RHSA-2021:5137
reference_id	RHSA-2021:5137
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5137

reference_url	https://access.redhat.com/errata/RHSA-2021:5141
reference_id	RHSA-2021:5141
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5141

reference_url	https://access.redhat.com/errata/RHSA-2021:5148
reference_id	RHSA-2021:5148
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5148

reference_url	https://access.redhat.com/errata/RHSA-2022:0083
reference_id	RHSA-2022:0083
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0083

reference_url	https://access.redhat.com/errata/RHSA-2022:0138
reference_id	RHSA-2022:0138
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0138

reference_url	https://access.redhat.com/errata/RHSA-2022:0203
reference_id	RHSA-2022:0203
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0203

reference_url	https://access.redhat.com/errata/RHSA-2022:0205
reference_id	RHSA-2022:0205
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0205

reference_url	https://access.redhat.com/errata/RHSA-2022:0216
reference_id	RHSA-2022:0216
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0216

reference_url	https://access.redhat.com/errata/RHSA-2022:0222
reference_id	RHSA-2022:0222
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0222

reference_url	https://access.redhat.com/errata/RHSA-2022:0223
reference_id	RHSA-2022:0223
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0223

reference_url	https://access.redhat.com/errata/RHSA-2022:1296
reference_id	RHSA-2022:1296
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1296

reference_url	https://access.redhat.com/errata/RHSA-2022:1297
reference_id	RHSA-2022:1297
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1297

reference_url	https://access.redhat.com/errata/RHSA-2022:1299
reference_id	RHSA-2022:1299
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1299

reference_url	https://access.redhat.com/errata/RHSA-2025:1746
reference_id	RHSA-2025:1746
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:1746

reference_url	https://access.redhat.com/errata/RHSA-2025:1747
reference_id	RHSA-2025:1747
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:1747

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SIG7FZULMNK2XF6FZRU4VWYDQXNMUGAJ/

reference_id

SIG7FZULMNK2XF6FZRU4VWYDQXNMUGAJ

reference_type

scores

value	9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SIG7FZULMNK2XF6FZRU4VWYDQXNMUGAJ/

reference_url	https://usn.ubuntu.com/5197-1/
reference_id	USN-5197-1
reference_type
scores
url	https://usn.ubuntu.com/5197-1/

Weaknesses

cwe_id	502
name	Deserialization of Untrusted Data
description	The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

cwe_id	917
name	Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
description	The product constructs all or part of an expression language (EL) statement in a framework such as a Java Server Page (JSP) using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended EL statement before it is executed.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

cwe_id	78
name	Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
description	The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

Exploits

date_added	2023-05-01
description	Apache Log4j2 contains a deserialization of untrusted data vulnerability due to the incomplete fix of CVE-2021-44228, where the Thread Context Lookup Pattern is vulnerable to remote code execution in certain non-default configurations.
required_action	Apply updates per vendor instructions.
due_date	2023-05-22
notes	https://logging.apache.org/log4j/2.x/security.html; https://nvd.nist.gov/vuln/detail/CVE-2021-45046
known_ransomware_campaign_use	`true`
source_date_published	`null`
exploit_type	`null`
platform	`null`
source_date_updated	`null`
data_source	KEV
source_url	`null`

date_added	`null`
description	Versions of Apache Log4j2 impacted by CVE-2021-44228 which allow JNDI features used in configuration, log messages, and parameters, do not protect against attacker controlled LDAP and other JNDI related endpoints. This module will scan an HTTP end point for the Log4Shell vulnerability by injecting a format message that will trigger an LDAP connection to Metasploit. This module is a generic scanner and is only capable of identifying instances that are vulnerable via one of the pre-determined HTTP request injection points. These points include HTTP headers and the HTTP request path. Known impacted software includes Apache Struts 2, VMWare VCenter, Apache James, Apache Solr, Apache Druid, Apache JSPWiki, Apache OFBiz.
required_action	`null`
due_date	`null`
notes	Stability: - crash-safe SideEffects: - ioc-in-logs AKA: - Log4Shell - LogJam Reliability: []
known_ransomware_campaign_use	`false`
source_date_published	2021-12-09
exploit_type	`null`
platform
source_date_updated	`null`
data_source	Metasploit
source_url	https://github.com/rapid7/metasploit-framework/tree/master/modules/auxiliary/scanner/http/log4shell_scanner.rb

Severity_range_score 8.1 - 10.0

Exploitability 2.0

Weighted_severity 9.0

Risk_score 10.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8977-tjss-w7ba

Vulnerability Instance