Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/43936?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43936?format=api", "vulnerability_id": "VCID-u3cg-2enp-4ba8", "summary": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')\nWildFly Core before version 6.0.0.Alpha3 does not properly validate file paths in .war archives, allowing for the extraction of crafted .war archives to overwrite arbitrary files. This is an instance of the 'Zip Slip' vulnerability.", "aliases": [ { "alias": "CVE-2018-10862" }, { "alias": "GHSA-w8r2-5j8x-x8j6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/63156?format=api", "purl": "pkg:maven/org.wildfly.core/wildfly-server@6.0.0.Alpha3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.wildfly.core/wildfly-server@6.0.0.Alpha3" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/63155?format=api", "purl": "pkg:maven/org.wildfly.core/wildfly-server@6.0.0.Alpha2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.wildfly.core/wildfly-server@6.0.0.Alpha2" }, { "url": "http://public2.vulnerablecode.io/api/packages/147922?format=api", "purl": "pkg:rpm/redhat/eap7-activemq-artemis@1.5.5.013-1.redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-activemq-artemis@1.5.5.013-1.redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147977?format=api", "purl": "pkg:rpm/redhat/eap7-activemq-artemis@1.5.5.013-1.redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-activemq-artemis@1.5.5.013-1.redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147921?format=api", "purl": "pkg:rpm/redhat/eap7-apache-cxf@3.1.16-1.redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-apache-cxf@3.1.16-1.redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147927?format=api", "purl": "pkg:rpm/redhat/eap7-apache-cxf@3.1.16-1.redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-apache-cxf@3.1.16-1.redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147979?format=api", "purl": "pkg:rpm/redhat/eap7-bouncycastle@1.56.0-5.redhat_3.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-bouncycastle@1.56.0-5.redhat_3.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147982?format=api", "purl": "pkg:rpm/redhat/eap7-bouncycastle@1.56.0-5.redhat_3.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-bouncycastle@1.56.0-5.redhat_3.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147933?format=api", "purl": "pkg:rpm/redhat/eap7-guava-libraries@25.0.0-1.redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-guava-libraries@25.0.0-1.redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147934?format=api", "purl": "pkg:rpm/redhat/eap7-guava-libraries@25.0.0-1.redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-guava-libraries@25.0.0-1.redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147924?format=api", "purl": "pkg:rpm/redhat/eap7-hibernate@5.1.15-1.Final_redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-hibernate@5.1.15-1.Final_redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147925?format=api", "purl": "pkg:rpm/redhat/eap7-hibernate@5.1.15-1.Final_redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-hibernate@5.1.15-1.Final_redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147971?format=api", "purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.10-1.Final_redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-ironjacamar@1.4.10-1.Final_redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147974?format=api", "purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.10-1.Final_redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-ironjacamar@1.4.10-1.Final_redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147969?format=api", "purl": "pkg:rpm/redhat/eap7-jberet@1.2.6-2.Final_redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jberet@1.2.6-2.Final_redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147970?format=api", "purl": "pkg:rpm/redhat/eap7-jberet@1.2.6-2.Final_redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jberet@1.2.6-2.Final_redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147953?format=api", "purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.11-1.Final_redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.11-1.Final_redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147955?format=api", "purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.11-1.Final_redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.11-1.Final_redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147985?format=api", "purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.8-1.Final_redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-remoting@5.0.8-1.Final_redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147987?format=api", "purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.8-1.Final_redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-remoting@5.0.8-1.Final_redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147941?format=api", "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.0.6-4.Final_redhat_4.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-server-migration@1.0.6-4.Final_redhat_4.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147942?format=api", "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.0.6-4.Final_redhat_4.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-server-migration@1.0.6-4.Final_redhat_4.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147988?format=api", "purl": "pkg:rpm/redhat/eap7-mod_cluster@1.3.10-1.Final_redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-mod_cluster@1.3.10-1.Final_redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147989?format=api", "purl": "pkg:rpm/redhat/eap7-mod_cluster@1.3.10-1.Final_redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-mod_cluster@1.3.10-1.Final_redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147930?format=api", "purl": "pkg:rpm/redhat/eap7-narayana@5.5.32-1.Final_redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-narayana@5.5.32-1.Final_redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147948?format=api", "purl": "pkg:rpm/redhat/eap7-narayana@5.5.32-1.Final_redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-narayana@5.5.32-1.Final_redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147952?format=api", "purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-13.SP12_redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-13.SP12_redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147965?format=api", "purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-13.SP12_redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-13.SP12_redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147937?format=api", "purl": "pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-13.SP12_redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-13.SP12_redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147939?format=api", "purl": "pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-13.SP12_redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-13.SP12_redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147963?format=api", "purl": "pkg:rpm/redhat/eap7-resteasy@3.0.26-1.Final_redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-resteasy@3.0.26-1.Final_redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147964?format=api", "purl": "pkg:rpm/redhat/eap7-resteasy@3.0.26-1.Final_redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-resteasy@3.0.26-1.Final_redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147972?format=api", "purl": "pkg:rpm/redhat/eap7-undertow@1.4.18-7.SP8_redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow@1.4.18-7.SP8_redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147975?format=api", "purl": "pkg:rpm/redhat/eap7-undertow@1.4.18-7.SP8_redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow@1.4.18-7.SP8_redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147956?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly@7.1.3-4.GA_redhat_3.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly@7.1.3-4.GA_redhat_3.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147958?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly@7.1.3-4.GA_redhat_3.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly@7.1.3-4.GA_redhat_3.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147966?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly@7.1.4-1.GA_redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly@7.1.4-1.GA_redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147968?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly@7.1.4-1.GA_redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly@7.1.4-1.GA_redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147945?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.1.4-2.GA_redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-javadocs@7.1.4-2.GA_redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147946?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.1.4-2.GA_redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-javadocs@7.1.4-2.GA_redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147931?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly-naming-client@1.0.9-1.Final_redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-naming-client@1.0.9-1.Final_redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147936?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly-naming-client@1.0.9-1.Final_redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-naming-client@1.0.9-1.Final_redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147926?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly-openssl-linux@1.0.6-14.Final_redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-openssl-linux@1.0.6-14.Final_redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147928?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly-openssl-linux@1.0.6-14.Final_redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-openssl-linux@1.0.6-14.Final_redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147980?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.0.4-1.Final_redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-transaction-client@1.0.4-1.Final_redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147983?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.0.4-1.Final_redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-transaction-client@1.0.4-1.Final_redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147949?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly-web-console-eap@2.9.18-1.Final_redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-web-console-eap@2.9.18-1.Final_redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147950?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly-web-console-eap@2.9.18-1.Final_redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-feh3-4nhp-cyf9" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-web-console-eap@2.9.18-1.Final_redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147960?format=api", "purl": "pkg:rpm/redhat/eap7-wss4j@2.1.12-1.redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wss4j@2.1.12-1.redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147961?format=api", "purl": "pkg:rpm/redhat/eap7-wss4j@2.1.12-1.redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wss4j@2.1.12-1.redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147944?format=api", "purl": "pkg:rpm/redhat/eap7-xml-security@2.0.10-1.redhat_1.1.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-xml-security@2.0.10-1.redhat_1.1.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/147947?format=api", "purl": "pkg:rpm/redhat/eap7-xml-security@2.0.10-1.redhat_1.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-xml-security@2.0.10-1.redhat_1.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/147338?format=api", "purl": "pkg:rpm/redhat/rhvm-appliance@4.2-20180828.0?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1axs-e8x2-3udx" }, { "vulnerability": "VCID-4zav-auak-8qbu" }, { "vulnerability": "VCID-bfaf-hqw5-13fd" }, { "vulnerability": "VCID-jbuu-hpb4-3fa4" }, { "vulnerability": "VCID-k31z-bskx-uuc9" }, { "vulnerability": "VCID-u3cg-2enp-4ba8" }, { "vulnerability": "VCID-xdmu-mgga-xuf2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rhvm-appliance@4.2-20180828.0%3Farch=el7" } ], "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2276", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2276" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2277", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2277" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2279", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2279" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2423", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2423" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2424", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2424" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2425", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2425" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2428", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2428" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2643", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2643" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0877", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:0877" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10862.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10862.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10862", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.53414", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10862" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10862", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10862" }, { "reference_url": "https://github.com/wildfly/wildfly-core/commit/40996ae6d5d3b6c1602a15f96b86a8d8a39b53eb", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/wildfly/wildfly-core/commit/40996ae6d5d3b6c1602a15f96b86a8d8a39b53eb" }, { "reference_url": "https://snyk.io/research/zip-slip-vulnerability", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://snyk.io/research/zip-slip-vulnerability" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1593527", "reference_id": "1593527", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1593527" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10862", "reference_id": "CVE-2018-10862", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10862" }, { "reference_url": "https://github.com/advisories/GHSA-w8r2-5j8x-x8j6", "reference_id": "GHSA-w8r2-5j8x-x8j6", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-w8r2-5j8x-x8j6" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2321", "reference_id": "RHSA-2020:2321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2321" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2562", "reference_id": "RHSA-2020:2562", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2562" } ], "weaknesses": [ { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." }, { "cwe_id": 22, "name": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "description": "The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." } ], "exploits": [], "severity_range_score": "4.0 - 7.6", "exploitability": "0.5", "weighted_severity": "6.8", "risk_score": 3.4, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u3cg-2enp-4ba8" }