VulnerableCode.io REST API

Lookup for vulnerabilities affecting packages.

GET /api/vulnerabilities/38666?format=api

HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38666?format=api",
    "vulnerability_id": "VCID-hwy7-n4uz-ffa1",
    "summary": "Cross-site Scripting\nIt is possible for an attacker to take advantage of a user's trust in the server to trick them into visiting a link that points to a shared Spark cluster and submits data including MHTML to the Spark master, or history server. This data, which could contain a script, would then be reflected back to the user and could be evaluated and executed by MS Windows-based clients. It is not an attack on Spark itself, but on the user, who may then execute the script inadvertently when viewing elements of the Spark web UIs.",
    "aliases": [
        {
            "alias": "CVE-2017-7678"
        },
        {
            "alias": "GHSA-r34r-f84j-5x4x"
        }
    ],
    "fixed_packages": [
        {
            "url": "http://public2.vulnerablecode.io/api/packages/56980?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.10@2.2.0",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-3gwu-myk4-ufdj"
                },
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hx6d-5966-dbgx"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@2.2.0"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/56979?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.11@2.1.2",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hx6d-5966-dbgx"
                },
                {
                    "vulnerability": "VCID-ntyz-qt6e-vqf3"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@2.1.2"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/53722?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.11@2.2.0",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hx6d-5966-dbgx"
                },
                {
                    "vulnerability": "VCID-ntyz-qt6e-vqf3"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@2.2.0"
        }
    ],
    "affected_packages": [
        {
            "url": "http://public2.vulnerablecode.io/api/packages/228369?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.10@0.9.0-incubating",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@0.9.0-incubating"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/228370?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.10@0.9.1",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@0.9.1"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/228371?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.10@0.9.2",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@0.9.2"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/56987?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.10@1.0.0",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-3gwu-myk4-ufdj"
                },
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@1.0.0"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/228372?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.10@1.0.1",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-3gwu-myk4-ufdj"
                },
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@1.0.1"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/228373?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.10@1.0.2",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-3gwu-myk4-ufdj"
                },
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@1.0.2"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/228374?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.10@1.1.0",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-3gwu-myk4-ufdj"
                },
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@1.1.0"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/228375?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.10@1.1.1",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-3gwu-myk4-ufdj"
                },
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@1.1.1"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/228376?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.10@1.2.0",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-3gwu-myk4-ufdj"
                },
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@1.2.0"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/228377?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.10@1.2.1",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-3gwu-myk4-ufdj"
                },
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@1.2.1"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/228378?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.10@1.2.2",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-3gwu-myk4-ufdj"
                },
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@1.2.2"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/63384?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.10@1.3.0",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-3gwu-myk4-ufdj"
                },
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-k96c-fsnj-sfbq"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@1.3.0"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/228379?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.10@1.3.1",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-3gwu-myk4-ufdj"
                },
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@1.3.1"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/228380?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.10@1.4.0",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-3gwu-myk4-ufdj"
                },
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@1.4.0"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/228381?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.10@1.4.1",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-3gwu-myk4-ufdj"
                },
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@1.4.1"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/228382?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.10@1.5.0",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-3gwu-myk4-ufdj"
                },
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@1.5.0"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/228383?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.10@1.5.1",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-3gwu-myk4-ufdj"
                },
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@1.5.1"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/228384?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.10@1.5.2",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-3gwu-myk4-ufdj"
                },
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@1.5.2"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/228385?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.10@1.6.0",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-3gwu-myk4-ufdj"
                },
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@1.6.0"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/228386?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.10@1.6.1",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-3gwu-myk4-ufdj"
                },
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@1.6.1"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/228387?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.10@1.6.2",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-3gwu-myk4-ufdj"
                },
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@1.6.2"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/228388?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.10@1.6.3",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-3gwu-myk4-ufdj"
                },
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@1.6.3"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/228389?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.10@2.0.0",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-3gwu-myk4-ufdj"
                },
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@2.0.0"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/228390?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.10@2.0.0-preview",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-3gwu-myk4-ufdj"
                },
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@2.0.0-preview"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/228391?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.10@2.0.1",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-3gwu-myk4-ufdj"
                },
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@2.0.1"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/228392?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.10@2.0.2",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-3gwu-myk4-ufdj"
                },
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@2.0.2"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/57583?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.10@2.1.0",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-3gwu-myk4-ufdj"
                },
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-hx6d-5966-dbgx"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@2.1.0"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/228393?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.10@2.1.1",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-3gwu-myk4-ufdj"
                },
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-hx6d-5966-dbgx"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@2.1.1"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/56996?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.10@2.1.2",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-3gwu-myk4-ufdj"
                },
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-hx6d-5966-dbgx"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@2.1.2"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/57584?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.10@2.1.3",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-k96c-fsnj-sfbq"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@2.1.3"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/211365?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.11@1.2.0",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-ntyz-qt6e-vqf3"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@1.2.0"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/211366?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.11@1.2.1",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-ntyz-qt6e-vqf3"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@1.2.1"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/211367?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.11@1.2.2",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-ntyz-qt6e-vqf3"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@1.2.2"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/63232?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.11@1.3.0",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-k96c-fsnj-sfbq"
                },
                {
                    "vulnerability": "VCID-ntyz-qt6e-vqf3"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@1.3.0"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/211368?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.11@1.3.1",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-ntyz-qt6e-vqf3"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@1.3.1"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/211369?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.11@1.4.0",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-ntyz-qt6e-vqf3"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@1.4.0"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/211370?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.11@1.4.1",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-ntyz-qt6e-vqf3"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@1.4.1"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/211371?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.11@1.5.0",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-ntyz-qt6e-vqf3"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@1.5.0"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/211372?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.11@1.5.1",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-ntyz-qt6e-vqf3"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@1.5.1"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/211373?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.11@1.5.2",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-ntyz-qt6e-vqf3"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@1.5.2"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/211374?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.11@1.6.0",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-ntyz-qt6e-vqf3"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@1.6.0"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/211375?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.11@1.6.1",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-ntyz-qt6e-vqf3"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@1.6.1"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/211376?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.11@1.6.2",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-ntyz-qt6e-vqf3"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@1.6.2"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/211377?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.11@1.6.3",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-ntyz-qt6e-vqf3"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@1.6.3"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/211378?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.11@2.0.0",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-ntyz-qt6e-vqf3"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@2.0.0"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/211379?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.11@2.0.0-preview",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-ntyz-qt6e-vqf3"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@2.0.0-preview"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/211380?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.11@2.0.1",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-ntyz-qt6e-vqf3"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@2.0.1"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/211381?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.11@2.0.2",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-ntyz-qt6e-vqf3"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@2.0.2"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/57578?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.11@2.1.0",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-hx6d-5966-dbgx"
                },
                {
                    "vulnerability": "VCID-ntyz-qt6e-vqf3"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@2.1.0"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/53721?format=api",
            "purl": "pkg:maven/org.apache.spark/spark-core_2.11@2.1.1",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-4r6t-jf6t-hkfu"
                },
                {
                    "vulnerability": "VCID-8fxy-5cvh-vfag"
                },
                {
                    "vulnerability": "VCID-hwy7-n4uz-ffa1"
                },
                {
                    "vulnerability": "VCID-hx6d-5966-dbgx"
                },
                {
                    "vulnerability": "VCID-ntyz-qt6e-vqf3"
                },
                {
                    "vulnerability": "VCID-zn7m-yme5-zufa"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@2.1.1"
        }
    ],
    "references": [
        {
            "reference_url": "http://apache-spark-developers-list.1001551.n3.nabble.com/CVE-2017-7678-Apache-Spark-XSS-web-UI-MHTML-vulnerability-td21947.html",
            "reference_id": "",
            "reference_type": "",
            "scores": [
                {
                    "value": "6.1",
                    "scoring_system": "cvssv3.1",
                    "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
                },
                {
                    "value": "MODERATE",
                    "scoring_system": "generic_textual",
                    "scoring_elements": ""
                }
            ],
            "url": "http://apache-spark-developers-list.1001551.n3.nabble.com/CVE-2017-7678-Apache-Spark-XSS-web-UI-MHTML-vulnerability-td21947.html"
        },
        {
            "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7678",
            "reference_id": "",
            "reference_type": "",
            "scores": [
                {
                    "value": "0.01421",
                    "scoring_system": "epss",
                    "scoring_elements": "0.80941",
                    "published_at": "2026-06-04T12:55:00Z"
                }
            ],
            "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7678"
        },
        {
            "reference_url": "http://www.securityfocus.com/bid/99603",
            "reference_id": "",
            "reference_type": "",
            "scores": [
                {
                    "value": "6.1",
                    "scoring_system": "cvssv3.1",
                    "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
                },
                {
                    "value": "MODERATE",
                    "scoring_system": "generic_textual",
                    "scoring_elements": ""
                }
            ],
            "url": "http://www.securityfocus.com/bid/99603"
        },
        {
            "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7678",
            "reference_id": "CVE-2017-7678",
            "reference_type": "",
            "scores": [
                {
                    "value": "6.1",
                    "scoring_system": "cvssv3.1",
                    "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
                },
                {
                    "value": "MODERATE",
                    "scoring_system": "generic_textual",
                    "scoring_elements": ""
                }
            ],
            "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7678"
        },
        {
            "reference_url": "https://github.com/advisories/GHSA-r34r-f84j-5x4x",
            "reference_id": "GHSA-r34r-f84j-5x4x",
            "reference_type": "",
            "scores": [
                {
                    "value": "6.1",
                    "scoring_system": "cvssv3.1",
                    "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
                },
                {
                    "value": "MODERATE",
                    "scoring_system": "generic_textual",
                    "scoring_elements": ""
                }
            ],
            "url": "https://github.com/advisories/GHSA-r34r-f84j-5x4x"
        }
    ],
    "weaknesses": [
        {
            "cwe_id": 1035,
            "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities",
            "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."
        },
        {
            "cwe_id": 79,
            "name": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
            "description": "The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users."
        },
        {
            "cwe_id": 937,
            "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities",
            "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."
        }
    ],
    "exploits": [],
    "severity_range_score": "4.0 - 6.9",
    "exploitability": "0.5",
    "weighted_severity": "6.2",
    "risk_score": 3.1,
    "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hwy7-n4uz-ffa1"
}

Vulnerability Instance