Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/11978?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11978?format=api", "vulnerability_id": "VCID-9bk7-2rsc-nbd6", "summary": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')\nAn attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container. This applies to applications that allow untrusted users to upload/modify velocity templates running Apache Velocity Engine versions up to 2.2.", "aliases": [ { "alias": "CVE-2020-13936" }, { "alias": "GHSA-59j4-wjwp-mw9m" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/942070?format=api", "purl": "pkg:deb/debian/velocity@1.7-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/velocity@1.7-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1058967?format=api", "purl": "pkg:deb/debian/velocity@1.7-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/velocity@1.7-6" }, { "url": "http://public2.vulnerablecode.io/api/packages/942071?format=api", "purl": "pkg:deb/debian/velocity@1.7-7?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/velocity@1.7-7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/85708?format=api", "purl": "pkg:ebuild/dev-java/velocity@2.3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/velocity@2.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/234319?format=api", "purl": "pkg:maven/org.apache.velocity/velocity-engine-core@2.3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.velocity/velocity-engine-core@2.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/43097?format=api", "purl": "pkg:maven/org.apache.velocity/velocity-engine-parent@2.3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.velocity/velocity-engine-parent@2.3" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1058961?format=api", "purl": "pkg:deb/debian/velocity@1.3.1-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/velocity@1.3.1-2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1058962?format=api", "purl": "pkg:deb/debian/velocity@1.4-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/velocity@1.4-5" }, { "url": "http://public2.vulnerablecode.io/api/packages/1058963?format=api", "purl": "pkg:deb/debian/velocity@1.6.2-4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/velocity@1.6.2-4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1058964?format=api", "purl": "pkg:deb/debian/velocity@1.7-4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/velocity@1.7-4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1058965?format=api", "purl": "pkg:deb/debian/velocity@1.7-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/velocity@1.7-5" }, { "url": "http://public2.vulnerablecode.io/api/packages/1058966?format=api", "purl": "pkg:deb/debian/velocity@1.7-5%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/velocity@1.7-5%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/276673?format=api", "purl": "pkg:maven/org.apache.velocity/velocity@1.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.velocity/velocity@1.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/276674?format=api", "purl": "pkg:maven/org.apache.velocity/velocity@1.6-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.velocity/velocity@1.6-beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/276675?format=api", "purl": "pkg:maven/org.apache.velocity/velocity@1.6-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.velocity/velocity@1.6-beta2" }, { "url": "http://public2.vulnerablecode.io/api/packages/276676?format=api", "purl": "pkg:maven/org.apache.velocity/velocity@1.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.velocity/velocity@1.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/276677?format=api", "purl": "pkg:maven/org.apache.velocity/velocity@1.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.velocity/velocity@1.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/276678?format=api", "purl": "pkg:maven/org.apache.velocity/velocity@1.6.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.velocity/velocity@1.6.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/276679?format=api", "purl": "pkg:maven/org.apache.velocity/velocity@1.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.velocity/velocity@1.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/276680?format=api", "purl": "pkg:maven/org.apache.velocity/velocity@1.6.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.velocity/velocity@1.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/276681?format=api", "purl": "pkg:maven/org.apache.velocity/velocity@1.7-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.velocity/velocity@1.7-beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/43196?format=api", "purl": "pkg:maven/org.apache.velocity/velocity@1.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.velocity/velocity@1.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/234316?format=api", "purl": "pkg:maven/org.apache.velocity/velocity-engine-core@2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.velocity/velocity-engine-core@2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/234317?format=api", "purl": "pkg:maven/org.apache.velocity/velocity-engine-core@2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.velocity/velocity-engine-core@2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/234318?format=api", "purl": "pkg:maven/org.apache.velocity/velocity-engine-core@2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.velocity/velocity-engine-core@2.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/276086?format=api", "purl": "pkg:maven/org.apache.velocity/velocity-engine-parent@2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.velocity/velocity-engine-parent@2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/276087?format=api", "purl": "pkg:maven/org.apache.velocity/velocity-engine-parent@2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.velocity/velocity-engine-parent@2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/276088?format=api", "purl": "pkg:maven/org.apache.velocity/velocity-engine-parent@2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.velocity/velocity-engine-parent@2.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/100779?format=api", "purl": "pkg:rpm/redhat/eap7-artemis-wildfly-integration@1.0.4-1.redhat_00001.1?arch=el6eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-artemis-wildfly-integration@1.0.4-1.redhat_00001.1%3Farch=el6eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100825?format=api", "purl": "pkg:rpm/redhat/eap7-artemis-wildfly-integration@1.0.4-1.redhat_00001.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-artemis-wildfly-integration@1.0.4-1.redhat_00001.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100813?format=api", "purl": "pkg:rpm/redhat/eap7-artemis-wildfly-integration@1.0.4-1.redhat_00001.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-artemis-wildfly-integration@1.0.4-1.redhat_00001.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100771?format=api", "purl": "pkg:rpm/redhat/eap7-bouncycastle@1.68.0-2.redhat_00005.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-bouncycastle@1.68.0-2.redhat_00005.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100788?format=api", "purl": "pkg:rpm/redhat/eap7-bouncycastle@1.68.0-2.redhat_00005.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-bouncycastle@1.68.0-2.redhat_00005.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100832?format=api", "purl": "pkg:rpm/redhat/eap7-bouncycastle@1.68.0-2.redhat_00005.1?arch=el6eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-bouncycastle@1.68.0-2.redhat_00005.1%3Farch=el6eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100787?format=api", "purl": "pkg:rpm/redhat/eap7-hal-console@3.2.14-1.Final_redhat_00001.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-hal-console@3.2.14-1.Final_redhat_00001.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100811?format=api", "purl": "pkg:rpm/redhat/eap7-hal-console@3.2.14-1.Final_redhat_00001.1?arch=el6eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-hal-console@3.2.14-1.Final_redhat_00001.1%3Farch=el6eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100831?format=api", "purl": "pkg:rpm/redhat/eap7-hal-console@3.2.14-1.Final_redhat_00001.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-hal-console@3.2.14-1.Final_redhat_00001.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/97429?format=api", "purl": "pkg:rpm/redhat/eap7-hal-console@3.2.17-1.Final_redhat_00001.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-j986-mtma-b3bw" }, { "vulnerability": "VCID-jstt-6zs3-ybew" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-netd-rr9e-wbg5" }, { "vulnerability": "VCID-qruf-r6dc-3ugj" }, { "vulnerability": "VCID-turp-dju7-c7fx" }, { "vulnerability": "VCID-xzs8-rbhd-mkbp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-hal-console@3.2.17-1.Final_redhat_00001.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100819?format=api", "purl": "pkg:rpm/redhat/eap7-infinispan@9.4.22-3.Final_redhat_00001.1?arch=el6eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-infinispan@9.4.22-3.Final_redhat_00001.1%3Farch=el6eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100792?format=api", "purl": "pkg:rpm/redhat/eap7-infinispan@9.4.22-3.Final_redhat_00001.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-infinispan@9.4.22-3.Final_redhat_00001.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100806?format=api", "purl": "pkg:rpm/redhat/eap7-infinispan@9.4.22-3.Final_redhat_00001.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-infinispan@9.4.22-3.Final_redhat_00001.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100826?format=api", "purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.30-1.Final_redhat_00001.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-ironjacamar@1.4.30-1.Final_redhat_00001.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100778?format=api", "purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.30-1.Final_redhat_00001.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-ironjacamar@1.4.30-1.Final_redhat_00001.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100809?format=api", "purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.30-1.Final_redhat_00001.1?arch=el6eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-ironjacamar@1.4.30-1.Final_redhat_00001.1%3Farch=el6eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/97435?format=api", "purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.10.4-2.redhat_00004.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-j986-mtma-b3bw" }, { "vulnerability": "VCID-jstt-6zs3-ybew" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-netd-rr9e-wbg5" }, { "vulnerability": "VCID-qruf-r6dc-3ugj" }, { "vulnerability": "VCID-turp-dju7-c7fx" }, { "vulnerability": "VCID-xzs8-rbhd-mkbp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-annotations@2.10.4-2.redhat_00004.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/97437?format=api", "purl": "pkg:rpm/redhat/eap7-jackson-core@2.10.4-2.redhat_00004.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-j986-mtma-b3bw" }, { "vulnerability": "VCID-jstt-6zs3-ybew" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-netd-rr9e-wbg5" }, { "vulnerability": "VCID-qruf-r6dc-3ugj" }, { "vulnerability": "VCID-turp-dju7-c7fx" }, { "vulnerability": "VCID-xzs8-rbhd-mkbp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-core@2.10.4-2.redhat_00004.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/97436?format=api", "purl": "pkg:rpm/redhat/eap7-jackson-databind@2.10.4-4.redhat_00004.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-9h46-72hw-bkcr" }, { "vulnerability": "VCID-j986-mtma-b3bw" }, { "vulnerability": "VCID-jstt-6zs3-ybew" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-netd-rr9e-wbg5" }, { "vulnerability": "VCID-qruf-r6dc-3ugj" }, { "vulnerability": "VCID-turp-dju7-c7fx" }, { "vulnerability": "VCID-v2pq-1qhm-4qb9" }, { "vulnerability": "VCID-xzs8-rbhd-mkbp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-databind@2.10.4-4.redhat_00004.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/97439?format=api", "purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.10.4-2.redhat_00004.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-j986-mtma-b3bw" }, { "vulnerability": "VCID-jstt-6zs3-ybew" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-netd-rr9e-wbg5" }, { "vulnerability": "VCID-qruf-r6dc-3ugj" }, { "vulnerability": "VCID-turp-dju7-c7fx" }, { "vulnerability": "VCID-xzs8-rbhd-mkbp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.10.4-2.redhat_00004.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/97430?format=api", "purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.10.4-4.redhat_00004.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-j986-mtma-b3bw" }, { "vulnerability": "VCID-jstt-6zs3-ybew" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-netd-rr9e-wbg5" }, { "vulnerability": "VCID-qruf-r6dc-3ugj" }, { "vulnerability": "VCID-turp-dju7-c7fx" }, { "vulnerability": "VCID-xzs8-rbhd-mkbp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-modules-base@2.10.4-4.redhat_00004.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/97433?format=api", "purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.10.4-2.redhat_00004.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-9h46-72hw-bkcr" }, { "vulnerability": "VCID-dmkc-42vj-gbhc" }, { "vulnerability": "VCID-j986-mtma-b3bw" }, { "vulnerability": "VCID-jstt-6zs3-ybew" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-netd-rr9e-wbg5" }, { "vulnerability": "VCID-qruf-r6dc-3ugj" }, { "vulnerability": "VCID-turp-dju7-c7fx" }, { "vulnerability": "VCID-v2pq-1qhm-4qb9" }, { "vulnerability": "VCID-wp9q-eurd-43dx" }, { "vulnerability": "VCID-xzs8-rbhd-mkbp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-modules-java8@2.10.4-2.redhat_00004.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100777?format=api", "purl": "pkg:rpm/redhat/eap7-jboss-genericjms@2.0.9-1.Final_redhat_00001.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-genericjms@2.0.9-1.Final_redhat_00001.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100808?format=api", "purl": "pkg:rpm/redhat/eap7-jboss-genericjms@2.0.9-1.Final_redhat_00001.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-genericjms@2.0.9-1.Final_redhat_00001.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100822?format=api", "purl": "pkg:rpm/redhat/eap7-jboss-genericjms@2.0.9-1.Final_redhat_00001.1?arch=el6eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-genericjms@2.0.9-1.Final_redhat_00001.1%3Farch=el6eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100774?format=api", "purl": "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.11-1.Final_redhat_00001.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-marshalling@2.0.11-1.Final_redhat_00001.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100821?format=api", "purl": "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.11-1.Final_redhat_00001.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-marshalling@2.0.11-1.Final_redhat_00001.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100805?format=api", "purl": "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.11-1.Final_redhat_00001.1?arch=el6eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-marshalling@2.0.11-1.Final_redhat_00001.1%3Farch=el6eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100784?format=api", "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-6.Final_redhat_00007.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-6.Final_redhat_00007.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100812?format=api", "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-6.Final_redhat_00007.1?arch=el6eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-6.Final_redhat_00007.1%3Farch=el6eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100828?format=api", "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-6.Final_redhat_00007.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-6.Final_redhat_00007.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100780?format=api", "purl": "pkg:rpm/redhat/eap7-jboss-weld-3.1-api@3.1.0-6.SP3_redhat_00001.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-weld-3.1-api@3.1.0-6.SP3_redhat_00001.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100793?format=api", "purl": "pkg:rpm/redhat/eap7-jboss-weld-3.1-api@3.1.0-6.SP3_redhat_00001.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-weld-3.1-api@3.1.0-6.SP3_redhat_00001.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100810?format=api", "purl": "pkg:rpm/redhat/eap7-jboss-weld-3.1-api@3.1.0-6.SP3_redhat_00001.1?arch=el6eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-weld-3.1-api@3.1.0-6.SP3_redhat_00001.1%3Farch=el6eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/97438?format=api", "purl": "pkg:rpm/redhat/eap7-jettison@1.5.2-2.redhat_00002.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-j986-mtma-b3bw" }, { "vulnerability": "VCID-jstt-6zs3-ybew" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-netd-rr9e-wbg5" }, { "vulnerability": "VCID-qruf-r6dc-3ugj" }, { "vulnerability": "VCID-turp-dju7-c7fx" }, { "vulnerability": "VCID-wp9q-eurd-43dx" }, { "vulnerability": "VCID-xzs8-rbhd-mkbp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jettison@1.5.2-2.redhat_00002.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100815?format=api", "purl": "pkg:rpm/redhat/eap7-jgroups-kubernetes@1.0.16-1.Final_redhat_00001.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jgroups-kubernetes@1.0.16-1.Final_redhat_00001.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100800?format=api", "purl": "pkg:rpm/redhat/eap7-jgroups-kubernetes@1.0.16-1.Final_redhat_00001.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jgroups-kubernetes@1.0.16-1.Final_redhat_00001.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100775?format=api", "purl": "pkg:rpm/redhat/eap7-jgroups-kubernetes@1.0.16-1.Final_redhat_00001.1?arch=el6eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jgroups-kubernetes@1.0.16-1.Final_redhat_00001.1%3Farch=el6eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100798?format=api", "purl": "pkg:rpm/redhat/eap7-mod_cluster@1.4.3-2.Final_redhat_00002.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-mod_cluster@1.4.3-2.Final_redhat_00002.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100814?format=api", "purl": "pkg:rpm/redhat/eap7-mod_cluster@1.4.3-2.Final_redhat_00002.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-mod_cluster@1.4.3-2.Final_redhat_00002.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100823?format=api", "purl": "pkg:rpm/redhat/eap7-mod_cluster@1.4.3-2.Final_redhat_00002.1?arch=el6eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-mod_cluster@1.4.3-2.Final_redhat_00002.1%3Farch=el6eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100802?format=api", "purl": "pkg:rpm/redhat/eap7-netty@4.1.60-1.Final_redhat_00001.1?arch=el6eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-netty@4.1.60-1.Final_redhat_00001.1%3Farch=el6eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100782?format=api", "purl": "pkg:rpm/redhat/eap7-netty@4.1.60-1.Final_redhat_00001.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-netty@4.1.60-1.Final_redhat_00001.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100829?format=api", "purl": "pkg:rpm/redhat/eap7-netty@4.1.60-1.Final_redhat_00001.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-netty@4.1.60-1.Final_redhat_00001.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/97442?format=api", "purl": "pkg:rpm/redhat/eap7-netty@4.1.63-4.Final_redhat_00002.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-j986-mtma-b3bw" }, { "vulnerability": "VCID-jstt-6zs3-ybew" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-netd-rr9e-wbg5" }, { "vulnerability": "VCID-qruf-r6dc-3ugj" }, { "vulnerability": "VCID-turp-dju7-c7fx" }, { "vulnerability": "VCID-xzs8-rbhd-mkbp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-netty@4.1.63-4.Final_redhat_00002.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/97441?format=api", "purl": "pkg:rpm/redhat/eap7-resteasy@3.0.27-1.Final_redhat_00001.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5qfd-jjh1-d3fx" }, { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-9h46-72hw-bkcr" }, { "vulnerability": "VCID-bydt-bkf4-rbh2" }, { "vulnerability": "VCID-dmkc-42vj-gbhc" }, { "vulnerability": "VCID-j986-mtma-b3bw" }, { "vulnerability": "VCID-jvp6-892x-nkc7" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-netd-rr9e-wbg5" }, { "vulnerability": "VCID-q6t7-9mjk-7fdd" }, { "vulnerability": "VCID-qruf-r6dc-3ugj" }, { "vulnerability": "VCID-ruae-hqdg-m7ek" }, { "vulnerability": "VCID-v2pq-1qhm-4qb9" }, { "vulnerability": "VCID-wdgx-34uc-2qa4" }, { "vulnerability": "VCID-wp9q-eurd-43dx" }, { "vulnerability": "VCID-xnyb-nuwm-pkdr" }, { "vulnerability": "VCID-xzs8-rbhd-mkbp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-resteasy@3.0.27-1.Final_redhat_00001.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/100786?format=api", "purl": "pkg:rpm/redhat/eap7-resteasy@3.11.4-1.Final_redhat_00001.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-resteasy@3.11.4-1.Final_redhat_00001.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100796?format=api", "purl": "pkg:rpm/redhat/eap7-resteasy@3.11.4-1.Final_redhat_00001.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-resteasy@3.11.4-1.Final_redhat_00001.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100824?format=api", "purl": "pkg:rpm/redhat/eap7-resteasy@3.11.4-1.Final_redhat_00001.1?arch=el6eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-resteasy@3.11.4-1.Final_redhat_00001.1%3Farch=el6eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/97431?format=api", "purl": "pkg:rpm/redhat/eap7-resteasy@3.11.6-1.Final_redhat_00001.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-9h46-72hw-bkcr" }, { "vulnerability": "VCID-dmkc-42vj-gbhc" }, { "vulnerability": "VCID-j986-mtma-b3bw" }, { "vulnerability": "VCID-jstt-6zs3-ybew" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-netd-rr9e-wbg5" }, { "vulnerability": "VCID-qruf-r6dc-3ugj" }, { "vulnerability": "VCID-turp-dju7-c7fx" }, { "vulnerability": "VCID-v2pq-1qhm-4qb9" }, { "vulnerability": "VCID-wp9q-eurd-43dx" }, { "vulnerability": "VCID-xzs8-rbhd-mkbp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-resteasy@3.11.6-1.Final_redhat_00001.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/97440?format=api", "purl": "pkg:rpm/redhat/eap7-snakeyaml@1.33.0-1.SP1_redhat_00001.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-dmkc-42vj-gbhc" }, { "vulnerability": "VCID-j986-mtma-b3bw" }, { "vulnerability": "VCID-jstt-6zs3-ybew" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-netd-rr9e-wbg5" }, { "vulnerability": "VCID-qruf-r6dc-3ugj" }, { "vulnerability": "VCID-turp-dju7-c7fx" }, { "vulnerability": "VCID-xzs8-rbhd-mkbp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-snakeyaml@1.33.0-1.SP1_redhat_00001.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100820?format=api", "purl": "pkg:rpm/redhat/eap7-undertow@2.0.35-1.SP1_redhat_00001.1?arch=el6eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow@2.0.35-1.SP1_redhat_00001.1%3Farch=el6eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100790?format=api", "purl": "pkg:rpm/redhat/eap7-undertow@2.0.35-1.SP1_redhat_00001.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow@2.0.35-1.SP1_redhat_00001.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100804?format=api", "purl": "pkg:rpm/redhat/eap7-undertow@2.0.35-1.SP1_redhat_00001.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow@2.0.35-1.SP1_redhat_00001.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/97451?format=api", "purl": "pkg:rpm/redhat/eap7-velocity@1.7.0-3.redhat_00006.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-j986-mtma-b3bw" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-netd-rr9e-wbg5" }, { "vulnerability": "VCID-qruf-r6dc-3ugj" }, { "vulnerability": "VCID-wp9q-eurd-43dx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-velocity@1.7.0-3.redhat_00006.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/100807?format=api", "purl": "pkg:rpm/redhat/eap7-velocity@2.3.0-1.redhat_00001.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-velocity@2.3.0-1.redhat_00001.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100791?format=api", "purl": "pkg:rpm/redhat/eap7-velocity@2.3.0-1.redhat_00001.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-velocity@2.3.0-1.redhat_00001.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100776?format=api", "purl": "pkg:rpm/redhat/eap7-velocity@2.3.0-1.redhat_00001.1?arch=el6eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-velocity@2.3.0-1.redhat_00001.1%3Farch=el6eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100773?format=api", "purl": "pkg:rpm/redhat/eap7-weld-core@3.1.6-1.Final_redhat_00001.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-weld-core@3.1.6-1.Final_redhat_00001.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100799?format=api", "purl": "pkg:rpm/redhat/eap7-weld-core@3.1.6-1.Final_redhat_00001.1?arch=el6eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-weld-core@3.1.6-1.Final_redhat_00001.1%3Farch=el6eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100818?format=api", "purl": "pkg:rpm/redhat/eap7-weld-core@3.1.6-1.Final_redhat_00001.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-weld-core@3.1.6-1.Final_redhat_00001.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100785?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly@7.3.7-1.GA_redhat_00002.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly@7.3.7-1.GA_redhat_00002.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100827?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly@7.3.7-1.GA_redhat_00002.1?arch=el6eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly@7.3.7-1.GA_redhat_00002.1%3Farch=el6eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100797?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly@7.3.7-1.GA_redhat_00002.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly@7.3.7-1.GA_redhat_00002.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/97434?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly@7.3.12-3.GA_redhat_00002.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-j986-mtma-b3bw" }, { "vulnerability": "VCID-jstt-6zs3-ybew" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-netd-rr9e-wbg5" }, { "vulnerability": "VCID-qruf-r6dc-3ugj" }, { "vulnerability": "VCID-turp-dju7-c7fx" }, { "vulnerability": "VCID-xzs8-rbhd-mkbp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly@7.3.12-3.GA_redhat_00002.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100816?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.10.12-1.Final_redhat_00001.1?arch=el6eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-elytron@1.10.12-1.Final_redhat_00001.1%3Farch=el6eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100789?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.10.12-1.Final_redhat_00001.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-elytron@1.10.12-1.Final_redhat_00001.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100770?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.10.12-1.Final_redhat_00001.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-elytron@1.10.12-1.Final_redhat_00001.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100817?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly-http-client@1.0.26-1.Final_redhat_00001.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-http-client@1.0.26-1.Final_redhat_00001.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100801?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly-http-client@1.0.26-1.Final_redhat_00001.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-http-client@1.0.26-1.Final_redhat_00001.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100772?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly-http-client@1.0.26-1.Final_redhat_00001.1?arch=el6eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-http-client@1.0.26-1.Final_redhat_00001.1%3Farch=el6eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100830?format=api", "purl": "pkg:rpm/redhat/eap7-xalan-j2@2.7.1-36.redhat_00013.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-xalan-j2@2.7.1-36.redhat_00013.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100781?format=api", "purl": "pkg:rpm/redhat/eap7-xalan-j2@2.7.1-36.redhat_00013.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-xalan-j2@2.7.1-36.redhat_00013.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100795?format=api", "purl": "pkg:rpm/redhat/eap7-xalan-j2@2.7.1-36.redhat_00013.1?arch=el6eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-xalan-j2@2.7.1-36.redhat_00013.1%3Farch=el6eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100794?format=api", "purl": "pkg:rpm/redhat/eap7-yasson@1.0.9-1.redhat_00001.1?arch=el6eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-yasson@1.0.9-1.redhat_00001.1%3Farch=el6eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100803?format=api", "purl": "pkg:rpm/redhat/eap7-yasson@1.0.9-1.redhat_00001.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-yasson@1.0.9-1.redhat_00001.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/100783?format=api", "purl": "pkg:rpm/redhat/eap7-yasson@1.0.9-1.redhat_00001.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bk7-2rsc-nbd6" }, { "vulnerability": "VCID-e92u-331h-bkcb" }, { "vulnerability": "VCID-ug8h-p8kf-t7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-yasson@1.0.9-1.redhat_00001.1%3Farch=el7eap" } ], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13936.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13936.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-13936", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.16401", "scoring_system": "epss", "scoring_elements": "0.94882", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.16401", "scoring_system": "epss", "scoring_elements": "0.94879", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.16401", "scoring_system": "epss", "scoring_elements": "0.94871", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.16401", "scoring_system": "epss", "scoring_elements": "0.9487", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.16401", "scoring_system": "epss", "scoring_elements": "0.94867", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.16401", "scoring_system": "epss", "scoring_elements": "0.94863", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.16401", "scoring_system": "epss", "scoring_elements": "0.9485", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.16401", "scoring_system": "epss", "scoring_elements": "0.94847", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.16401", "scoring_system": "epss", "scoring_elements": "0.94844", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.16401", "scoring_system": "epss", "scoring_elements": "0.94859", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.16401", "scoring_system": "epss", "scoring_elements": "0.94834", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-13936" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13936", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13936" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/apache/velocity-engine", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/velocity-engine" }, { "reference_url": "https://lists.apache.org/thread.html/r01043f584cbd47959fabe18fff64de940f81a65024bb8dddbda31d9a@%3Cuser.velocity.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r01043f584cbd47959fabe18fff64de940f81a65024bb8dddbda31d9a@%3Cuser.velocity.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r01043f584cbd47959fabe18fff64de940f81a65024bb8dddbda31d9a%40%3Cuser.velocity.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r01043f584cbd47959fabe18fff64de940f81a65024bb8dddbda31d9a%40%3Cuser.velocity.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r0bc98e9cd080b4a13b905c571b9bed87e1a0878d44dbf21487c6cca4@%3Cdev.santuario.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r0bc98e9cd080b4a13b905c571b9bed87e1a0878d44dbf21487c6cca4@%3Cdev.santuario.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r17cb932fab14801b14e5b97a7f05192f4f366ef260c10d4a8dba8ac9@%3Cdev.ws.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r17cb932fab14801b14e5b97a7f05192f4f366ef260c10d4a8dba8ac9@%3Cdev.ws.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r293284c6806c73f51098001ea86a14271c39f72cd76af9e946d9d9ad@%3Cdev.ws.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r293284c6806c73f51098001ea86a14271c39f72cd76af9e946d9d9ad@%3Cdev.ws.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r39de20c7e9c808b1f96790875d33e58c9c0aabb44fd9227e7b3dc5da@%3Cdev.ws.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r39de20c7e9c808b1f96790875d33e58c9c0aabb44fd9227e7b3dc5da@%3Cdev.ws.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r3ea4c4c908505b20a4c268330dfe7188b90c84dcf777728d02068ae6@%3Cannounce.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r3ea4c4c908505b20a4c268330dfe7188b90c84dcf777728d02068ae6@%3Cannounce.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r4cd59453b65d4ac290fcb3b71fdf32b4f1f8989025e89558deb5a245@%3Cdev.ws.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r4cd59453b65d4ac290fcb3b71fdf32b4f1f8989025e89558deb5a245@%3Cdev.ws.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r52a5129df402352adc34d052bab9234c8ef63596306506a89fdc7328@%3Cusers.activemq.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r52a5129df402352adc34d052bab9234c8ef63596306506a89fdc7328@%3Cusers.activemq.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r7f209b837217d2a0fe5977fb692e7f15d37fa5de8214bcdc4c21d9a7@%3Ccommits.turbine.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r7f209b837217d2a0fe5977fb692e7f15d37fa5de8214bcdc4c21d9a7@%3Ccommits.turbine.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9dc2505651788ac668299774d9e7af4dc616be2f56fdc684d1170882@%3Cusers.activemq.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r9dc2505651788ac668299774d9e7af4dc616be2f56fdc684d1170882@%3Cusers.activemq.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb042f3b0090e419cc9f5a3d32cf0baff283ccd6fcb1caea61915d6b6@%3Ccommits.velocity.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rb042f3b0090e419cc9f5a3d32cf0baff283ccd6fcb1caea61915d6b6@%3Ccommits.velocity.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rbee7270556f4172322936b5ecc9fabf0c09f00d4fa56c9de1963c340@%3Cdev.ws.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rbee7270556f4172322936b5ecc9fabf0c09f00d4fa56c9de1963c340@%3Cdev.ws.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd2a89e17e8a9b451ce655f1a34117752ea1d18a22ce580d8baa824fd@%3Ccommits.druid.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rd2a89e17e8a9b451ce655f1a34117752ea1d18a22ce580d8baa824fd@%3Ccommits.druid.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd7e865c87f9043c21d9c1fd9d4df866061d9a08cfc322771160d8058@%3Cdev.ws.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rd7e865c87f9043c21d9c1fd9d4df866061d9a08cfc322771160d8058@%3Cdev.ws.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re641197d204765130618086238c73dd2ce5a3f94b33785b587d72726@%3Cdev.ws.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/re641197d204765130618086238c73dd2ce5a3f94b33785b587d72726@%3Cdev.ws.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re8e7482fe54d289fc0229e61cc64947b63b12c3c312e9f25bf6f3b8c@%3Cdev.ws.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/re8e7482fe54d289fc0229e61cc64947b63b12c3c312e9f25bf6f3b8c@%3Cdev.ws.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/reab5978b54a9f4c078402161e30a89c42807b198814acadbe6c862c7@%3Cdev.ws.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/reab5978b54a9f4c078402161e30a89c42807b198814acadbe6c862c7@%3Cdev.ws.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf7d369de88dc88a1347006a3323b3746d849234db40a8edfd5ebc436@%3Cdev.ws.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rf7d369de88dc88a1347006a3323b3746d849234db40a8edfd5ebc436@%3Cdev.ws.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00019.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00019.html" }, { "reference_url": "https://security.gentoo.org/glsa/202107-52", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/202107-52" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2021/03/10/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2021/03/10/1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1937440", "reference_id": "1937440", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1937440" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985220", "reference_id": "985220", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985220" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13936", "reference_id": "CVE-2020-13936", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13936" }, { "reference_url": "https://github.com/advisories/GHSA-59j4-wjwp-mw9m", "reference_id": "GHSA-59j4-wjwp-mw9m", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-59j4-wjwp-mw9m" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2046", "reference_id": "RHSA-2021:2046", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2047", "reference_id": "RHSA-2021:2047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2048", "reference_id": "RHSA-2021:2048", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2048" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2051", "reference_id": "RHSA-2021:2051", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2051" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2210", "reference_id": "RHSA-2021:2210", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2755", "reference_id": "RHSA-2021:2755", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2755" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3656", "reference_id": "RHSA-2021:3656", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3656" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3658", "reference_id": "RHSA-2021:3658", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3658" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3660", "reference_id": "RHSA-2021:3660", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3660" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4767", "reference_id": "RHSA-2021:4767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4918", "reference_id": "RHSA-2021:4918", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4918" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1746", "reference_id": "RHSA-2025:1746", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1746" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1747", "reference_id": "RHSA-2025:1747", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1747" }, { "reference_url": "https://usn.ubuntu.com/6281-1/", "reference_id": "USN-6281-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6281-1/" } ], "weaknesses": [ { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." }, { "cwe_id": 78, "name": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "description": "The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 20, "name": "Improper Input Validation", "description": "The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly." }, { "cwe_id": 94, "name": "Improper Control of Generation of Code ('Code Injection')", "description": "The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment." } ], "exploits": [], "severity_range_score": "7.0 - 8.9", "exploitability": "0.5", "weighted_severity": "8.0", "risk_score": 4.0, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9bk7-2rsc-nbd6" }