Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/16568?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16568?format=api", "vulnerability_id": "VCID-jz3d-vvfb-jfbw", "summary": "Undertow client not checking server identity presented by server certificate in https connections\nThe undertow client is not checking the server identity presented by the server certificate in https connections. This should be performed by default in https and in http/2.", "aliases": [ { "alias": "CVE-2022-4492" }, { "alias": "GHSA-pfcc-3g6r-8rg8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941811?format=api", "purl": "pkg:deb/debian/undertow@2.3.8-2?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/undertow@2.3.8-2%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941790?format=api", "purl": "pkg:deb/debian/undertow@2.3.20-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/undertow@2.3.20-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/56062?format=api", "purl": "pkg:maven/io.undertow/undertow-core@2.2.24.Final", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vrj-chs2-d3ab" }, { "vulnerability": "VCID-2cv5-9v62-kfbm" }, { "vulnerability": "VCID-5585-a76n-zubf" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" }, { "vulnerability": "VCID-xme8-usmd-vqg3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/io.undertow/undertow-core@2.2.24.Final" }, { "url": "http://public2.vulnerablecode.io/api/packages/56061?format=api", "purl": "pkg:maven/io.undertow/undertow-core@2.3.5.Final", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vrj-chs2-d3ab" }, { "vulnerability": "VCID-2cv5-9v62-kfbm" }, { "vulnerability": "VCID-5585-a76n-zubf" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" }, { "vulnerability": "VCID-xme8-usmd-vqg3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/io.undertow/undertow-core@2.3.5.Final" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/59957?format=api", "purl": "pkg:maven/io.undertow/undertow-core@2.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4v1f-kt5y-w7d1" }, { "vulnerability": "VCID-93ut-2de3-ckc5" }, { "vulnerability": "VCID-jz3d-vvfb-jfbw" }, { "vulnerability": "VCID-usz2-tufg-k7gz" }, { "vulnerability": "VCID-xftw-raz7-b7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/io.undertow/undertow-core@2.3.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/93738?format=api", "purl": "pkg:rpm/redhat/eap7-glassfish-el@3.0.1-4.b08_redhat_00005.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5585-a76n-zubf" }, { "vulnerability": "VCID-62gn-nwup-8uat" }, { "vulnerability": "VCID-6ssa-j1q1-c3cs" }, { "vulnerability": "VCID-8p4t-8f51-h3dc" }, { "vulnerability": "VCID-9p6a-t8zz-jkfd" }, { "vulnerability": "VCID-9v3p-qkzz-ukgg" }, { "vulnerability": "VCID-beaj-uk9m-17be" }, { "vulnerability": "VCID-gkzd-prsr-gqc8" }, { "vulnerability": "VCID-jz3d-vvfb-jfbw" }, { "vulnerability": "VCID-mapy-1mup-wfgx" }, { "vulnerability": "VCID-v6ek-y7cn-kycd" }, { "vulnerability": "VCID-vdv3-7dwp-suab" }, { "vulnerability": "VCID-xyc4-63ra-mfh2" }, { "vulnerability": "VCID-ysp6-t713-ffgr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-glassfish-el@3.0.1-4.b08_redhat_00005.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/93741?format=api", "purl": "pkg:rpm/redhat/eap7-hibernate@5.1.17-3.Final_redhat_00004.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5585-a76n-zubf" }, { "vulnerability": "VCID-62gn-nwup-8uat" }, { "vulnerability": "VCID-6ssa-j1q1-c3cs" }, { "vulnerability": "VCID-8p4t-8f51-h3dc" }, { "vulnerability": "VCID-9p6a-t8zz-jkfd" }, { "vulnerability": "VCID-9v3p-qkzz-ukgg" }, { "vulnerability": "VCID-beaj-uk9m-17be" }, { "vulnerability": "VCID-gkzd-prsr-gqc8" }, { "vulnerability": "VCID-jz3d-vvfb-jfbw" }, { "vulnerability": "VCID-mapy-1mup-wfgx" }, { "vulnerability": "VCID-v6ek-y7cn-kycd" }, { "vulnerability": "VCID-vdv3-7dwp-suab" }, { "vulnerability": "VCID-xyc4-63ra-mfh2" }, { "vulnerability": "VCID-ysp6-t713-ffgr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-hibernate@5.1.17-3.Final_redhat_00004.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/93562?format=api", "purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.10.4-3.redhat_00006.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vrj-chs2-d3ab" }, { "vulnerability": "VCID-469b-j213-6ufk" }, { "vulnerability": "VCID-5585-a76n-zubf" }, { "vulnerability": "VCID-62gn-nwup-8uat" }, { "vulnerability": "VCID-6ssa-j1q1-c3cs" }, { "vulnerability": "VCID-7yc7-e35f-8uhj" }, { "vulnerability": "VCID-8p4t-8f51-h3dc" }, { "vulnerability": "VCID-93ut-2de3-ckc5" }, { "vulnerability": "VCID-9p6a-t8zz-jkfd" }, { "vulnerability": "VCID-jz3d-vvfb-jfbw" }, { "vulnerability": "VCID-usz2-tufg-k7gz" }, { "vulnerability": "VCID-v6ek-y7cn-kycd" }, { "vulnerability": "VCID-xftw-raz7-b7e1" }, { "vulnerability": "VCID-xyc4-63ra-mfh2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-annotations@2.10.4-3.redhat_00006.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/93569?format=api", "purl": "pkg:rpm/redhat/eap7-jackson-core@2.10.4-3.redhat_00006.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vrj-chs2-d3ab" }, { "vulnerability": "VCID-469b-j213-6ufk" }, { "vulnerability": "VCID-5585-a76n-zubf" }, { "vulnerability": "VCID-62gn-nwup-8uat" }, { "vulnerability": "VCID-6ssa-j1q1-c3cs" }, { "vulnerability": "VCID-7yc7-e35f-8uhj" }, { "vulnerability": "VCID-8p4t-8f51-h3dc" }, { "vulnerability": "VCID-93ut-2de3-ckc5" }, { "vulnerability": "VCID-9p6a-t8zz-jkfd" }, { "vulnerability": "VCID-jz3d-vvfb-jfbw" }, { "vulnerability": "VCID-usz2-tufg-k7gz" }, { "vulnerability": "VCID-v6ek-y7cn-kycd" }, { "vulnerability": "VCID-xftw-raz7-b7e1" }, { "vulnerability": "VCID-xyc4-63ra-mfh2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-core@2.10.4-3.redhat_00006.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/93730?format=api", "purl": "pkg:rpm/redhat/eap7-jackson-databind@2.8.11.6-3.SP1_redhat_00003.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5585-a76n-zubf" }, { "vulnerability": "VCID-62gn-nwup-8uat" }, { "vulnerability": "VCID-6ssa-j1q1-c3cs" }, { "vulnerability": "VCID-8p4t-8f51-h3dc" }, { "vulnerability": "VCID-9p6a-t8zz-jkfd" }, { "vulnerability": "VCID-9v3p-qkzz-ukgg" }, { "vulnerability": "VCID-beaj-uk9m-17be" }, { "vulnerability": "VCID-gkzd-prsr-gqc8" }, { "vulnerability": "VCID-jz3d-vvfb-jfbw" }, { "vulnerability": "VCID-mapy-1mup-wfgx" }, { "vulnerability": "VCID-v6ek-y7cn-kycd" }, { "vulnerability": "VCID-vdv3-7dwp-suab" }, { "vulnerability": "VCID-xyc4-63ra-mfh2" }, { "vulnerability": "VCID-ysp6-t713-ffgr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-databind@2.8.11.6-3.SP1_redhat_00003.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/93575?format=api", "purl": "pkg:rpm/redhat/eap7-jackson-databind@2.10.4-5.redhat_00006.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vrj-chs2-d3ab" }, { "vulnerability": "VCID-469b-j213-6ufk" }, { "vulnerability": "VCID-5585-a76n-zubf" }, { "vulnerability": "VCID-62gn-nwup-8uat" }, { "vulnerability": "VCID-6ssa-j1q1-c3cs" }, { "vulnerability": "VCID-7yc7-e35f-8uhj" }, { "vulnerability": "VCID-8p4t-8f51-h3dc" }, { "vulnerability": "VCID-93ut-2de3-ckc5" }, { "vulnerability": "VCID-9p6a-t8zz-jkfd" }, { "vulnerability": "VCID-jz3d-vvfb-jfbw" }, { "vulnerability": "VCID-usz2-tufg-k7gz" }, { "vulnerability": "VCID-v6ek-y7cn-kycd" }, { "vulnerability": "VCID-xftw-raz7-b7e1" }, { "vulnerability": "VCID-xyc4-63ra-mfh2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-databind@2.10.4-5.redhat_00006.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/93581?format=api", "purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.10.4-3.redhat_00006.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vrj-chs2-d3ab" }, { "vulnerability": "VCID-469b-j213-6ufk" }, { "vulnerability": "VCID-5585-a76n-zubf" }, { "vulnerability": "VCID-62gn-nwup-8uat" }, { "vulnerability": "VCID-6ssa-j1q1-c3cs" }, { "vulnerability": "VCID-7yc7-e35f-8uhj" }, { "vulnerability": "VCID-8p4t-8f51-h3dc" }, { "vulnerability": "VCID-93ut-2de3-ckc5" }, { "vulnerability": "VCID-9p6a-t8zz-jkfd" }, { "vulnerability": "VCID-jz3d-vvfb-jfbw" }, { "vulnerability": "VCID-usz2-tufg-k7gz" }, { "vulnerability": "VCID-v6ek-y7cn-kycd" }, { "vulnerability": "VCID-xftw-raz7-b7e1" }, { "vulnerability": "VCID-xyc4-63ra-mfh2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.10.4-3.redhat_00006.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/93576?format=api", "purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.10.4-5.redhat_00006.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vrj-chs2-d3ab" }, { "vulnerability": "VCID-469b-j213-6ufk" }, { "vulnerability": "VCID-5585-a76n-zubf" }, { "vulnerability": "VCID-62gn-nwup-8uat" }, { "vulnerability": "VCID-6ssa-j1q1-c3cs" }, { "vulnerability": "VCID-7yc7-e35f-8uhj" }, { "vulnerability": "VCID-8p4t-8f51-h3dc" }, { "vulnerability": "VCID-93ut-2de3-ckc5" }, { "vulnerability": "VCID-9p6a-t8zz-jkfd" }, { "vulnerability": "VCID-jz3d-vvfb-jfbw" }, { "vulnerability": "VCID-usz2-tufg-k7gz" }, { "vulnerability": "VCID-v6ek-y7cn-kycd" }, { "vulnerability": "VCID-xftw-raz7-b7e1" }, { "vulnerability": "VCID-xyc4-63ra-mfh2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-modules-base@2.10.4-5.redhat_00006.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/93571?format=api", "purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.10.4-2.redhat_00006.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vrj-chs2-d3ab" }, { "vulnerability": "VCID-469b-j213-6ufk" }, { "vulnerability": "VCID-5585-a76n-zubf" }, { "vulnerability": "VCID-62gn-nwup-8uat" }, { "vulnerability": "VCID-6ssa-j1q1-c3cs" }, { "vulnerability": "VCID-7yc7-e35f-8uhj" }, { "vulnerability": "VCID-8p4t-8f51-h3dc" }, { "vulnerability": "VCID-93ut-2de3-ckc5" }, { "vulnerability": "VCID-9p6a-t8zz-jkfd" }, { "vulnerability": "VCID-jz3d-vvfb-jfbw" }, { "vulnerability": "VCID-usz2-tufg-k7gz" }, { "vulnerability": "VCID-v6ek-y7cn-kycd" }, { "vulnerability": "VCID-xftw-raz7-b7e1" }, { "vulnerability": "VCID-xyc4-63ra-mfh2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-modules-java8@2.10.4-2.redhat_00006.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/93747?format=api", "purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.12-1.Final_redhat_00002.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5585-a76n-zubf" }, { "vulnerability": "VCID-62gn-nwup-8uat" }, { "vulnerability": "VCID-6ssa-j1q1-c3cs" }, { "vulnerability": "VCID-8p4t-8f51-h3dc" }, { "vulnerability": "VCID-9p6a-t8zz-jkfd" }, { "vulnerability": "VCID-9v3p-qkzz-ukgg" }, { "vulnerability": "VCID-beaj-uk9m-17be" }, { "vulnerability": "VCID-gkzd-prsr-gqc8" }, { "vulnerability": "VCID-jz3d-vvfb-jfbw" }, { "vulnerability": "VCID-mapy-1mup-wfgx" }, { "vulnerability": "VCID-v6ek-y7cn-kycd" }, { "vulnerability": "VCID-vdv3-7dwp-suab" }, { "vulnerability": "VCID-xyc4-63ra-mfh2" }, { "vulnerability": "VCID-ysp6-t713-ffgr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.12-1.Final_redhat_00002.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/93563?format=api", "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-16.Final_redhat_00017.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vrj-chs2-d3ab" }, { "vulnerability": "VCID-469b-j213-6ufk" }, { "vulnerability": "VCID-5585-a76n-zubf" }, { "vulnerability": "VCID-62gn-nwup-8uat" }, { "vulnerability": "VCID-6ssa-j1q1-c3cs" }, { "vulnerability": "VCID-7yc7-e35f-8uhj" }, { "vulnerability": "VCID-8p4t-8f51-h3dc" }, { "vulnerability": "VCID-93ut-2de3-ckc5" }, { "vulnerability": "VCID-9p6a-t8zz-jkfd" }, { "vulnerability": "VCID-jz3d-vvfb-jfbw" }, { "vulnerability": "VCID-usz2-tufg-k7gz" }, { "vulnerability": "VCID-v6ek-y7cn-kycd" }, { "vulnerability": "VCID-xftw-raz7-b7e1" }, { "vulnerability": "VCID-xyc4-63ra-mfh2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-16.Final_redhat_00017.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/93727?format=api", "purl": "pkg:rpm/redhat/eap7-netty@4.1.63-2.Final_redhat_00003.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5585-a76n-zubf" }, { "vulnerability": "VCID-62gn-nwup-8uat" }, { "vulnerability": "VCID-6ssa-j1q1-c3cs" }, { "vulnerability": "VCID-8p4t-8f51-h3dc" }, { "vulnerability": "VCID-9p6a-t8zz-jkfd" }, { "vulnerability": "VCID-9v3p-qkzz-ukgg" }, { "vulnerability": "VCID-beaj-uk9m-17be" }, { "vulnerability": "VCID-gkzd-prsr-gqc8" }, { "vulnerability": "VCID-jz3d-vvfb-jfbw" }, { "vulnerability": "VCID-mapy-1mup-wfgx" }, { "vulnerability": "VCID-v6ek-y7cn-kycd" }, { "vulnerability": "VCID-vdv3-7dwp-suab" }, { "vulnerability": "VCID-xyc4-63ra-mfh2" }, { "vulnerability": "VCID-ysp6-t713-ffgr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-netty@4.1.63-2.Final_redhat_00003.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/93570?format=api", "purl": "pkg:rpm/redhat/eap7-netty@4.1.63-5.Final_redhat_00003.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vrj-chs2-d3ab" }, { "vulnerability": "VCID-469b-j213-6ufk" }, { "vulnerability": "VCID-5585-a76n-zubf" }, { "vulnerability": "VCID-62gn-nwup-8uat" }, { "vulnerability": "VCID-6ssa-j1q1-c3cs" }, { "vulnerability": "VCID-7yc7-e35f-8uhj" }, { "vulnerability": "VCID-8p4t-8f51-h3dc" }, { "vulnerability": "VCID-93ut-2de3-ckc5" }, { "vulnerability": "VCID-9p6a-t8zz-jkfd" }, { "vulnerability": "VCID-jz3d-vvfb-jfbw" }, { "vulnerability": "VCID-usz2-tufg-k7gz" }, { "vulnerability": "VCID-v6ek-y7cn-kycd" }, { "vulnerability": "VCID-xftw-raz7-b7e1" }, { "vulnerability": "VCID-xyc4-63ra-mfh2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-netty@4.1.63-5.Final_redhat_00003.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/93756?format=api", "purl": "pkg:rpm/redhat/eap7-undertow@1.4.18-16.SP14_redhat_00001.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5585-a76n-zubf" }, { "vulnerability": "VCID-62gn-nwup-8uat" }, { "vulnerability": "VCID-6ssa-j1q1-c3cs" }, { "vulnerability": "VCID-8p4t-8f51-h3dc" }, { "vulnerability": "VCID-9p6a-t8zz-jkfd" }, { "vulnerability": "VCID-9v3p-qkzz-ukgg" }, { "vulnerability": "VCID-beaj-uk9m-17be" }, { "vulnerability": "VCID-gkzd-prsr-gqc8" }, { "vulnerability": "VCID-jz3d-vvfb-jfbw" }, { "vulnerability": "VCID-mapy-1mup-wfgx" }, { "vulnerability": "VCID-v6ek-y7cn-kycd" }, { "vulnerability": "VCID-vdv3-7dwp-suab" }, { "vulnerability": "VCID-xyc4-63ra-mfh2" }, { "vulnerability": "VCID-ysp6-t713-ffgr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow@1.4.18-16.SP14_redhat_00001.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/93567?format=api", "purl": "pkg:rpm/redhat/eap7-undertow@2.0.41-4.SP5_redhat_00001.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vrj-chs2-d3ab" }, { "vulnerability": "VCID-469b-j213-6ufk" }, { "vulnerability": "VCID-5585-a76n-zubf" }, { "vulnerability": "VCID-62gn-nwup-8uat" }, { "vulnerability": "VCID-6ssa-j1q1-c3cs" }, { "vulnerability": "VCID-7yc7-e35f-8uhj" }, { "vulnerability": "VCID-8p4t-8f51-h3dc" }, { "vulnerability": "VCID-93ut-2de3-ckc5" }, { "vulnerability": "VCID-9p6a-t8zz-jkfd" }, { "vulnerability": "VCID-jz3d-vvfb-jfbw" }, { "vulnerability": "VCID-usz2-tufg-k7gz" }, { "vulnerability": "VCID-v6ek-y7cn-kycd" }, { "vulnerability": "VCID-xftw-raz7-b7e1" }, { "vulnerability": "VCID-xyc4-63ra-mfh2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow@2.0.41-4.SP5_redhat_00001.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/96952?format=api", "purl": "pkg:rpm/redhat/eap7-undertow@2.2.23-1.SP2_redhat_00001.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4s4f-emvn-9bhh" }, { "vulnerability": "VCID-jz3d-vvfb-jfbw" }, { "vulnerability": "VCID-knw5-d2nn-vyhq" }, { "vulnerability": "VCID-usz2-tufg-k7gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow@2.2.23-1.SP2_redhat_00001.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/96947?format=api", "purl": "pkg:rpm/redhat/eap7-undertow@2.2.23-1.SP2_redhat_00001.1?arch=el9eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4s4f-emvn-9bhh" }, { "vulnerability": "VCID-jz3d-vvfb-jfbw" }, { "vulnerability": "VCID-knw5-d2nn-vyhq" }, { "vulnerability": "VCID-usz2-tufg-k7gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow@2.2.23-1.SP2_redhat_00001.1%3Farch=el9eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/96951?format=api", "purl": "pkg:rpm/redhat/eap7-undertow@2.2.23-1.SP2_redhat_00001.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4s4f-emvn-9bhh" }, { "vulnerability": "VCID-jz3d-vvfb-jfbw" }, { "vulnerability": "VCID-knw5-d2nn-vyhq" }, { "vulnerability": "VCID-usz2-tufg-k7gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow@2.2.23-1.SP2_redhat_00001.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/96954?format=api", "purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.14-1.Final_redhat_00001.1?arch=el9eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4s4f-emvn-9bhh" }, { "vulnerability": "VCID-jz3d-vvfb-jfbw" }, { "vulnerability": "VCID-knw5-d2nn-vyhq" }, { "vulnerability": "VCID-usz2-tufg-k7gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow-jastow@2.0.14-1.Final_redhat_00001.1%3Farch=el9eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/96948?format=api", "purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.14-1.Final_redhat_00001.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4s4f-emvn-9bhh" }, { "vulnerability": "VCID-jz3d-vvfb-jfbw" }, { "vulnerability": "VCID-knw5-d2nn-vyhq" }, { "vulnerability": "VCID-usz2-tufg-k7gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow-jastow@2.0.14-1.Final_redhat_00001.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/96953?format=api", "purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.14-1.Final_redhat_00001.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4s4f-emvn-9bhh" }, { "vulnerability": "VCID-jz3d-vvfb-jfbw" }, { "vulnerability": "VCID-knw5-d2nn-vyhq" }, { "vulnerability": "VCID-usz2-tufg-k7gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow-jastow@2.0.14-1.Final_redhat_00001.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/93722?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly@7.1.11-4.GA_redhat_00002.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5585-a76n-zubf" }, { "vulnerability": "VCID-62gn-nwup-8uat" }, { "vulnerability": "VCID-6ssa-j1q1-c3cs" }, { "vulnerability": "VCID-8p4t-8f51-h3dc" }, { "vulnerability": "VCID-9p6a-t8zz-jkfd" }, { "vulnerability": "VCID-9v3p-qkzz-ukgg" }, { "vulnerability": "VCID-beaj-uk9m-17be" }, { "vulnerability": "VCID-gkzd-prsr-gqc8" }, { "vulnerability": "VCID-jz3d-vvfb-jfbw" }, { "vulnerability": "VCID-mapy-1mup-wfgx" }, { "vulnerability": "VCID-v6ek-y7cn-kycd" }, { "vulnerability": "VCID-vdv3-7dwp-suab" }, { "vulnerability": "VCID-xyc4-63ra-mfh2" }, { "vulnerability": "VCID-ysp6-t713-ffgr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly@7.1.11-4.GA_redhat_00002.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/93560?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly@7.3.14-3.GA_redhat_00002.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vrj-chs2-d3ab" }, { "vulnerability": "VCID-469b-j213-6ufk" }, { "vulnerability": "VCID-5585-a76n-zubf" }, { "vulnerability": "VCID-62gn-nwup-8uat" }, { "vulnerability": "VCID-6ssa-j1q1-c3cs" }, { "vulnerability": "VCID-7yc7-e35f-8uhj" }, { "vulnerability": "VCID-8p4t-8f51-h3dc" }, { "vulnerability": "VCID-93ut-2de3-ckc5" }, { "vulnerability": "VCID-9p6a-t8zz-jkfd" }, { "vulnerability": "VCID-jz3d-vvfb-jfbw" }, { "vulnerability": "VCID-usz2-tufg-k7gz" }, { "vulnerability": "VCID-v6ek-y7cn-kycd" }, { "vulnerability": "VCID-xftw-raz7-b7e1" }, { "vulnerability": "VCID-xyc4-63ra-mfh2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly@7.3.14-3.GA_redhat_00002.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/93720?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.1.14-1.Final_redhat_00001.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5585-a76n-zubf" }, { "vulnerability": "VCID-62gn-nwup-8uat" }, { "vulnerability": "VCID-6ssa-j1q1-c3cs" }, { "vulnerability": "VCID-8p4t-8f51-h3dc" }, { "vulnerability": "VCID-9p6a-t8zz-jkfd" }, { "vulnerability": "VCID-9v3p-qkzz-ukgg" }, { "vulnerability": "VCID-beaj-uk9m-17be" }, { "vulnerability": "VCID-gkzd-prsr-gqc8" }, { "vulnerability": "VCID-jz3d-vvfb-jfbw" }, { "vulnerability": "VCID-mapy-1mup-wfgx" }, { "vulnerability": "VCID-v6ek-y7cn-kycd" }, { "vulnerability": "VCID-vdv3-7dwp-suab" }, { "vulnerability": "VCID-xyc4-63ra-mfh2" }, { "vulnerability": "VCID-ysp6-t713-ffgr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-elytron@1.1.14-1.Final_redhat_00001.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/93564?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.10.17-1.Final_redhat_00001.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vrj-chs2-d3ab" }, { "vulnerability": "VCID-469b-j213-6ufk" }, { "vulnerability": "VCID-5585-a76n-zubf" }, { "vulnerability": "VCID-62gn-nwup-8uat" }, { "vulnerability": "VCID-6ssa-j1q1-c3cs" }, { "vulnerability": "VCID-7yc7-e35f-8uhj" }, { "vulnerability": "VCID-8p4t-8f51-h3dc" }, { "vulnerability": "VCID-93ut-2de3-ckc5" }, { "vulnerability": "VCID-9p6a-t8zz-jkfd" }, { "vulnerability": "VCID-jz3d-vvfb-jfbw" }, { "vulnerability": "VCID-usz2-tufg-k7gz" }, { "vulnerability": "VCID-v6ek-y7cn-kycd" }, { "vulnerability": "VCID-xftw-raz7-b7e1" }, { "vulnerability": "VCID-xyc4-63ra-mfh2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-elytron@1.10.17-1.Final_redhat_00001.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/93718?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly-http-client@1.0.21-1.Final_redhat_00001.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5585-a76n-zubf" }, { "vulnerability": "VCID-62gn-nwup-8uat" }, { "vulnerability": "VCID-6ssa-j1q1-c3cs" }, { "vulnerability": "VCID-8p4t-8f51-h3dc" }, { "vulnerability": "VCID-9p6a-t8zz-jkfd" }, { "vulnerability": "VCID-9v3p-qkzz-ukgg" }, { "vulnerability": "VCID-beaj-uk9m-17be" }, { "vulnerability": "VCID-gkzd-prsr-gqc8" }, { "vulnerability": "VCID-jz3d-vvfb-jfbw" }, { "vulnerability": "VCID-mapy-1mup-wfgx" }, { "vulnerability": "VCID-v6ek-y7cn-kycd" }, { "vulnerability": "VCID-vdv3-7dwp-suab" }, { "vulnerability": "VCID-xyc4-63ra-mfh2" }, { "vulnerability": "VCID-ysp6-t713-ffgr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-http-client@1.0.21-1.Final_redhat_00001.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/93746?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly-naming-client@1.0.13-1.Final_redhat_00001.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5585-a76n-zubf" }, { "vulnerability": "VCID-62gn-nwup-8uat" }, { "vulnerability": "VCID-6ssa-j1q1-c3cs" }, { "vulnerability": "VCID-8p4t-8f51-h3dc" }, { "vulnerability": "VCID-9p6a-t8zz-jkfd" }, { "vulnerability": "VCID-9v3p-qkzz-ukgg" }, { "vulnerability": "VCID-beaj-uk9m-17be" }, { "vulnerability": "VCID-gkzd-prsr-gqc8" }, { "vulnerability": "VCID-jz3d-vvfb-jfbw" }, { "vulnerability": "VCID-mapy-1mup-wfgx" }, { "vulnerability": "VCID-v6ek-y7cn-kycd" }, { "vulnerability": "VCID-vdv3-7dwp-suab" }, { "vulnerability": "VCID-xyc4-63ra-mfh2" }, { "vulnerability": "VCID-ysp6-t713-ffgr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-naming-client@1.0.13-1.Final_redhat_00001.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/93731?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly-openssl@1.0.12-1.Final_redhat_00001.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5585-a76n-zubf" }, { "vulnerability": "VCID-62gn-nwup-8uat" }, { "vulnerability": "VCID-6ssa-j1q1-c3cs" }, { "vulnerability": "VCID-8p4t-8f51-h3dc" }, { "vulnerability": "VCID-9p6a-t8zz-jkfd" }, { "vulnerability": "VCID-9v3p-qkzz-ukgg" }, { "vulnerability": "VCID-beaj-uk9m-17be" }, { "vulnerability": "VCID-gkzd-prsr-gqc8" }, { "vulnerability": "VCID-jz3d-vvfb-jfbw" }, { "vulnerability": "VCID-mapy-1mup-wfgx" }, { "vulnerability": "VCID-v6ek-y7cn-kycd" }, { "vulnerability": "VCID-vdv3-7dwp-suab" }, { "vulnerability": "VCID-xyc4-63ra-mfh2" }, { "vulnerability": "VCID-ysp6-t713-ffgr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-openssl@1.0.12-1.Final_redhat_00001.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/93729?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly-openssl-linux@1.0.12-6.Final_redhat_00001.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5585-a76n-zubf" }, { "vulnerability": "VCID-62gn-nwup-8uat" }, { "vulnerability": "VCID-6ssa-j1q1-c3cs" }, { "vulnerability": "VCID-8p4t-8f51-h3dc" }, { "vulnerability": "VCID-9p6a-t8zz-jkfd" }, { "vulnerability": "VCID-9v3p-qkzz-ukgg" }, { "vulnerability": "VCID-beaj-uk9m-17be" }, { "vulnerability": "VCID-gkzd-prsr-gqc8" }, { "vulnerability": "VCID-jz3d-vvfb-jfbw" }, { "vulnerability": "VCID-mapy-1mup-wfgx" }, { "vulnerability": "VCID-v6ek-y7cn-kycd" }, { "vulnerability": "VCID-vdv3-7dwp-suab" }, { "vulnerability": "VCID-xyc4-63ra-mfh2" }, { "vulnerability": "VCID-ysp6-t713-ffgr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-openssl-linux@1.0.12-6.Final_redhat_00001.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/97151?format=api", "purl": "pkg:rpm/redhat/rh-sso7-keycloak@18.0.7-1.redhat_00001.1?arch=el8sso", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4e5q-x177-uyat" }, { "vulnerability": "VCID-4s4f-emvn-9bhh" }, { "vulnerability": "VCID-etyq-9yys-tkdf" }, { "vulnerability": "VCID-fb8u-g65k-hffs" }, { "vulnerability": "VCID-jz3d-vvfb-jfbw" }, { "vulnerability": "VCID-qruf-r6dc-3ugj" }, { "vulnerability": "VCID-sqsn-ygsg-yfdu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@18.0.7-1.redhat_00001.1%3Farch=el8sso" }, { "url": "http://public2.vulnerablecode.io/api/packages/97150?format=api", "purl": "pkg:rpm/redhat/rh-sso7-keycloak@18.0.7-1.redhat_00001.1?arch=el7sso", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4e5q-x177-uyat" }, { "vulnerability": "VCID-4s4f-emvn-9bhh" }, { "vulnerability": "VCID-etyq-9yys-tkdf" }, { "vulnerability": "VCID-fb8u-g65k-hffs" }, { "vulnerability": "VCID-jz3d-vvfb-jfbw" }, { "vulnerability": "VCID-qruf-r6dc-3ugj" }, { "vulnerability": "VCID-sqsn-ygsg-yfdu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@18.0.7-1.redhat_00001.1%3Farch=el7sso" }, { "url": "http://public2.vulnerablecode.io/api/packages/97152?format=api", "purl": "pkg:rpm/redhat/rh-sso7-keycloak@18.0.7-1.redhat_00001.1?arch=el9sso", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4e5q-x177-uyat" }, { "vulnerability": "VCID-4s4f-emvn-9bhh" }, { "vulnerability": "VCID-etyq-9yys-tkdf" }, { "vulnerability": "VCID-fb8u-g65k-hffs" }, { "vulnerability": "VCID-jz3d-vvfb-jfbw" }, { "vulnerability": "VCID-qruf-r6dc-3ugj" }, { "vulnerability": "VCID-sqsn-ygsg-yfdu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@18.0.7-1.redhat_00001.1%3Farch=el9sso" } ], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4492.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4492.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-4492", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36251", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.3624", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36256", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36213", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36237", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36274", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36333", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36269", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36366", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36201", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-4492" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153260", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-12T14:33:53Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153260" }, { "reference_url": "https://github.com/undertow-io/undertow/blob/master/core/src/main/java/io/undertow/security/impl/ClientCertAuthenticationMechanism.java", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/undertow-io/undertow/blob/master/core/src/main/java/io/undertow/security/impl/ClientCertAuthenticationMechanism.java" }, { "reference_url": "https://github.com/undertow-io/undertow/pull/1447", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/undertow-io/undertow/pull/1447" }, { "reference_url": "https://github.com/undertow-io/undertow/pull/1447/commits/e5071e52b72529a14d3ec436ae7102cea5d918c4", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/undertow-io/undertow/pull/1447/commits/e5071e52b72529a14d3ec436ae7102cea5d918c4" }, { "reference_url": "https://github.com/undertow-io/undertow/pull/1457", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/undertow-io/undertow/pull/1457" }, { "reference_url": "https://github.com/undertow-io/undertow/pull/1457/commits/a4d3b167126a803cc4f7fb740dd9a6ecabf59342", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/undertow-io/undertow/pull/1457/commits/a4d3b167126a803cc4f7fb740dd9a6ecabf59342" }, { "reference_url": "https://issues.redhat.com/browse/MTA-93", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://issues.redhat.com/browse/MTA-93" }, { "reference_url": "https://issues.redhat.com/browse/UNDERTOW-2212", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://issues.redhat.com/browse/UNDERTOW-2212" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230324-0002", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20230324-0002" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032087", "reference_id": "1032087", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032087" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2022-4492", "reference_id": "CVE-2022-4492", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-12T14:33:53Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2022-4492" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4492", "reference_id": "CVE-2022-4492", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4492" }, { "reference_url": "https://github.com/advisories/GHSA-pfcc-3g6r-8rg8", "reference_id": "GHSA-pfcc-3g6r-8rg8", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pfcc-3g6r-8rg8" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230324-0002/", "reference_id": "ntap-20230324-0002", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-12T14:33:53Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230324-0002/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2100", "reference_id": "RHSA-2023:2100", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2100" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2705", "reference_id": "RHSA-2023:2705", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2705" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2706", "reference_id": "RHSA-2023:2706", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2706" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2707", "reference_id": "RHSA-2023:2707", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2707" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2710", "reference_id": "RHSA-2023:2710", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2710" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2713", "reference_id": "RHSA-2023:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2713" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3813", "reference_id": "RHSA-2023:3813", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3813" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4627", "reference_id": "RHSA-2023:4627", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4627" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4983", "reference_id": "RHSA-2023:4983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4983" } ], "weaknesses": [ { "cwe_id": 918, "name": "Server-Side Request Forgery (SSRF)", "description": "The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." }, { "cwe_id": 550, "name": "Server-generated Error Message Containing Sensitive Information", "description": "Certain conditions, such as network failure, will cause a server error message to be displayed." } ], "exploits": [], "severity_range_score": "7.5 - 10.0", "exploitability": "0.5", "weighted_severity": "9.0", "risk_score": 4.5, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jz3d-vvfb-jfbw" }