Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/40032?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40032?format=api", "vulnerability_id": "VCID-bfaf-hqw5-13fd", "summary": "Improper Handling of Exceptional Conditions\nIt is possible to configure Apache CXF to use the `com.sun.net.ssl` implementation via `System.setProperty`. When this system property is set, CXF uses some reflection to try to make the `HostnameVerifier` work with the old `com.sun.net.ssl.HostnameVerifier` interface. However, the default `HostnameVerifier` implementation in CXF does not implement the method in this interface, and an exception is thrown. However, in Apache CXF prior the exception is caught in the reflection code and not properly propagated. What this means is that if you are using the `com.sun.net.ssl` stack with CXF, an error with TLS hostname verification will not be thrown, leaving a CXF client subject to man-in-the-middle attacks.", "aliases": [ { "alias": "CVE-2018-8039" }, { "alias": "GHSA-jc7r-v6fg-2gpf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56867?format=api", "purl": "pkg:maven/org.apache.cxf/apache-cxf@3.1.16", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/apache-cxf@3.1.16" }, { "url": "http://public2.vulnerablecode.io/api/packages/56866?format=api", "purl": "pkg:maven/org.apache.cxf/apache-cxf@3.2.5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/apache-cxf@3.2.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/55994?format=api", "purl": "pkg:maven/org.apache.cxf/cxf@3.1.16", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf@3.1.16" }, { "url": "http://public2.vulnerablecode.io/api/packages/55995?format=api", "purl": "pkg:maven/org.apache.cxf/cxf@3.2.5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf@3.2.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/55998?format=api", "purl": "pkg:maven/org.apache.cxf/cxf-core@3.1.16", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-core@3.1.16" }, { "url": "http://public2.vulnerablecode.io/api/packages/55999?format=api", "purl": "pkg:maven/org.apache.cxf/cxf-core@3.2.5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-core@3.2.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/56897?format=api", "purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.1.16", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.1.16" }, { "url": "http://public2.vulnerablecode.io/api/packages/56896?format=api", "purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.2.5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.2.5" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55993?format=api", "purl": "pkg:maven/org.apache.cxf/cxf@3.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf@3.2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/55997?format=api", "purl": "pkg:maven/org.apache.cxf/cxf-core@3.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3g9n-mxg9-gqd4" }, { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-dfn3-d9ff-r7hz" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-core@3.2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/147922?format=api", "purl": "pkg:rpm/redhat/eap7-activemq-artemis@1.5.5.013-1.redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-activemq-artemis@1.5.5.013-1.redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147977?format=api", "purl": "pkg:rpm/redhat/eap7-activemq-artemis@1.5.5.013-1.redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-activemq-artemis@1.5.5.013-1.redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147921?format=api", "purl": "pkg:rpm/redhat/eap7-apache-cxf@3.1.16-1.redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-apache-cxf@3.1.16-1.redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147927?format=api", "purl": "pkg:rpm/redhat/eap7-apache-cxf@3.1.16-1.redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-apache-cxf@3.1.16-1.redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147979?format=api", "purl": "pkg:rpm/redhat/eap7-bouncycastle@1.56.0-5.redhat_3.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-bouncycastle@1.56.0-5.redhat_3.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147982?format=api", "purl": "pkg:rpm/redhat/eap7-bouncycastle@1.56.0-5.redhat_3.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-bouncycastle@1.56.0-5.redhat_3.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147933?format=api", "purl": "pkg:rpm/redhat/eap7-guava-libraries@25.0.0-1.redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-guava-libraries@25.0.0-1.redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147934?format=api", "purl": "pkg:rpm/redhat/eap7-guava-libraries@25.0.0-1.redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-guava-libraries@25.0.0-1.redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147924?format=api", "purl": "pkg:rpm/redhat/eap7-hibernate@5.1.15-1.Final_redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-hibernate@5.1.15-1.Final_redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147925?format=api", "purl": "pkg:rpm/redhat/eap7-hibernate@5.1.15-1.Final_redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-hibernate@5.1.15-1.Final_redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147971?format=api", "purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.10-1.Final_redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-ironjacamar@1.4.10-1.Final_redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147974?format=api", "purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.10-1.Final_redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-ironjacamar@1.4.10-1.Final_redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147969?format=api", "purl": "pkg:rpm/redhat/eap7-jberet@1.2.6-2.Final_redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jberet@1.2.6-2.Final_redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147970?format=api", "purl": "pkg:rpm/redhat/eap7-jberet@1.2.6-2.Final_redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jberet@1.2.6-2.Final_redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147953?format=api", "purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.11-1.Final_redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.11-1.Final_redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147955?format=api", "purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.11-1.Final_redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.11-1.Final_redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147985?format=api", "purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.8-1.Final_redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-remoting@5.0.8-1.Final_redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147987?format=api", "purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.8-1.Final_redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-remoting@5.0.8-1.Final_redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147941?format=api", "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.0.6-4.Final_redhat_4.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-server-migration@1.0.6-4.Final_redhat_4.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147942?format=api", "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.0.6-4.Final_redhat_4.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-server-migration@1.0.6-4.Final_redhat_4.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147988?format=api", "purl": "pkg:rpm/redhat/eap7-mod_cluster@1.3.10-1.Final_redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-mod_cluster@1.3.10-1.Final_redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147989?format=api", "purl": "pkg:rpm/redhat/eap7-mod_cluster@1.3.10-1.Final_redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-mod_cluster@1.3.10-1.Final_redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147930?format=api", "purl": "pkg:rpm/redhat/eap7-narayana@5.5.32-1.Final_redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-narayana@5.5.32-1.Final_redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147948?format=api", "purl": "pkg:rpm/redhat/eap7-narayana@5.5.32-1.Final_redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-narayana@5.5.32-1.Final_redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147952?format=api", "purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-13.SP12_redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-13.SP12_redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147965?format=api", "purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-13.SP12_redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-13.SP12_redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147937?format=api", "purl": "pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-13.SP12_redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-13.SP12_redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147939?format=api", "purl": "pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-13.SP12_redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-13.SP12_redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147963?format=api", "purl": "pkg:rpm/redhat/eap7-resteasy@3.0.26-1.Final_redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-resteasy@3.0.26-1.Final_redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147964?format=api", "purl": "pkg:rpm/redhat/eap7-resteasy@3.0.26-1.Final_redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-resteasy@3.0.26-1.Final_redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147972?format=api", "purl": "pkg:rpm/redhat/eap7-undertow@1.4.18-7.SP8_redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow@1.4.18-7.SP8_redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147975?format=api", "purl": "pkg:rpm/redhat/eap7-undertow@1.4.18-7.SP8_redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow@1.4.18-7.SP8_redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147956?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly@7.1.3-4.GA_redhat_3.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly@7.1.3-4.GA_redhat_3.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147958?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly@7.1.3-4.GA_redhat_3.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly@7.1.3-4.GA_redhat_3.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147966?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly@7.1.4-1.GA_redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly@7.1.4-1.GA_redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147968?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly@7.1.4-1.GA_redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly@7.1.4-1.GA_redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147945?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.1.4-2.GA_redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-javadocs@7.1.4-2.GA_redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147946?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.1.4-2.GA_redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-javadocs@7.1.4-2.GA_redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147931?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly-naming-client@1.0.9-1.Final_redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-naming-client@1.0.9-1.Final_redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147936?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly-naming-client@1.0.9-1.Final_redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-naming-client@1.0.9-1.Final_redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147926?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly-openssl-linux@1.0.6-14.Final_redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-openssl-linux@1.0.6-14.Final_redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147928?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly-openssl-linux@1.0.6-14.Final_redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-openssl-linux@1.0.6-14.Final_redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147980?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.0.4-1.Final_redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-transaction-client@1.0.4-1.Final_redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147983?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.0.4-1.Final_redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-transaction-client@1.0.4-1.Final_redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147949?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly-web-console-eap@2.9.18-1.Final_redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-web-console-eap@2.9.18-1.Final_redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147950?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly-web-console-eap@2.9.18-1.Final_redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-web-console-eap@2.9.18-1.Final_redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147960?format=api", "purl": "pkg:rpm/redhat/eap7-wss4j@2.1.12-1.redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wss4j@2.1.12-1.redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147961?format=api", "purl": "pkg:rpm/redhat/eap7-wss4j@2.1.12-1.redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wss4j@2.1.12-1.redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147944?format=api", "purl": "pkg:rpm/redhat/eap7-xml-security@2.0.10-1.redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-xml-security@2.0.10-1.redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147947?format=api", "purl": "pkg:rpm/redhat/eap7-xml-security@2.0.10-1.redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-xml-security@2.0.10-1.redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147338?format=api", "purl": "pkg:rpm/redhat/rhvm-appliance@4.2-20180828.0?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1axs-e8x2-3udx" }, { "vulnerability": "VCID-4zav-auak-8qbu" }, { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" }, { "vulnerability": "VCID-xdmu-mgga-xuf2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rhvm-appliance@4.2-20180828.0%3Farch=el7" } ], "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2276", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2276" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2277", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2277" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2279", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2279" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2423", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2423" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2424", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2424" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2425", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2425" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2428", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2428" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2643", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2643" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3768", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:3768" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3817", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:3817" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8039.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8039.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8039", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02899", "scoring_system": "epss", "scoring_elements": "0.86615", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8039" }, { "reference_url": "https://github.com/apache/cxf", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/cxf" }, { "reference_url": "https://github.com/apache/cxf/commit/8ed6208f987ff72e4c4d2cf8a6b1ec9b27575d4", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/cxf/commit/8ed6208f987ff72e4c4d2cf8a6b1ec9b27575d4" }, { "reference_url": "https://github.com/apache/cxf/commit/fae6fabf9bd7647f5e9cb68897a7d72b545b741", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/cxf/commit/fae6fabf9bd7647f5e9cb68897a7d72b545b741" }, { "reference_url": "https://github.com/apache/cxf/commit/fae6fabf9bd7647f5e9cb68897a7d72b545b741b", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/cxf/commit/fae6fabf9bd7647f5e9cb68897a7d72b545b741b" }, { "reference_url": "https://lists.apache.org/thread.html/1f8ff31df204ad0374ab26ad333169e0387a5e7ec92422f337431866@%3Cdev.cxf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/1f8ff31df204ad0374ab26ad333169e0387a5e7ec92422f337431866@%3Cdev.cxf.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2020.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpujan2020.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "reference_url": "http://www.securityfocus.com/bid/106357", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/106357" }, { "reference_url": "http://www.securitytracker.com/id/1041199", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securitytracker.com/id/1041199" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595332", "reference_id": "1595332", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595332" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8039", "reference_id": "CVE-2018-8039", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8039" }, { "reference_url": "https://cxf.apache.org/security-advisories.data/CVE-2018-8039.txt.asc", "reference_id": "CVE-2018-8039.TXT.ASC", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://cxf.apache.org/security-advisories.data/CVE-2018-8039.txt.asc" }, { "reference_url": "https://github.com/advisories/GHSA-jc7r-v6fg-2gpf", "reference_id": "GHSA-jc7r-v6fg-2gpf", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jc7r-v6fg-2gpf" } ], "weaknesses": [ { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." }, { "cwe_id": 755, "name": "Improper Handling of Exceptional Conditions", "description": "The product does not handle or incorrectly handles an exceptional condition." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 248, "name": "Uncaught Exception", "description": "An exception is thrown from a function, but it is not caught." } ], "exploits": [], "severity_range_score": "6.5 - 8.9", "exploitability": "0.5", "weighted_severity": "8.0", "risk_score": 4.0, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bfaf-hqw5-13fd" }