Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/11781?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11781?format=api", "vulnerability_id": "VCID-8977-tjss-w7ba", "summary": "Incomplete fix for Apache Log4j vulnerability\nThe fix to address [CVE-2021-44228](https://nvd.nist.gov/vuln/detail/CVE-2021-44228) in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allow attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with either a Context Lookup (for example, $${ctx:loginId}) or a Thread Context Map pattern (%X, %mdc, or %MDC) to craft malicious input data using a JNDI Lookup pattern resulting in a remote code execution (RCE) attack.", "aliases": [ { "alias": "CVE-2021-45046" }, { "alias": "GHSA-7rjr-3q55-vv33" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/586823?format=api", "purl": "pkg:deb/debian/apache-log4j2@2.16.0-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j2@2.16.0-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/586824?format=api", "purl": "pkg:deb/debian/apache-log4j2@2.16.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j2@2.16.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038195?format=api", "purl": "pkg:deb/debian/apache-log4j2@2.17.1-1~deb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j2@2.17.1-1~deb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/583999?format=api", "purl": "pkg:deb/debian/apache-log4j2@2.17.1-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j2@2.17.1-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/584000?format=api", "purl": "pkg:deb/debian/apache-log4j2@2.19.0-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gcyx-fdns-k3bt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j2@2.19.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/84252?format=api", "purl": "pkg:ebuild/net-wireless/unifi@6.5.55", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/net-wireless/unifi@6.5.55" }, { "url": "http://public2.vulnerablecode.io/api/packages/42108?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/42286?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.12.3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.12.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/42287?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.17.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.17.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/42060?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.12.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.12.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/42269?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.16.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.16.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/42077?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.9.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gnhu-4afv-pfhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.9.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/42078?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gnhu-4afv-pfhy" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/42299?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/42300?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.12" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038193?format=api", "purl": "pkg:deb/debian/apache-log4j2@2.0~beta9-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j2@2.0~beta9-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038194?format=api", "purl": "pkg:deb/debian/apache-log4j2@2.7-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j2@2.7-2" }, { "url": "http://public2.vulnerablecode.io/api/packages/24060?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/161111?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/24061?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/24062?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/161112?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/161113?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/42283?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/24063?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.4.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/24064?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/161114?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/161115?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/24065?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.6.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.6.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/24066?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/161116?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/24067?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.8.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.8.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/24068?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.8.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.8.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/205193?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.9.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.9.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/205194?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.9.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.9.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/205195?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.10.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/205196?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.11.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.11.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/205197?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.11.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.11.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/205198?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.11.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.11.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/205199?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.12.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/205200?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.12.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.12.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/42114?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.12.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.12.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/42285?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.13" }, { "url": "http://public2.vulnerablecode.io/api/packages/42110?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.13.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.13.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/205201?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.13.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.13.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/73344?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.13.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.13.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/274524?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.13.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.13.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/274525?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.14.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.14.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/274526?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.14.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.14.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/42115?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.15.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.15.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/274742?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.16.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.16.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/42878?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.13.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.13.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/42072?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gnhu-4afv-pfhy" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/274202?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gnhu-4afv-pfhy" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/274203?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gnhu-4afv-pfhy" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/274204?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gnhu-4afv-pfhy" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/274205?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gnhu-4afv-pfhy" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/274206?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gnhu-4afv-pfhy" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/274207?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gnhu-4afv-pfhy" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/274208?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gnhu-4afv-pfhy" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/274209?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.9.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gnhu-4afv-pfhy" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.9.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/274210?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.9.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gnhu-4afv-pfhy" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.9.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/42073?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gnhu-4afv-pfhy" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/274211?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gnhu-4afv-pfhy" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/274212?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gnhu-4afv-pfhy" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/274213?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gnhu-4afv-pfhy" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/274214?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gnhu-4afv-pfhy" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/274215?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gnhu-4afv-pfhy" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/274216?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gnhu-4afv-pfhy" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/274217?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gnhu-4afv-pfhy" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/42074?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gnhu-4afv-pfhy" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/274218?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gnhu-4afv-pfhy" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/274219?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gnhu-4afv-pfhy" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/274220?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gnhu-4afv-pfhy" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/274221?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gnhu-4afv-pfhy" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/274222?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gnhu-4afv-pfhy" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/274223?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gnhu-4afv-pfhy" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/274224?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gnhu-4afv-pfhy" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/274225?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gnhu-4afv-pfhy" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/274226?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gnhu-4afv-pfhy" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/42079?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/42076?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gnhu-4afv-pfhy" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/274227?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gnhu-4afv-pfhy" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/274228?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gnhu-4afv-pfhy" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/274229?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gnhu-4afv-pfhy" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/274230?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gnhu-4afv-pfhy" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/274231?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gnhu-4afv-pfhy" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/274232?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gnhu-4afv-pfhy" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/274233?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gnhu-4afv-pfhy" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/274234?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gnhu-4afv-pfhy" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/274235?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gnhu-4afv-pfhy" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/274236?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gnhu-4afv-pfhy" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/42080?format=api", "purl": "pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/97432?format=api", "purl": "pkg:rpm/redhat/eap7-apache-cxf@3.1.16-4.redhat_00003.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-j986-mtma-b3bw" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-netd-rr9e-wbg5" }, { "vulnerability": "VCID-qruf-r6dc-3ugj" }, { "vulnerability": "VCID-wp9q-eurd-43dx" }, { "vulnerability": "VCID-xzs8-rbhd-mkbp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-apache-cxf@3.1.16-4.redhat_00003.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/97429?format=api", "purl": "pkg:rpm/redhat/eap7-hal-console@3.2.17-1.Final_redhat_00001.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-j986-mtma-b3bw" }, { "vulnerability": "VCID-jstt-6zs3-ybew" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-netd-rr9e-wbg5" }, { "vulnerability": "VCID-qruf-r6dc-3ugj" }, { "vulnerability": "VCID-turp-dju7-c7fx" }, { "vulnerability": "VCID-xzs8-rbhd-mkbp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-hal-console@3.2.17-1.Final_redhat_00001.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/97435?format=api", "purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.10.4-2.redhat_00004.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-j986-mtma-b3bw" }, { "vulnerability": "VCID-jstt-6zs3-ybew" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-netd-rr9e-wbg5" }, { "vulnerability": "VCID-qruf-r6dc-3ugj" }, { "vulnerability": "VCID-turp-dju7-c7fx" }, { "vulnerability": "VCID-xzs8-rbhd-mkbp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-annotations@2.10.4-2.redhat_00004.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/97437?format=api", "purl": "pkg:rpm/redhat/eap7-jackson-core@2.10.4-2.redhat_00004.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-j986-mtma-b3bw" }, { "vulnerability": "VCID-jstt-6zs3-ybew" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-netd-rr9e-wbg5" }, { "vulnerability": "VCID-qruf-r6dc-3ugj" }, { "vulnerability": "VCID-turp-dju7-c7fx" }, { "vulnerability": "VCID-xzs8-rbhd-mkbp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-core@2.10.4-2.redhat_00004.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/97452?format=api", "purl": "pkg:rpm/redhat/eap7-jackson-databind@2.8.11.6-2.SP1_redhat_00002.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5qfd-jjh1-d3fx" }, { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-9h46-72hw-bkcr" }, { "vulnerability": "VCID-bydt-bkf4-rbh2" }, { "vulnerability": "VCID-j986-mtma-b3bw" }, { "vulnerability": "VCID-jvp6-892x-nkc7" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-netd-rr9e-wbg5" }, { "vulnerability": "VCID-qruf-r6dc-3ugj" }, { "vulnerability": "VCID-ruae-hqdg-m7ek" }, { "vulnerability": "VCID-v2pq-1qhm-4qb9" }, { "vulnerability": "VCID-wdgx-34uc-2qa4" }, { "vulnerability": "VCID-wp9q-eurd-43dx" }, { "vulnerability": "VCID-xnyb-nuwm-pkdr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-databind@2.8.11.6-2.SP1_redhat_00002.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/97436?format=api", "purl": "pkg:rpm/redhat/eap7-jackson-databind@2.10.4-4.redhat_00004.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-9h46-72hw-bkcr" }, { "vulnerability": "VCID-j986-mtma-b3bw" }, { "vulnerability": "VCID-jstt-6zs3-ybew" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-netd-rr9e-wbg5" }, { "vulnerability": "VCID-qruf-r6dc-3ugj" }, { "vulnerability": "VCID-turp-dju7-c7fx" }, { "vulnerability": "VCID-v2pq-1qhm-4qb9" }, { "vulnerability": "VCID-xzs8-rbhd-mkbp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-databind@2.10.4-4.redhat_00004.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/97439?format=api", "purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.10.4-2.redhat_00004.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-j986-mtma-b3bw" }, { "vulnerability": "VCID-jstt-6zs3-ybew" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-netd-rr9e-wbg5" }, { "vulnerability": "VCID-qruf-r6dc-3ugj" }, { "vulnerability": "VCID-turp-dju7-c7fx" }, { "vulnerability": "VCID-xzs8-rbhd-mkbp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.10.4-2.redhat_00004.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/97430?format=api", "purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.10.4-4.redhat_00004.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-j986-mtma-b3bw" }, { "vulnerability": "VCID-jstt-6zs3-ybew" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-netd-rr9e-wbg5" }, { "vulnerability": "VCID-qruf-r6dc-3ugj" }, { "vulnerability": "VCID-turp-dju7-c7fx" }, { "vulnerability": "VCID-xzs8-rbhd-mkbp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-modules-base@2.10.4-4.redhat_00004.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/97433?format=api", "purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.10.4-2.redhat_00004.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-9h46-72hw-bkcr" }, { "vulnerability": "VCID-dmkc-42vj-gbhc" }, { "vulnerability": "VCID-j986-mtma-b3bw" }, { "vulnerability": "VCID-jstt-6zs3-ybew" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-netd-rr9e-wbg5" }, { "vulnerability": "VCID-qruf-r6dc-3ugj" }, { "vulnerability": "VCID-turp-dju7-c7fx" }, { "vulnerability": "VCID-v2pq-1qhm-4qb9" }, { "vulnerability": "VCID-wp9q-eurd-43dx" }, { "vulnerability": "VCID-xzs8-rbhd-mkbp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-modules-java8@2.10.4-2.redhat_00004.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/97453?format=api", "purl": "pkg:rpm/redhat/eap7-jettison@1.3.8-2.redhat_00002.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-j986-mtma-b3bw" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-netd-rr9e-wbg5" }, { "vulnerability": "VCID-qruf-r6dc-3ugj" }, { "vulnerability": "VCID-wp9q-eurd-43dx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jettison@1.3.8-2.redhat_00002.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/97438?format=api", "purl": "pkg:rpm/redhat/eap7-jettison@1.5.2-2.redhat_00002.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-j986-mtma-b3bw" }, { "vulnerability": "VCID-jstt-6zs3-ybew" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-netd-rr9e-wbg5" }, { "vulnerability": "VCID-qruf-r6dc-3ugj" }, { "vulnerability": "VCID-turp-dju7-c7fx" }, { "vulnerability": "VCID-wp9q-eurd-43dx" }, { "vulnerability": "VCID-xzs8-rbhd-mkbp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jettison@1.5.2-2.redhat_00002.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/99613?format=api", "purl": "pkg:rpm/redhat/eap7-log4j@2.17.1-1.redhat_00001.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vfk-arae-ubha" }, { "vulnerability": "VCID-698m-2hju-2qcv" }, { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-9k99-jzq8-fyge" }, { "vulnerability": "VCID-bbq3-tx7c-yucn" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-log4j@2.17.1-1.redhat_00001.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/99531?format=api", "purl": "pkg:rpm/redhat/eap7-log4j@2.17.1-1.redhat_00001.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vfk-arae-ubha" }, { "vulnerability": "VCID-698m-2hju-2qcv" }, { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-9k99-jzq8-fyge" }, { "vulnerability": "VCID-bbq3-tx7c-yucn" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-log4j@2.17.1-1.redhat_00001.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/97448?format=api", "purl": "pkg:rpm/redhat/eap7-netty@4.1.63-1.Final_redhat_00002.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-j986-mtma-b3bw" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-netd-rr9e-wbg5" }, { "vulnerability": "VCID-qruf-r6dc-3ugj" }, { "vulnerability": "VCID-wp9q-eurd-43dx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-netty@4.1.63-1.Final_redhat_00002.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/97442?format=api", "purl": "pkg:rpm/redhat/eap7-netty@4.1.63-4.Final_redhat_00002.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-j986-mtma-b3bw" }, { "vulnerability": "VCID-jstt-6zs3-ybew" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-netd-rr9e-wbg5" }, { "vulnerability": "VCID-qruf-r6dc-3ugj" }, { "vulnerability": "VCID-turp-dju7-c7fx" }, { "vulnerability": "VCID-xzs8-rbhd-mkbp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-netty@4.1.63-4.Final_redhat_00002.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/97441?format=api", "purl": "pkg:rpm/redhat/eap7-resteasy@3.0.27-1.Final_redhat_00001.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5qfd-jjh1-d3fx" }, { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-9h46-72hw-bkcr" }, { "vulnerability": "VCID-bydt-bkf4-rbh2" }, { "vulnerability": "VCID-dmkc-42vj-gbhc" }, { "vulnerability": "VCID-j986-mtma-b3bw" }, { "vulnerability": "VCID-jvp6-892x-nkc7" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-netd-rr9e-wbg5" }, { "vulnerability": "VCID-q6t7-9mjk-7fdd" }, { "vulnerability": "VCID-qruf-r6dc-3ugj" }, { "vulnerability": "VCID-ruae-hqdg-m7ek" }, { "vulnerability": "VCID-v2pq-1qhm-4qb9" }, { "vulnerability": "VCID-wdgx-34uc-2qa4" }, { "vulnerability": "VCID-wp9q-eurd-43dx" }, { "vulnerability": "VCID-xnyb-nuwm-pkdr" }, { "vulnerability": "VCID-xzs8-rbhd-mkbp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-resteasy@3.0.27-1.Final_redhat_00001.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/97431?format=api", "purl": "pkg:rpm/redhat/eap7-resteasy@3.11.6-1.Final_redhat_00001.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-9h46-72hw-bkcr" }, { "vulnerability": "VCID-dmkc-42vj-gbhc" }, { "vulnerability": "VCID-j986-mtma-b3bw" }, { "vulnerability": "VCID-jstt-6zs3-ybew" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-netd-rr9e-wbg5" }, { "vulnerability": "VCID-qruf-r6dc-3ugj" }, { "vulnerability": "VCID-turp-dju7-c7fx" }, { "vulnerability": "VCID-v2pq-1qhm-4qb9" }, { "vulnerability": "VCID-wp9q-eurd-43dx" }, { "vulnerability": "VCID-xzs8-rbhd-mkbp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-resteasy@3.11.6-1.Final_redhat_00001.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/97440?format=api", "purl": "pkg:rpm/redhat/eap7-snakeyaml@1.33.0-1.SP1_redhat_00001.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-dmkc-42vj-gbhc" }, { "vulnerability": "VCID-j986-mtma-b3bw" }, { "vulnerability": "VCID-jstt-6zs3-ybew" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-netd-rr9e-wbg5" }, { "vulnerability": "VCID-qruf-r6dc-3ugj" }, { "vulnerability": "VCID-turp-dju7-c7fx" }, { "vulnerability": "VCID-xzs8-rbhd-mkbp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-snakeyaml@1.33.0-1.SP1_redhat_00001.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/97447?format=api", "purl": "pkg:rpm/redhat/eap7-snakeyaml@1.33.0-1.SP1_redhat_00001.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-dmkc-42vj-gbhc" }, { "vulnerability": "VCID-j986-mtma-b3bw" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-netd-rr9e-wbg5" }, { "vulnerability": "VCID-qruf-r6dc-3ugj" }, { "vulnerability": "VCID-wp9q-eurd-43dx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-snakeyaml@1.33.0-1.SP1_redhat_00001.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/97451?format=api", "purl": "pkg:rpm/redhat/eap7-velocity@1.7.0-3.redhat_00006.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-j986-mtma-b3bw" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-netd-rr9e-wbg5" }, { "vulnerability": "VCID-qruf-r6dc-3ugj" }, { "vulnerability": "VCID-wp9q-eurd-43dx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-velocity@1.7.0-3.redhat_00006.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/97454?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly@7.1.9-2.GA_redhat_00002.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-j986-mtma-b3bw" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-netd-rr9e-wbg5" }, { "vulnerability": "VCID-q6t7-9mjk-7fdd" }, { "vulnerability": "VCID-qruf-r6dc-3ugj" }, { "vulnerability": "VCID-wp9q-eurd-43dx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly@7.1.9-2.GA_redhat_00002.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/97434?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly@7.3.12-3.GA_redhat_00002.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-j986-mtma-b3bw" }, { "vulnerability": "VCID-jstt-6zs3-ybew" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-netd-rr9e-wbg5" }, { "vulnerability": "VCID-qruf-r6dc-3ugj" }, { "vulnerability": "VCID-turp-dju7-c7fx" }, { "vulnerability": "VCID-xzs8-rbhd-mkbp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly@7.3.12-3.GA_redhat_00002.1%3Farch=el7eap" } ], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-45046.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-45046.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-45046", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.9434", "scoring_system": "epss", "scoring_elements": "0.99954", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.9434", "scoring_system": "epss", "scoring_elements": "0.99955", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-45046" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf", "reference_id": "", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "9.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf", "reference_id": "", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "9.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf", "reference_id": "", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "9.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf", "reference_id": "", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "9.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45046", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45046" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EOKPQGV24RRBBI4TBZUDQMM4MEH7MXCY", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EOKPQGV24RRBBI4TBZUDQMM4MEH7MXCY" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SIG7FZULMNK2XF6FZRU4VWYDQXNMUGAJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SIG7FZULMNK2XF6FZRU4VWYDQXNMUGAJ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EOKPQGV24RRBBI4TBZUDQMM4MEH7MXCY", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EOKPQGV24RRBBI4TBZUDQMM4MEH7MXCY" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SIG7FZULMNK2XF6FZRU4VWYDQXNMUGAJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SIG7FZULMNK2XF6FZRU4VWYDQXNMUGAJ" }, { "reference_url": "https://logging.apache.org/log4j/2.x/security.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "9.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/" } ], "url": "https://logging.apache.org/log4j/2.x/security.html" }, { "reference_url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032", "reference_id": "", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "9.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/" } ], "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032" }, { "reference_url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd" }, { "reference_url": "https://security.gentoo.org/glsa/202310-16", "reference_id": "", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "9.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/" } ], "url": "https://security.gentoo.org/glsa/202310-16" }, { "reference_url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", "reference_id": "", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "9.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/" } ], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd" }, { "reference_url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-45046", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-45046" }, { "reference_url": "https://www.cve.org/CVERecord?id=CVE-2021-44228", "reference_id": "", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "9.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/" } ], "url": "https://www.cve.org/CVERecord?id=CVE-2021-44228" }, { "reference_url": "https://www.debian.org/security/2021/dsa-5022", "reference_id": "", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "9.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/" } ], "url": "https://www.debian.org/security/2021/dsa-5022" }, { "reference_url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "9.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/" } ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html" }, { "reference_url": "https://www.kb.cert.org/vuls/id/930724", "reference_id": "", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "9.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/" } ], "url": "https://www.kb.cert.org/vuls/id/930724" }, { "reference_url": "https://www.openwall.com/lists/oss-security/2021/12/14/4", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.openwall.com/lists/oss-security/2021/12/14/4" }, { "reference_url": "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "9.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/" } ], "url": "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "9.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "9.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "9.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2021/12/14/4", "reference_id": "", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "9.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2021/12/14/4" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2021/12/15/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "9.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2021/12/15/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2021/12/18/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "9.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2021/12/18/1" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1001729", "reference_id": "1001729", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1001729" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580", "reference_id": "2032580", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046", "reference_id": "CVE-2021-45046", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EOKPQGV24RRBBI4TBZUDQMM4MEH7MXCY/", "reference_id": "EOKPQGV24RRBBI4TBZUDQMM4MEH7MXCY", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EOKPQGV24RRBBI4TBZUDQMM4MEH7MXCY/" }, { "reference_url": "https://github.com/advisories/GHSA-7rjr-3q55-vv33", "reference_id": "GHSA-7rjr-3q55-vv33", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7rjr-3q55-vv33" }, { "reference_url": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q", "reference_id": "GHSA-jfh8-c2jp-5v3q", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5094", "reference_id": "RHSA-2021:5094", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5094" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5106", "reference_id": "RHSA-2021:5106", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5106" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5107", "reference_id": "RHSA-2021:5107", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5107" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5108", "reference_id": "RHSA-2021:5108", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5108" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5127", "reference_id": "RHSA-2021:5127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5127" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5128", "reference_id": "RHSA-2021:5128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5129", "reference_id": "RHSA-2021:5129", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5129" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5137", "reference_id": "RHSA-2021:5137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5141", "reference_id": "RHSA-2021:5141", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5141" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5148", "reference_id": "RHSA-2021:5148", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5148" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0083", "reference_id": "RHSA-2022:0083", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0083" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0138", "reference_id": "RHSA-2022:0138", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0138" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0203", "reference_id": "RHSA-2022:0203", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0203" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0205", "reference_id": "RHSA-2022:0205", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0205" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0216", "reference_id": "RHSA-2022:0216", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0216" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0222", "reference_id": "RHSA-2022:0222", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0222" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0223", "reference_id": "RHSA-2022:0223", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0223" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1296", "reference_id": "RHSA-2022:1296", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1296" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1297", "reference_id": "RHSA-2022:1297", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1297" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1299", "reference_id": "RHSA-2022:1299", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1299" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1746", "reference_id": "RHSA-2025:1746", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1746" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1747", "reference_id": "RHSA-2025:1747", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1747" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SIG7FZULMNK2XF6FZRU4VWYDQXNMUGAJ/", "reference_id": "SIG7FZULMNK2XF6FZRU4VWYDQXNMUGAJ", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-04T19:31:22Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SIG7FZULMNK2XF6FZRU4VWYDQXNMUGAJ/" }, { "reference_url": "https://usn.ubuntu.com/5197-1/", "reference_id": "USN-5197-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5197-1/" } ], "weaknesses": [ { "cwe_id": 502, "name": "Deserialization of Untrusted Data", "description": "The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid." }, { "cwe_id": 917, "name": "Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')", "description": "The product constructs all or part of an expression language (EL) statement in a framework such as a Java Server Page (JSP) using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended EL statement before it is executed." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." }, { "cwe_id": 78, "name": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "description": "The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component." } ], "exploits": [ { "date_added": "2023-05-01", "description": "Apache Log4j2 contains a deserialization of untrusted data vulnerability due to the incomplete fix of CVE-2021-44228, where the Thread Context Lookup Pattern is vulnerable to remote code execution in certain non-default configurations.", "required_action": "Apply updates per vendor instructions.", "due_date": "2023-05-22", "notes": "https://logging.apache.org/log4j/2.x/security.html; https://nvd.nist.gov/vuln/detail/CVE-2021-45046", "known_ransomware_campaign_use": true, "source_date_published": null, "exploit_type": null, "platform": null, "source_date_updated": null, "data_source": "KEV", "source_url": null }, { "date_added": null, "description": "Versions of Apache Log4j2 impacted by CVE-2021-44228 which allow JNDI features used in configuration,\n log messages, and parameters, do not protect against attacker controlled LDAP and other JNDI related endpoints.\n\n This module will scan an HTTP end point for the Log4Shell vulnerability by injecting a format message that will\n trigger an LDAP connection to Metasploit. This module is a generic scanner and is only capable of identifying\n instances that are vulnerable via one of the pre-determined HTTP request injection points. These points include\n HTTP headers and the HTTP request path.\n\n Known impacted software includes Apache Struts 2, VMWare VCenter, Apache James, Apache Solr, Apache Druid,\n Apache JSPWiki, Apache OFBiz.", "required_action": null, "due_date": null, "notes": "Stability:\n - crash-safe\nSideEffects:\n - ioc-in-logs\nAKA:\n - Log4Shell\n - LogJam\nReliability: []\n", "known_ransomware_campaign_use": false, "source_date_published": "2021-12-09", "exploit_type": null, "platform": "", "source_date_updated": null, "data_source": "Metasploit", "source_url": "https://github.com/rapid7/metasploit-framework/tree/master/modules/auxiliary/scanner/http/log4shell_scanner.rb" } ], "severity_range_score": "8.1 - 10.0", "exploitability": "2.0", "weighted_severity": "9.0", "risk_score": 10.0, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8977-tjss-w7ba" }