Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/33557?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33557?format=api", "vulnerability_id": "VCID-mz9r-j78c-dfe3", "summary": "Improper validation of certificate with host mismatch in Apache Log4j SMTP appender prior to version 2.13.2. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender.", "aliases": [ { "alias": "CVE-2020-9488" }, { "alias": "GHSA-vwqq-5vrc-xw9h" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/586266?format=api", "purl": "pkg:deb/debian/apache-log4j2@2.13.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j2@2.13.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038195?format=api", "purl": "pkg:deb/debian/apache-log4j2@2.17.1-1~deb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j2@2.17.1-1~deb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/583999?format=api", "purl": "pkg:deb/debian/apache-log4j2@2.17.1-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j2@2.17.1-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/584000?format=api", "purl": "pkg:deb/debian/apache-log4j2@2.19.0-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gcyx-fdns-k3bt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j2@2.19.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/42112?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.3.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/42286?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.12.3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.12.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/73344?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.13.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.13.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/42879?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.3.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/42585?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.12.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.12.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/73345?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.13.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.13.2" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038193?format=api", "purl": "pkg:deb/debian/apache-log4j2@2.0~beta9-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j2@2.0~beta9-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038194?format=api", "purl": "pkg:deb/debian/apache-log4j2@2.7-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j2@2.7-2" }, { "url": "http://public2.vulnerablecode.io/api/packages/76473?format=api", "purl": "pkg:ebuild/dev-java/log4j@1.2.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vfk-arae-ubha" }, { "vulnerability": "VCID-9k99-jzq8-fyge" }, { "vulnerability": "VCID-dqfp-gmpg-fyh3" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-zbwq-f71w-jqhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/log4j@1.2.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/205202?format=api", "purl": "pkg:maven/log4j/log4j@1.1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vfk-arae-ubha" }, { "vulnerability": "VCID-khr7-6pza-afab" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/log4j/log4j@1.1.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/198253?format=api", "purl": "pkg:maven/log4j/log4j@1.2.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vfk-arae-ubha" }, { "vulnerability": "VCID-698m-2hju-2qcv" }, { "vulnerability": "VCID-9k99-jzq8-fyge" }, { "vulnerability": "VCID-bbq3-tx7c-yucn" }, { "vulnerability": "VCID-khr7-6pza-afab" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-zbwq-f71w-jqhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/log4j/log4j@1.2.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/198254?format=api", "purl": "pkg:maven/log4j/log4j@1.2.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vfk-arae-ubha" }, { "vulnerability": "VCID-698m-2hju-2qcv" }, { "vulnerability": "VCID-9k99-jzq8-fyge" }, { "vulnerability": "VCID-bbq3-tx7c-yucn" }, { "vulnerability": "VCID-khr7-6pza-afab" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-zbwq-f71w-jqhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/log4j/log4j@1.2.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/198255?format=api", "purl": "pkg:maven/log4j/log4j@1.2.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vfk-arae-ubha" }, { "vulnerability": "VCID-698m-2hju-2qcv" }, { "vulnerability": "VCID-9k99-jzq8-fyge" }, { "vulnerability": "VCID-bbq3-tx7c-yucn" }, { "vulnerability": "VCID-khr7-6pza-afab" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-zbwq-f71w-jqhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/log4j/log4j@1.2.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/198256?format=api", "purl": "pkg:maven/log4j/log4j@1.2.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vfk-arae-ubha" }, { "vulnerability": "VCID-698m-2hju-2qcv" }, { "vulnerability": "VCID-9k99-jzq8-fyge" }, { "vulnerability": "VCID-bbq3-tx7c-yucn" }, { "vulnerability": "VCID-khr7-6pza-afab" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-zbwq-f71w-jqhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/log4j/log4j@1.2.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/198257?format=api", "purl": "pkg:maven/log4j/log4j@1.2.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vfk-arae-ubha" }, { "vulnerability": "VCID-698m-2hju-2qcv" }, { "vulnerability": "VCID-9k99-jzq8-fyge" }, { "vulnerability": "VCID-bbq3-tx7c-yucn" }, { "vulnerability": "VCID-khr7-6pza-afab" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-zbwq-f71w-jqhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/log4j/log4j@1.2.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/198258?format=api", "purl": "pkg:maven/log4j/log4j@1.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vfk-arae-ubha" }, { "vulnerability": "VCID-698m-2hju-2qcv" }, { "vulnerability": "VCID-9k99-jzq8-fyge" }, { "vulnerability": "VCID-bbq3-tx7c-yucn" }, { "vulnerability": "VCID-khr7-6pza-afab" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-zbwq-f71w-jqhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/log4j/log4j@1.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/198259?format=api", "purl": "pkg:maven/log4j/log4j@1.2.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vfk-arae-ubha" }, { "vulnerability": "VCID-698m-2hju-2qcv" }, { "vulnerability": "VCID-9k99-jzq8-fyge" }, { "vulnerability": "VCID-bbq3-tx7c-yucn" }, { "vulnerability": "VCID-khr7-6pza-afab" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-zbwq-f71w-jqhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/log4j/log4j@1.2.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/198260?format=api", "purl": "pkg:maven/log4j/log4j@1.2.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vfk-arae-ubha" }, { "vulnerability": "VCID-698m-2hju-2qcv" }, { "vulnerability": "VCID-9k99-jzq8-fyge" }, { "vulnerability": "VCID-bbq3-tx7c-yucn" }, { "vulnerability": "VCID-khr7-6pza-afab" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-zbwq-f71w-jqhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/log4j/log4j@1.2.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/198261?format=api", "purl": "pkg:maven/log4j/log4j@1.2.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vfk-arae-ubha" }, { "vulnerability": "VCID-698m-2hju-2qcv" }, { "vulnerability": "VCID-9k99-jzq8-fyge" }, { "vulnerability": "VCID-bbq3-tx7c-yucn" }, { "vulnerability": "VCID-khr7-6pza-afab" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-zbwq-f71w-jqhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/log4j/log4j@1.2.13" }, { "url": "http://public2.vulnerablecode.io/api/packages/198262?format=api", "purl": "pkg:maven/log4j/log4j@1.2.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vfk-arae-ubha" }, { "vulnerability": "VCID-698m-2hju-2qcv" }, { "vulnerability": "VCID-9k99-jzq8-fyge" }, { "vulnerability": "VCID-bbq3-tx7c-yucn" }, { "vulnerability": "VCID-khr7-6pza-afab" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-zbwq-f71w-jqhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/log4j/log4j@1.2.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/198263?format=api", "purl": "pkg:maven/log4j/log4j@1.2.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vfk-arae-ubha" }, { "vulnerability": "VCID-698m-2hju-2qcv" }, { "vulnerability": "VCID-9k99-jzq8-fyge" }, { "vulnerability": "VCID-bbq3-tx7c-yucn" }, { "vulnerability": "VCID-khr7-6pza-afab" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-zbwq-f71w-jqhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/log4j/log4j@1.2.15" }, { "url": "http://public2.vulnerablecode.io/api/packages/198264?format=api", "purl": "pkg:maven/log4j/log4j@1.2.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vfk-arae-ubha" }, { "vulnerability": "VCID-698m-2hju-2qcv" }, { "vulnerability": "VCID-9k99-jzq8-fyge" }, { "vulnerability": "VCID-bbq3-tx7c-yucn" }, { "vulnerability": "VCID-khr7-6pza-afab" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-zbwq-f71w-jqhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/log4j/log4j@1.2.16" }, { "url": "http://public2.vulnerablecode.io/api/packages/43495?format=api", "purl": "pkg:maven/log4j/log4j@1.2.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vfk-arae-ubha" }, { "vulnerability": "VCID-698m-2hju-2qcv" }, { "vulnerability": "VCID-9k99-jzq8-fyge" }, { "vulnerability": "VCID-bbq3-tx7c-yucn" }, { "vulnerability": "VCID-khr7-6pza-afab" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-zbwq-f71w-jqhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/log4j/log4j@1.2.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/568964?format=api", "purl": "pkg:maven/log4j/log4j@2.13.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/log4j/log4j@2.13.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/205180?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.0-alpha1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bbq3-tx7c-yucn" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.0-alpha1" }, { "url": "http://public2.vulnerablecode.io/api/packages/205181?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.0-alpha2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bbq3-tx7c-yucn" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.0-alpha2" }, { "url": "http://public2.vulnerablecode.io/api/packages/205182?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.0-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bbq3-tx7c-yucn" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.0-beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/205183?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.0-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bbq3-tx7c-yucn" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.0-beta2" }, { "url": "http://public2.vulnerablecode.io/api/packages/205184?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.0-beta3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bbq3-tx7c-yucn" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.0-beta3" }, { "url": "http://public2.vulnerablecode.io/api/packages/205185?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.0-beta4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bbq3-tx7c-yucn" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.0-beta4" }, { "url": "http://public2.vulnerablecode.io/api/packages/205186?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.0-beta5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bbq3-tx7c-yucn" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.0-beta5" }, { "url": "http://public2.vulnerablecode.io/api/packages/205187?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.0-beta6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bbq3-tx7c-yucn" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.0-beta6" }, { "url": "http://public2.vulnerablecode.io/api/packages/205188?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.0-beta7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bbq3-tx7c-yucn" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.0-beta7" }, { "url": "http://public2.vulnerablecode.io/api/packages/205189?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.0-beta8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bbq3-tx7c-yucn" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.0-beta8" }, { "url": "http://public2.vulnerablecode.io/api/packages/205190?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.0-beta9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bbq3-tx7c-yucn" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.0-beta9" }, { "url": "http://public2.vulnerablecode.io/api/packages/205191?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.0-rc1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bbq3-tx7c-yucn" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.0-rc1" }, { "url": "http://public2.vulnerablecode.io/api/packages/205192?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.0-rc2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bbq3-tx7c-yucn" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.0-rc2" }, { "url": "http://public2.vulnerablecode.io/api/packages/24060?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/161111?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/24061?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/24062?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/161112?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/161113?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/42108?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/42112?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.3.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/42283?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/42109?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.4.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/24063?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.4.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/24064?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/161114?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/161115?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/24065?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.6.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.6.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/24066?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/161116?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/24067?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.8.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.8.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/24068?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.8.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.8.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/205193?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.9.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.9.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/205194?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.9.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.9.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/205195?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.10.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/205196?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.11.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.11.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/205197?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.11.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.11.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/205198?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.11.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.11.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/205199?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.12.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/205200?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.12.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.12.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/42114?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.12.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.12.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/42110?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.13.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.13.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/205201?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j@2.13.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j@2.13.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/205205?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.0-alpha1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hhc8-3wd3-4bh5" }, { "vulnerability": "VCID-khr7-6pza-afab" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.0-alpha1" }, { "url": "http://public2.vulnerablecode.io/api/packages/205206?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.0-alpha2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-khr7-6pza-afab" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.0-alpha2" }, { "url": "http://public2.vulnerablecode.io/api/packages/205207?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.0-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-khr7-6pza-afab" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.0-beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/205208?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.0-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-khr7-6pza-afab" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.0-beta2" }, { "url": "http://public2.vulnerablecode.io/api/packages/205209?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.0-beta3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-khr7-6pza-afab" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.0-beta3" }, { "url": "http://public2.vulnerablecode.io/api/packages/205210?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.0-beta4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-khr7-6pza-afab" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.0-beta4" }, { "url": "http://public2.vulnerablecode.io/api/packages/205211?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.0-beta5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-khr7-6pza-afab" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.0-beta5" }, { "url": "http://public2.vulnerablecode.io/api/packages/205212?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.0-beta6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-khr7-6pza-afab" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.0-beta6" }, { "url": "http://public2.vulnerablecode.io/api/packages/42876?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.0-beta7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-khr7-6pza-afab" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.0-beta7" }, { "url": "http://public2.vulnerablecode.io/api/packages/205213?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.0-beta8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-khr7-6pza-afab" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.0-beta8" }, { "url": "http://public2.vulnerablecode.io/api/packages/67065?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.0-beta9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-khr7-6pza-afab" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.0-beta9" }, { "url": "http://public2.vulnerablecode.io/api/packages/205214?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.0-rc1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-khr7-6pza-afab" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.0-rc1" }, { "url": "http://public2.vulnerablecode.io/api/packages/205215?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.0-rc2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-khr7-6pza-afab" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.0-rc2" }, { "url": "http://public2.vulnerablecode.io/api/packages/56413?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/198543?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/198544?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/198545?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/198546?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/198547?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/42059?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/42879?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.3.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/42877?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/142358?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.4.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/198548?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.4.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/198549?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/198550?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/198551?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/198552?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.6.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.6.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/198553?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/198554?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/198555?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.8.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-74dr-6hxt-tbgu" }, { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.8.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/73011?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.8.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.8.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/205216?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.9.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.9.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/205217?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.9.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.9.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/205218?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.10.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/205219?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.11.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.11.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/205220?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.11.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.11.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/205221?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.11.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.11.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/205222?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.12.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nzu-3a6y-jqab" }, { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/205223?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.12.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.12.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/42060?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.12.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.12.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/42878?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.13.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8977-tjss-w7ba" }, { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-jwav-88m7-6fhz" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" }, { "vulnerability": "VCID-sjuz-dd96-sqe3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.13.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/205224?format=api", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.13.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gcyx-fdns-k3bt" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-r67p-yqg2-9bbq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.13.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/102741?format=api", "purl": "pkg:rpm/redhat/nodejs-rhea@1.0.24-1?arch=el8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bfp-5ub3-dqbr" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-twvp-wxff-zka2" }, { "vulnerability": "VCID-zea8-w4br-6qas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/nodejs-rhea@1.0.24-1%3Farch=el8" }, { "url": "http://public2.vulnerablecode.io/api/packages/102752?format=api", "purl": "pkg:rpm/redhat/qpid-cpp@1.36.0-31?arch=el6_10amq", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bfp-5ub3-dqbr" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-twvp-wxff-zka2" }, { "vulnerability": "VCID-zea8-w4br-6qas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/qpid-cpp@1.36.0-31%3Farch=el6_10amq" }, { "url": "http://public2.vulnerablecode.io/api/packages/102755?format=api", "purl": "pkg:rpm/redhat/qpid-cpp@1.36.0-31?arch=el7amq", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bfp-5ub3-dqbr" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-twvp-wxff-zka2" }, { "vulnerability": "VCID-zea8-w4br-6qas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/qpid-cpp@1.36.0-31%3Farch=el7amq" }, { "url": "http://public2.vulnerablecode.io/api/packages/102759?format=api", "purl": "pkg:rpm/redhat/qpid-proton@0.32.0-1?arch=el6_10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bfp-5ub3-dqbr" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-twvp-wxff-zka2" }, { "vulnerability": "VCID-zea8-w4br-6qas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/qpid-proton@0.32.0-1%3Farch=el6_10" }, { "url": "http://public2.vulnerablecode.io/api/packages/102748?format=api", "purl": "pkg:rpm/redhat/qpid-proton@0.32.0-2?arch=el8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bfp-5ub3-dqbr" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-twvp-wxff-zka2" }, { "vulnerability": "VCID-zea8-w4br-6qas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/qpid-proton@0.32.0-2%3Farch=el8" }, { "url": "http://public2.vulnerablecode.io/api/packages/102747?format=api", "purl": "pkg:rpm/redhat/qpid-proton@0.32.0-2?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bfp-5ub3-dqbr" }, { "vulnerability": "VCID-mz9r-j78c-dfe3" }, { "vulnerability": "VCID-twvp-wxff-zka2" }, { "vulnerability": "VCID-zea8-w4br-6qas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/qpid-proton@0.32.0-2%3Farch=el7" } ], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9488.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9488.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-9488", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08288", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08396", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08412", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08432", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08439", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08351", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08428", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08376", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08422", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08321", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-9488" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9488", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9488" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://issues.apache.org/jira/browse/LOG4J2-2819", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://issues.apache.org/jira/browse/LOG4J2-2819" }, { "reference_url": "https://lists.apache.org/thread.html/r0a2699f724156a558afd1abb6c044fb9132caa66dce861b82699722a@%3Cjira.kafka.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r0a2699f724156a558afd1abb6c044fb9132caa66dce861b82699722a@%3Cjira.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r0df3d7a5acb98c57e64ab9266aa21eeee1d9b399addb96f9cf1cbe05@%3Cdev.zookeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r0df3d7a5acb98c57e64ab9266aa21eeee1d9b399addb96f9cf1cbe05@%3Cdev.zookeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r1fc73f0e16ec2fa249d3ad39a5194afb9cc5afb4c023dc0bab5a5881@%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r1fc73f0e16ec2fa249d3ad39a5194afb9cc5afb4c023dc0bab5a5881@%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r22a56beb76dd8cf18e24fda9072f1e05990f49d6439662d3782a392f@%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r22a56beb76dd8cf18e24fda9072f1e05990f49d6439662d3782a392f@%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r2f209d271349bafd91537a558a279c08ebcff8fa3e547357d58833e6@%3Cdev.zookeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r2f209d271349bafd91537a558a279c08ebcff8fa3e547357d58833e6@%3Cdev.zookeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r33864a0fc171c1c4bf680645ebb6d4f8057899ab294a43e1e4fe9d04@%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r33864a0fc171c1c4bf680645ebb6d4f8057899ab294a43e1e4fe9d04@%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r393943de452406f0f6f4b3def9f8d3c071f96323c1f6ed1a098f7fe4@%3Ctorque-dev.db.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r393943de452406f0f6f4b3def9f8d3c071f96323c1f6ed1a098f7fe4@%3Ctorque-dev.db.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r3d1d00441c55144a4013adda74b051ae7864128ebcfb6ee9721a2eb3@%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r3d1d00441c55144a4013adda74b051ae7864128ebcfb6ee9721a2eb3@%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r4285398e5585a0456d3d9db021a4fce6e6fcf3ec027dfa13a450ec98@%3Cissues.zookeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r4285398e5585a0456d3d9db021a4fce6e6fcf3ec027dfa13a450ec98@%3Cissues.zookeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r45916179811a32cbaa500f972de9098e6ee80ee81c7f134fce83e03a@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r45916179811a32cbaa500f972de9098e6ee80ee81c7f134fce83e03a@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r48bcd06049c1779ef709564544c3d8a32ae6ee5c3b7281a606ac4463@%3Cjira.kafka.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r48bcd06049c1779ef709564544c3d8a32ae6ee5c3b7281a606ac4463@%3Cjira.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r48efc7cb5aeb4e1f67aaa06fb4b5479a5635d12f07d0b93fc2d08809@%3Ccommits.zookeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r48efc7cb5aeb4e1f67aaa06fb4b5479a5635d12f07d0b93fc2d08809@%3Ccommits.zookeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r4d5dc9f3520071338d9ebc26f9f158a43ae28a91923d176b550a807b@%3Cdev.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r4d5dc9f3520071338d9ebc26f9f158a43ae28a91923d176b550a807b@%3Cdev.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r4db540cafc5d7232c62e076051ef661d37d345015b2e59b3f81a932f@%3Cdev.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r4db540cafc5d7232c62e076051ef661d37d345015b2e59b3f81a932f@%3Cdev.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r4ed1f49616a8603832d378cb9d13e7a8b9b27972bb46d946ccd8491f@%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r4ed1f49616a8603832d378cb9d13e7a8b9b27972bb46d946ccd8491f@%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r5a68258e5ab12532dc179edae3d6e87037fa3b50ab9d63a90c432507@%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r5a68258e5ab12532dc179edae3d6e87037fa3b50ab9d63a90c432507@%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r65578f3761a89bc164e8964acd5d913b9f8fd997967b195a89a97ca3@%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r65578f3761a89bc164e8964acd5d913b9f8fd997967b195a89a97ca3@%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r7641ee788e1eb1be4bb206a7d15f8a64ec6ef23e5ec6132d5a567695@%3Cnotifications.zookeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r7641ee788e1eb1be4bb206a7d15f8a64ec6ef23e5ec6132d5a567695@%3Cnotifications.zookeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r7e5c10534ed06bf805473ac85e8412fe3908a8fa4cabf5027bf11220@%3Cdev.kafka.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r7e5c10534ed06bf805473ac85e8412fe3908a8fa4cabf5027bf11220@%3Cdev.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r7e739f2961753af95e2a3a637828fb88bfca68e5d6b0221d483a9ee5@%3Cnotifications.zookeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r7e739f2961753af95e2a3a637828fb88bfca68e5d6b0221d483a9ee5@%3Cnotifications.zookeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r8c001b9a95c0bbec06f4457721edd94935a55932e64b82cc5582b846@%3Cissues.zookeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r8c001b9a95c0bbec06f4457721edd94935a55932e64b82cc5582b846@%3Cissues.zookeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r8e96c340004b7898cad3204ea51280ef6e4b553a684e1452bf1b18b1@%3Cjira.kafka.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r8e96c340004b7898cad3204ea51280ef6e4b553a684e1452bf1b18b1@%3Cjira.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9776e71e3c67c5d13a91c1eba0dc025b48b802eb7561cc6956d6961c@%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r9776e71e3c67c5d13a91c1eba0dc025b48b802eb7561cc6956d6961c@%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9a79175c393d14d760a0ae3731b4a873230a16ef321aa9ca48a810cd@%3Cissues.zookeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r9a79175c393d14d760a0ae3731b4a873230a16ef321aa9ca48a810cd@%3Cissues.zookeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ra051e07a0eea4943fa104247e69596f094951f51512d42c924e86c75@%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/ra051e07a0eea4943fa104247e69596f094951f51512d42c924e86c75@%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ra632b329b2ae2324fabbad5da204c4ec2e171ff60348ec4ba698fd40@%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/ra632b329b2ae2324fabbad5da204c4ec2e171ff60348ec4ba698fd40@%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rbc45eb0f53fd6242af3e666c2189464f848a851d408289840cecc6e3@%3Ccommits.zookeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rbc45eb0f53fd6242af3e666c2189464f848a851d408289840cecc6e3@%3Ccommits.zookeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3@%3Ctorque-dev.db.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3@%3Ctorque-dev.db.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rc2dbc4633a6eea1fcbce6831876cfa17b73759a98c65326d1896cb1a@%3Ctorque-dev.db.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rc2dbc4633a6eea1fcbce6831876cfa17b73759a98c65326d1896cb1a@%3Ctorque-dev.db.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rc6b81c013618d1de1b5d6b8c1088aaf87b4bacc10c2371f15a566701@%3Cnotifications.zookeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rc6b81c013618d1de1b5d6b8c1088aaf87b4bacc10c2371f15a566701@%3Cnotifications.zookeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26@%3Ccommits.pulsar.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26@%3Ccommits.pulsar.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd55f65c6822ff235eda435d31488cfbb9aa7055cdf47481ebee777cc@%3Cissues.zookeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rd55f65c6822ff235eda435d31488cfbb9aa7055cdf47481ebee777cc@%3Cissues.zookeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd5d58088812cf8e677d99b07f73c654014c524c94e7fedbdee047604@%3Ctorque-dev.db.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rd5d58088812cf8e677d99b07f73c654014c524c94e7fedbdee047604@%3Ctorque-dev.db.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd8e87c4d69df335d0ba7d815b63be8bd8a6352f429765c52eb07ddac@%3Cissues.zookeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rd8e87c4d69df335d0ba7d815b63be8bd8a6352f429765c52eb07ddac@%3Cissues.zookeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re024d86dffa72ad800f2848d0c77ed93f0b78ee808350b477a6ed987@%3Cgitbox.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/re024d86dffa72ad800f2848d0c77ed93f0b78ee808350b477a6ed987@%3Cgitbox.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rec34b1cccf907898e7cb36051ffac3ccf1ea89d0b261a2a3b3fb267f@%3Ccommits.zookeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rec34b1cccf907898e7cb36051ffac3ccf1ea89d0b261a2a3b3fb267f@%3Ccommits.zookeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf1c2a81a08034c688b8f15cf58a4cfab322d00002ca46d20133bee20@%3Cdev.kafka.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rf1c2a81a08034c688b8f15cf58a4cfab322d00002ca46d20133bee20@%3Cdev.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00017.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00017.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9488", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9488" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200504-0003", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20200504-0003" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200504-0003/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20200504-0003/" }, { "reference_url": "https://www.debian.org/security/2021/dsa-5020", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2021/dsa-5020" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuApr2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpujan2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831139", "reference_id": "1831139", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831139" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959450", "reference_id": "959450", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959450" }, { "reference_url": "https://github.com/advisories/GHSA-vwqq-5vrc-xw9h", "reference_id": "GHSA-vwqq-5vrc-xw9h", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-vwqq-5vrc-xw9h" }, { "reference_url": "https://security.gentoo.org/glsa/202402-16", "reference_id": "GLSA-202402-16", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-16" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2391", "reference_id": "RHSA-2020:2391", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2391" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3626", "reference_id": "RHSA-2020:3626", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3626" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3779", "reference_id": "RHSA-2020:3779", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3779" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5568", "reference_id": "RHSA-2020:5568", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5568" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0603", "reference_id": "RHSA-2021:0603", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0603" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1044", "reference_id": "RHSA-2021:1044", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1044" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5134", "reference_id": "RHSA-2021:5134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0497", "reference_id": "RHSA-2022:0497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0507", "reference_id": "RHSA-2022:0507", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0507" } ], "weaknesses": [ { "cwe_id": 295, "name": "Improper Certificate Validation", "description": "The product does not validate, or incorrectly validates, a certificate." }, { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." } ], "exploits": [], "severity_range_score": "0.1 - 3.7", "exploitability": "0.5", "weighted_severity": "3.3", "risk_score": 1.6, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mz9r-j78c-dfe3" }