Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/44516?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44516?format=api", "vulnerability_id": "VCID-6y93-ewt4-5kaz", "summary": "Undertow client not checking server identity presented by server certificate in https connections\nThe undertow client is not checking the server identity presented by the server certificate in https connections. This should be performed by default in https and in http/2.", "aliases": [ { "alias": "CVE-2022-4492" }, { "alias": "GHSA-pfcc-3g6r-8rg8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/133426?format=api", "purl": "pkg:deb/debian/undertow@2.3.8-2?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/undertow@2.3.8-2%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/133397?format=api", "purl": "pkg:deb/debian/undertow@2.3.20-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/undertow@2.3.20-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/64048?format=api", "purl": "pkg:maven/io.undertow/undertow-core@2.2.24.Final", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/io.undertow/undertow-core@2.2.24.Final" }, { "url": "http://public2.vulnerablecode.io/api/packages/64047?format=api", "purl": "pkg:maven/io.undertow/undertow-core@2.3.5.Final", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/io.undertow/undertow-core@2.3.5.Final" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/112423?format=api", "purl": "pkg:rpm/redhat/eap7-glassfish-el@3.0.1-4.b08_redhat_00005.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6y93-ewt4-5kaz" }, { "vulnerability": "VCID-82qv-6yrp-5ygb" }, { "vulnerability": "VCID-87dy-43px-e7gv" }, { "vulnerability": "VCID-8fr2-v728-cfcc" }, { "vulnerability": "VCID-8p1w-3us1-u7bk" }, { "vulnerability": "VCID-eqg4-bpsp-8khx" }, { "vulnerability": "VCID-fmhu-72zm-wucj" }, { "vulnerability": "VCID-fp7h-pcay-kfgj" }, { "vulnerability": "VCID-n3fq-7exc-qyan" }, { "vulnerability": "VCID-pxfj-dhfr-akhm" }, { "vulnerability": "VCID-r2k1-7y3z-77hh" }, { "vulnerability": "VCID-rm89-cg9k-m7hg" }, { "vulnerability": "VCID-xdbp-1ctt-zbg3" }, { "vulnerability": "VCID-zfjn-asm3-4kfu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-glassfish-el@3.0.1-4.b08_redhat_00005.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/112426?format=api", "purl": "pkg:rpm/redhat/eap7-hibernate@5.1.17-3.Final_redhat_00004.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6y93-ewt4-5kaz" }, { "vulnerability": "VCID-82qv-6yrp-5ygb" }, { "vulnerability": "VCID-87dy-43px-e7gv" }, { "vulnerability": "VCID-8fr2-v728-cfcc" }, { "vulnerability": "VCID-8p1w-3us1-u7bk" }, { "vulnerability": "VCID-eqg4-bpsp-8khx" }, { "vulnerability": "VCID-fmhu-72zm-wucj" }, { "vulnerability": "VCID-fp7h-pcay-kfgj" }, { "vulnerability": "VCID-n3fq-7exc-qyan" }, { "vulnerability": "VCID-pxfj-dhfr-akhm" }, { "vulnerability": "VCID-r2k1-7y3z-77hh" }, { "vulnerability": "VCID-rm89-cg9k-m7hg" }, { "vulnerability": "VCID-xdbp-1ctt-zbg3" }, { "vulnerability": "VCID-zfjn-asm3-4kfu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-hibernate@5.1.17-3.Final_redhat_00004.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/112219?format=api", "purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.10.4-3.redhat_00006.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-52hy-69kb-byee" }, { "vulnerability": "VCID-6y93-ewt4-5kaz" }, { "vulnerability": "VCID-87dy-43px-e7gv" }, { "vulnerability": "VCID-8fr2-v728-cfcc" }, { "vulnerability": "VCID-cf4e-n3d4-x7fq" }, { "vulnerability": "VCID-ewgw-1sk9-dqhe" }, { "vulnerability": "VCID-fmhu-72zm-wucj" }, { "vulnerability": "VCID-fp7h-pcay-kfgj" }, { "vulnerability": "VCID-n3fq-7exc-qyan" }, { "vulnerability": "VCID-r2k1-7y3z-77hh" }, { "vulnerability": "VCID-tqvr-tetp-8ugb" }, { "vulnerability": "VCID-vb58-6kfn-7uaj" }, { "vulnerability": "VCID-wz1m-11gx-cfd2" }, { "vulnerability": "VCID-zfjn-asm3-4kfu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-annotations@2.10.4-3.redhat_00006.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/112229?format=api", "purl": "pkg:rpm/redhat/eap7-jackson-core@2.10.4-3.redhat_00006.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-52hy-69kb-byee" }, { "vulnerability": "VCID-6y93-ewt4-5kaz" }, { "vulnerability": "VCID-87dy-43px-e7gv" }, { "vulnerability": "VCID-8fr2-v728-cfcc" }, { "vulnerability": "VCID-cf4e-n3d4-x7fq" }, { "vulnerability": "VCID-ewgw-1sk9-dqhe" }, { "vulnerability": "VCID-fmhu-72zm-wucj" }, { "vulnerability": "VCID-fp7h-pcay-kfgj" }, { "vulnerability": "VCID-n3fq-7exc-qyan" }, { "vulnerability": "VCID-r2k1-7y3z-77hh" }, { "vulnerability": "VCID-tqvr-tetp-8ugb" }, { "vulnerability": "VCID-vb58-6kfn-7uaj" }, { "vulnerability": "VCID-wz1m-11gx-cfd2" }, { "vulnerability": "VCID-zfjn-asm3-4kfu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-core@2.10.4-3.redhat_00006.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/112415?format=api", "purl": "pkg:rpm/redhat/eap7-jackson-databind@2.8.11.6-3.SP1_redhat_00003.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6y93-ewt4-5kaz" }, { "vulnerability": "VCID-82qv-6yrp-5ygb" }, { "vulnerability": "VCID-87dy-43px-e7gv" }, { "vulnerability": "VCID-8fr2-v728-cfcc" }, { "vulnerability": "VCID-8p1w-3us1-u7bk" }, { "vulnerability": "VCID-eqg4-bpsp-8khx" }, { "vulnerability": "VCID-fmhu-72zm-wucj" }, { "vulnerability": "VCID-fp7h-pcay-kfgj" }, { "vulnerability": "VCID-n3fq-7exc-qyan" }, { "vulnerability": "VCID-pxfj-dhfr-akhm" }, { "vulnerability": "VCID-r2k1-7y3z-77hh" }, { "vulnerability": "VCID-rm89-cg9k-m7hg" }, { "vulnerability": "VCID-xdbp-1ctt-zbg3" }, { "vulnerability": "VCID-zfjn-asm3-4kfu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-databind@2.8.11.6-3.SP1_redhat_00003.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/112235?format=api", "purl": "pkg:rpm/redhat/eap7-jackson-databind@2.10.4-5.redhat_00006.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-52hy-69kb-byee" }, { "vulnerability": "VCID-6y93-ewt4-5kaz" }, { "vulnerability": "VCID-87dy-43px-e7gv" }, { "vulnerability": "VCID-8fr2-v728-cfcc" }, { "vulnerability": "VCID-cf4e-n3d4-x7fq" }, { "vulnerability": "VCID-ewgw-1sk9-dqhe" }, { "vulnerability": "VCID-fmhu-72zm-wucj" }, { "vulnerability": "VCID-fp7h-pcay-kfgj" }, { "vulnerability": "VCID-n3fq-7exc-qyan" }, { "vulnerability": "VCID-r2k1-7y3z-77hh" }, { "vulnerability": "VCID-tqvr-tetp-8ugb" }, { "vulnerability": "VCID-vb58-6kfn-7uaj" }, { "vulnerability": "VCID-wz1m-11gx-cfd2" }, { "vulnerability": "VCID-zfjn-asm3-4kfu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-databind@2.10.4-5.redhat_00006.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/112242?format=api", "purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.10.4-3.redhat_00006.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-52hy-69kb-byee" }, { "vulnerability": "VCID-6y93-ewt4-5kaz" }, { "vulnerability": "VCID-87dy-43px-e7gv" }, { "vulnerability": "VCID-8fr2-v728-cfcc" }, { "vulnerability": "VCID-cf4e-n3d4-x7fq" }, { "vulnerability": "VCID-ewgw-1sk9-dqhe" }, { "vulnerability": "VCID-fmhu-72zm-wucj" }, { "vulnerability": "VCID-fp7h-pcay-kfgj" }, { "vulnerability": "VCID-n3fq-7exc-qyan" }, { "vulnerability": "VCID-r2k1-7y3z-77hh" }, { "vulnerability": "VCID-tqvr-tetp-8ugb" }, { "vulnerability": "VCID-vb58-6kfn-7uaj" }, { "vulnerability": "VCID-wz1m-11gx-cfd2" }, { "vulnerability": "VCID-zfjn-asm3-4kfu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.10.4-3.redhat_00006.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/112237?format=api", "purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.10.4-5.redhat_00006.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-52hy-69kb-byee" }, { "vulnerability": "VCID-6y93-ewt4-5kaz" }, { "vulnerability": "VCID-87dy-43px-e7gv" }, { "vulnerability": "VCID-8fr2-v728-cfcc" }, { "vulnerability": "VCID-cf4e-n3d4-x7fq" }, { "vulnerability": "VCID-ewgw-1sk9-dqhe" }, { "vulnerability": "VCID-fmhu-72zm-wucj" }, { "vulnerability": "VCID-fp7h-pcay-kfgj" }, { "vulnerability": "VCID-n3fq-7exc-qyan" }, { "vulnerability": "VCID-r2k1-7y3z-77hh" }, { "vulnerability": "VCID-tqvr-tetp-8ugb" }, { "vulnerability": "VCID-vb58-6kfn-7uaj" }, { "vulnerability": "VCID-wz1m-11gx-cfd2" }, { "vulnerability": "VCID-zfjn-asm3-4kfu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-modules-base@2.10.4-5.redhat_00006.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/112231?format=api", "purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.10.4-2.redhat_00006.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-52hy-69kb-byee" }, { "vulnerability": "VCID-6y93-ewt4-5kaz" }, { "vulnerability": "VCID-87dy-43px-e7gv" }, { "vulnerability": "VCID-8fr2-v728-cfcc" }, { "vulnerability": "VCID-cf4e-n3d4-x7fq" }, { "vulnerability": "VCID-ewgw-1sk9-dqhe" }, { "vulnerability": "VCID-fmhu-72zm-wucj" }, { "vulnerability": "VCID-fp7h-pcay-kfgj" }, { "vulnerability": "VCID-n3fq-7exc-qyan" }, { "vulnerability": "VCID-r2k1-7y3z-77hh" }, { "vulnerability": "VCID-tqvr-tetp-8ugb" }, { "vulnerability": "VCID-vb58-6kfn-7uaj" }, { "vulnerability": "VCID-wz1m-11gx-cfd2" }, { "vulnerability": "VCID-zfjn-asm3-4kfu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-modules-java8@2.10.4-2.redhat_00006.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/112432?format=api", "purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.12-1.Final_redhat_00002.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6y93-ewt4-5kaz" }, { "vulnerability": "VCID-82qv-6yrp-5ygb" }, { "vulnerability": "VCID-87dy-43px-e7gv" }, { "vulnerability": "VCID-8fr2-v728-cfcc" }, { "vulnerability": "VCID-8p1w-3us1-u7bk" }, { "vulnerability": "VCID-eqg4-bpsp-8khx" }, { "vulnerability": "VCID-fmhu-72zm-wucj" }, { "vulnerability": "VCID-fp7h-pcay-kfgj" }, { "vulnerability": "VCID-n3fq-7exc-qyan" }, { "vulnerability": "VCID-pxfj-dhfr-akhm" }, { "vulnerability": "VCID-r2k1-7y3z-77hh" }, { "vulnerability": "VCID-rm89-cg9k-m7hg" }, { "vulnerability": "VCID-xdbp-1ctt-zbg3" }, { "vulnerability": "VCID-zfjn-asm3-4kfu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.12-1.Final_redhat_00002.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/112221?format=api", "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-16.Final_redhat_00017.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-52hy-69kb-byee" }, { "vulnerability": "VCID-6y93-ewt4-5kaz" }, { "vulnerability": "VCID-87dy-43px-e7gv" }, { "vulnerability": "VCID-8fr2-v728-cfcc" }, { "vulnerability": "VCID-cf4e-n3d4-x7fq" }, { "vulnerability": "VCID-ewgw-1sk9-dqhe" }, { "vulnerability": "VCID-fmhu-72zm-wucj" }, { "vulnerability": "VCID-fp7h-pcay-kfgj" }, { "vulnerability": "VCID-n3fq-7exc-qyan" }, { "vulnerability": "VCID-r2k1-7y3z-77hh" }, { "vulnerability": "VCID-tqvr-tetp-8ugb" }, { "vulnerability": "VCID-vb58-6kfn-7uaj" }, { "vulnerability": "VCID-wz1m-11gx-cfd2" }, { "vulnerability": "VCID-zfjn-asm3-4kfu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-16.Final_redhat_00017.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/112412?format=api", "purl": "pkg:rpm/redhat/eap7-netty@4.1.63-2.Final_redhat_00003.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6y93-ewt4-5kaz" }, { "vulnerability": "VCID-82qv-6yrp-5ygb" }, { "vulnerability": "VCID-87dy-43px-e7gv" }, { "vulnerability": "VCID-8fr2-v728-cfcc" }, { "vulnerability": "VCID-8p1w-3us1-u7bk" }, { "vulnerability": "VCID-eqg4-bpsp-8khx" }, { "vulnerability": "VCID-fmhu-72zm-wucj" }, { "vulnerability": "VCID-fp7h-pcay-kfgj" }, { "vulnerability": "VCID-n3fq-7exc-qyan" }, { "vulnerability": "VCID-pxfj-dhfr-akhm" }, { "vulnerability": "VCID-r2k1-7y3z-77hh" }, { "vulnerability": "VCID-rm89-cg9k-m7hg" }, { "vulnerability": "VCID-xdbp-1ctt-zbg3" }, { "vulnerability": "VCID-zfjn-asm3-4kfu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-netty@4.1.63-2.Final_redhat_00003.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/112230?format=api", "purl": "pkg:rpm/redhat/eap7-netty@4.1.63-5.Final_redhat_00003.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-52hy-69kb-byee" }, { "vulnerability": "VCID-6y93-ewt4-5kaz" }, { "vulnerability": "VCID-87dy-43px-e7gv" }, { "vulnerability": "VCID-8fr2-v728-cfcc" }, { "vulnerability": "VCID-cf4e-n3d4-x7fq" }, { "vulnerability": "VCID-ewgw-1sk9-dqhe" }, { "vulnerability": "VCID-fmhu-72zm-wucj" }, { "vulnerability": "VCID-fp7h-pcay-kfgj" }, { "vulnerability": "VCID-n3fq-7exc-qyan" }, { "vulnerability": "VCID-r2k1-7y3z-77hh" }, { "vulnerability": "VCID-tqvr-tetp-8ugb" }, { "vulnerability": "VCID-vb58-6kfn-7uaj" }, { "vulnerability": "VCID-wz1m-11gx-cfd2" }, { "vulnerability": "VCID-zfjn-asm3-4kfu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-netty@4.1.63-5.Final_redhat_00003.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/112442?format=api", "purl": "pkg:rpm/redhat/eap7-undertow@1.4.18-16.SP14_redhat_00001.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6y93-ewt4-5kaz" }, { "vulnerability": "VCID-82qv-6yrp-5ygb" }, { "vulnerability": "VCID-87dy-43px-e7gv" }, { "vulnerability": "VCID-8fr2-v728-cfcc" }, { "vulnerability": "VCID-8p1w-3us1-u7bk" }, { "vulnerability": "VCID-eqg4-bpsp-8khx" }, { "vulnerability": "VCID-fmhu-72zm-wucj" }, { "vulnerability": "VCID-fp7h-pcay-kfgj" }, { "vulnerability": "VCID-n3fq-7exc-qyan" }, { "vulnerability": "VCID-pxfj-dhfr-akhm" }, { "vulnerability": "VCID-r2k1-7y3z-77hh" }, { "vulnerability": "VCID-rm89-cg9k-m7hg" }, { "vulnerability": "VCID-xdbp-1ctt-zbg3" }, { "vulnerability": "VCID-zfjn-asm3-4kfu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow@1.4.18-16.SP14_redhat_00001.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/112227?format=api", "purl": "pkg:rpm/redhat/eap7-undertow@2.0.41-4.SP5_redhat_00001.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-52hy-69kb-byee" }, { "vulnerability": "VCID-6y93-ewt4-5kaz" }, { "vulnerability": "VCID-87dy-43px-e7gv" }, { "vulnerability": "VCID-8fr2-v728-cfcc" }, { "vulnerability": "VCID-cf4e-n3d4-x7fq" }, { "vulnerability": "VCID-ewgw-1sk9-dqhe" }, { "vulnerability": "VCID-fmhu-72zm-wucj" }, { "vulnerability": "VCID-fp7h-pcay-kfgj" }, { "vulnerability": "VCID-n3fq-7exc-qyan" }, { "vulnerability": "VCID-r2k1-7y3z-77hh" }, { "vulnerability": "VCID-tqvr-tetp-8ugb" }, { "vulnerability": "VCID-vb58-6kfn-7uaj" }, { "vulnerability": "VCID-wz1m-11gx-cfd2" }, { "vulnerability": "VCID-zfjn-asm3-4kfu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow@2.0.41-4.SP5_redhat_00001.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/123804?format=api", "purl": "pkg:rpm/redhat/eap7-undertow@2.2.23-1.SP2_redhat_00001.1?arch=el9eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6y93-ewt4-5kaz" }, { "vulnerability": "VCID-ewgw-1sk9-dqhe" }, { "vulnerability": "VCID-jgsv-x4x2-4qcq" }, { "vulnerability": "VCID-ntgs-gu5v-wygw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow@2.2.23-1.SP2_redhat_00001.1%3Farch=el9eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/123811?format=api", "purl": "pkg:rpm/redhat/eap7-undertow@2.2.23-1.SP2_redhat_00001.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6y93-ewt4-5kaz" }, { "vulnerability": "VCID-ewgw-1sk9-dqhe" }, { "vulnerability": "VCID-jgsv-x4x2-4qcq" }, { "vulnerability": "VCID-ntgs-gu5v-wygw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow@2.2.23-1.SP2_redhat_00001.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/123812?format=api", "purl": "pkg:rpm/redhat/eap7-undertow@2.2.23-1.SP2_redhat_00001.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6y93-ewt4-5kaz" }, { "vulnerability": "VCID-ewgw-1sk9-dqhe" }, { "vulnerability": "VCID-jgsv-x4x2-4qcq" }, { "vulnerability": "VCID-ntgs-gu5v-wygw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow@2.2.23-1.SP2_redhat_00001.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/123807?format=api", "purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.14-1.Final_redhat_00001.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6y93-ewt4-5kaz" }, { "vulnerability": "VCID-ewgw-1sk9-dqhe" }, { "vulnerability": "VCID-jgsv-x4x2-4qcq" }, { "vulnerability": "VCID-ntgs-gu5v-wygw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow-jastow@2.0.14-1.Final_redhat_00001.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/123814?format=api", "purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.14-1.Final_redhat_00001.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6y93-ewt4-5kaz" }, { "vulnerability": "VCID-ewgw-1sk9-dqhe" }, { "vulnerability": "VCID-jgsv-x4x2-4qcq" }, { "vulnerability": "VCID-ntgs-gu5v-wygw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow-jastow@2.0.14-1.Final_redhat_00001.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/123815?format=api", "purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.14-1.Final_redhat_00001.1?arch=el9eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6y93-ewt4-5kaz" }, { "vulnerability": "VCID-ewgw-1sk9-dqhe" }, { "vulnerability": "VCID-jgsv-x4x2-4qcq" }, { "vulnerability": "VCID-ntgs-gu5v-wygw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow-jastow@2.0.14-1.Final_redhat_00001.1%3Farch=el9eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/112407?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly@7.1.11-4.GA_redhat_00002.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6y93-ewt4-5kaz" }, { "vulnerability": "VCID-82qv-6yrp-5ygb" }, { "vulnerability": "VCID-87dy-43px-e7gv" }, { "vulnerability": "VCID-8fr2-v728-cfcc" }, { "vulnerability": "VCID-8p1w-3us1-u7bk" }, { "vulnerability": "VCID-eqg4-bpsp-8khx" }, { "vulnerability": "VCID-fmhu-72zm-wucj" }, { "vulnerability": "VCID-fp7h-pcay-kfgj" }, { "vulnerability": "VCID-n3fq-7exc-qyan" }, { "vulnerability": "VCID-pxfj-dhfr-akhm" }, { "vulnerability": "VCID-r2k1-7y3z-77hh" }, { "vulnerability": "VCID-rm89-cg9k-m7hg" }, { "vulnerability": "VCID-xdbp-1ctt-zbg3" }, { "vulnerability": "VCID-zfjn-asm3-4kfu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly@7.1.11-4.GA_redhat_00002.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/112217?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly@7.3.14-3.GA_redhat_00002.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-52hy-69kb-byee" }, { "vulnerability": "VCID-6y93-ewt4-5kaz" }, { "vulnerability": "VCID-87dy-43px-e7gv" }, { "vulnerability": "VCID-8fr2-v728-cfcc" }, { "vulnerability": "VCID-cf4e-n3d4-x7fq" }, { "vulnerability": "VCID-ewgw-1sk9-dqhe" }, { "vulnerability": "VCID-fmhu-72zm-wucj" }, { "vulnerability": "VCID-fp7h-pcay-kfgj" }, { "vulnerability": "VCID-n3fq-7exc-qyan" }, { "vulnerability": "VCID-r2k1-7y3z-77hh" }, { "vulnerability": "VCID-tqvr-tetp-8ugb" }, { "vulnerability": "VCID-vb58-6kfn-7uaj" }, { "vulnerability": "VCID-wz1m-11gx-cfd2" }, { "vulnerability": "VCID-zfjn-asm3-4kfu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly@7.3.14-3.GA_redhat_00002.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/112405?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.1.14-1.Final_redhat_00001.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6y93-ewt4-5kaz" }, { "vulnerability": "VCID-82qv-6yrp-5ygb" }, { "vulnerability": "VCID-87dy-43px-e7gv" }, { "vulnerability": "VCID-8fr2-v728-cfcc" }, { "vulnerability": "VCID-8p1w-3us1-u7bk" }, { "vulnerability": "VCID-eqg4-bpsp-8khx" }, { "vulnerability": "VCID-fmhu-72zm-wucj" }, { "vulnerability": "VCID-fp7h-pcay-kfgj" }, { "vulnerability": "VCID-n3fq-7exc-qyan" }, { "vulnerability": "VCID-pxfj-dhfr-akhm" }, { "vulnerability": "VCID-r2k1-7y3z-77hh" }, { "vulnerability": "VCID-rm89-cg9k-m7hg" }, { "vulnerability": "VCID-xdbp-1ctt-zbg3" }, { "vulnerability": "VCID-zfjn-asm3-4kfu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-elytron@1.1.14-1.Final_redhat_00001.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/112222?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.10.17-1.Final_redhat_00001.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-52hy-69kb-byee" }, { "vulnerability": "VCID-6y93-ewt4-5kaz" }, { "vulnerability": "VCID-87dy-43px-e7gv" }, { "vulnerability": "VCID-8fr2-v728-cfcc" }, { "vulnerability": "VCID-cf4e-n3d4-x7fq" }, { "vulnerability": "VCID-ewgw-1sk9-dqhe" }, { "vulnerability": "VCID-fmhu-72zm-wucj" }, { "vulnerability": "VCID-fp7h-pcay-kfgj" }, { "vulnerability": "VCID-n3fq-7exc-qyan" }, { "vulnerability": "VCID-r2k1-7y3z-77hh" }, { "vulnerability": "VCID-tqvr-tetp-8ugb" }, { "vulnerability": "VCID-vb58-6kfn-7uaj" }, { "vulnerability": "VCID-wz1m-11gx-cfd2" }, { "vulnerability": "VCID-zfjn-asm3-4kfu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-elytron@1.10.17-1.Final_redhat_00001.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/112403?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly-http-client@1.0.21-1.Final_redhat_00001.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6y93-ewt4-5kaz" }, { "vulnerability": "VCID-82qv-6yrp-5ygb" }, { "vulnerability": "VCID-87dy-43px-e7gv" }, { "vulnerability": "VCID-8fr2-v728-cfcc" }, { "vulnerability": "VCID-8p1w-3us1-u7bk" }, { "vulnerability": "VCID-eqg4-bpsp-8khx" }, { "vulnerability": "VCID-fmhu-72zm-wucj" }, { "vulnerability": "VCID-fp7h-pcay-kfgj" }, { "vulnerability": "VCID-n3fq-7exc-qyan" }, { "vulnerability": "VCID-pxfj-dhfr-akhm" }, { "vulnerability": "VCID-r2k1-7y3z-77hh" }, { "vulnerability": "VCID-rm89-cg9k-m7hg" }, { "vulnerability": "VCID-xdbp-1ctt-zbg3" }, { "vulnerability": "VCID-zfjn-asm3-4kfu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-http-client@1.0.21-1.Final_redhat_00001.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/112431?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly-naming-client@1.0.13-1.Final_redhat_00001.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6y93-ewt4-5kaz" }, { "vulnerability": "VCID-82qv-6yrp-5ygb" }, { "vulnerability": "VCID-87dy-43px-e7gv" }, { "vulnerability": "VCID-8fr2-v728-cfcc" }, { "vulnerability": "VCID-8p1w-3us1-u7bk" }, { "vulnerability": "VCID-eqg4-bpsp-8khx" }, { "vulnerability": "VCID-fmhu-72zm-wucj" }, { "vulnerability": "VCID-fp7h-pcay-kfgj" }, { "vulnerability": "VCID-n3fq-7exc-qyan" }, { "vulnerability": "VCID-pxfj-dhfr-akhm" }, { "vulnerability": "VCID-r2k1-7y3z-77hh" }, { "vulnerability": "VCID-rm89-cg9k-m7hg" }, { "vulnerability": "VCID-xdbp-1ctt-zbg3" }, { "vulnerability": "VCID-zfjn-asm3-4kfu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-naming-client@1.0.13-1.Final_redhat_00001.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/112416?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly-openssl@1.0.12-1.Final_redhat_00001.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6y93-ewt4-5kaz" }, { "vulnerability": "VCID-82qv-6yrp-5ygb" }, { "vulnerability": "VCID-87dy-43px-e7gv" }, { "vulnerability": "VCID-8fr2-v728-cfcc" }, { "vulnerability": "VCID-8p1w-3us1-u7bk" }, { "vulnerability": "VCID-eqg4-bpsp-8khx" }, { "vulnerability": "VCID-fmhu-72zm-wucj" }, { "vulnerability": "VCID-fp7h-pcay-kfgj" }, { "vulnerability": "VCID-n3fq-7exc-qyan" }, { "vulnerability": "VCID-pxfj-dhfr-akhm" }, { "vulnerability": "VCID-r2k1-7y3z-77hh" }, { "vulnerability": "VCID-rm89-cg9k-m7hg" }, { "vulnerability": "VCID-xdbp-1ctt-zbg3" }, { "vulnerability": "VCID-zfjn-asm3-4kfu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-openssl@1.0.12-1.Final_redhat_00001.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/112414?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly-openssl-linux@1.0.12-6.Final_redhat_00001.1.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6y93-ewt4-5kaz" }, { "vulnerability": "VCID-82qv-6yrp-5ygb" }, { "vulnerability": "VCID-87dy-43px-e7gv" }, { "vulnerability": "VCID-8fr2-v728-cfcc" }, { "vulnerability": "VCID-8p1w-3us1-u7bk" }, { "vulnerability": "VCID-eqg4-bpsp-8khx" }, { "vulnerability": "VCID-fmhu-72zm-wucj" }, { "vulnerability": "VCID-fp7h-pcay-kfgj" }, { "vulnerability": "VCID-n3fq-7exc-qyan" }, { "vulnerability": "VCID-pxfj-dhfr-akhm" }, { "vulnerability": "VCID-r2k1-7y3z-77hh" }, { "vulnerability": "VCID-rm89-cg9k-m7hg" }, { "vulnerability": "VCID-xdbp-1ctt-zbg3" }, { "vulnerability": "VCID-zfjn-asm3-4kfu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-openssl-linux@1.0.12-6.Final_redhat_00001.1.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/125307?format=api", "purl": "pkg:rpm/redhat/rh-sso7-keycloak@18.0.7-1.redhat_00001.1?arch=el8sso", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5ze5-kgsj-3qgz" }, { "vulnerability": "VCID-6y93-ewt4-5kaz" }, { "vulnerability": "VCID-ka7b-vp4z-d7bu" }, { "vulnerability": "VCID-ntgs-gu5v-wygw" }, { "vulnerability": "VCID-r4xe-h69g-vfhk" }, { "vulnerability": "VCID-rrbs-ykk5-fbdw" }, { "vulnerability": "VCID-xyw8-4aka-5fde" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@18.0.7-1.redhat_00001.1%3Farch=el8sso" }, { "url": "http://public2.vulnerablecode.io/api/packages/125311?format=api", "purl": "pkg:rpm/redhat/rh-sso7-keycloak@18.0.7-1.redhat_00001.1?arch=el9sso", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5ze5-kgsj-3qgz" }, { "vulnerability": "VCID-6y93-ewt4-5kaz" }, { "vulnerability": "VCID-ka7b-vp4z-d7bu" }, { "vulnerability": "VCID-ntgs-gu5v-wygw" }, { "vulnerability": "VCID-r4xe-h69g-vfhk" }, { "vulnerability": "VCID-rrbs-ykk5-fbdw" }, { "vulnerability": "VCID-xyw8-4aka-5fde" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@18.0.7-1.redhat_00001.1%3Farch=el9sso" }, { "url": "http://public2.vulnerablecode.io/api/packages/125302?format=api", "purl": "pkg:rpm/redhat/rh-sso7-keycloak@18.0.7-1.redhat_00001.1?arch=el7sso", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5ze5-kgsj-3qgz" }, { "vulnerability": "VCID-6y93-ewt4-5kaz" }, { "vulnerability": "VCID-ka7b-vp4z-d7bu" }, { "vulnerability": "VCID-ntgs-gu5v-wygw" }, { "vulnerability": "VCID-r4xe-h69g-vfhk" }, { "vulnerability": "VCID-rrbs-ykk5-fbdw" }, { "vulnerability": "VCID-xyw8-4aka-5fde" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@18.0.7-1.redhat_00001.1%3Farch=el7sso" } ], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4492.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4492.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-4492", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.35906", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-4492" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153260", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153260" }, { "reference_url": "https://github.com/undertow-io/undertow/blob/master/core/src/main/java/io/undertow/security/impl/ClientCertAuthenticationMechanism.java", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/undertow-io/undertow/blob/master/core/src/main/java/io/undertow/security/impl/ClientCertAuthenticationMechanism.java" }, { "reference_url": "https://github.com/undertow-io/undertow/pull/1447", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/undertow-io/undertow/pull/1447" }, { "reference_url": "https://github.com/undertow-io/undertow/pull/1447/commits/e5071e52b72529a14d3ec436ae7102cea5d918c4", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/undertow-io/undertow/pull/1447/commits/e5071e52b72529a14d3ec436ae7102cea5d918c4" }, { "reference_url": "https://github.com/undertow-io/undertow/pull/1457", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/undertow-io/undertow/pull/1457" }, { "reference_url": "https://github.com/undertow-io/undertow/pull/1457/commits/a4d3b167126a803cc4f7fb740dd9a6ecabf59342", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/undertow-io/undertow/pull/1457/commits/a4d3b167126a803cc4f7fb740dd9a6ecabf59342" }, { "reference_url": "https://issues.redhat.com/browse/MTA-93", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://issues.redhat.com/browse/MTA-93" }, { "reference_url": "https://issues.redhat.com/browse/UNDERTOW-2212", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://issues.redhat.com/browse/UNDERTOW-2212" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230324-0002", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20230324-0002" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032087", "reference_id": "1032087", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032087" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2022-4492", "reference_id": "CVE-2022-4492", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2022-4492" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4492", "reference_id": "CVE-2022-4492", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4492" }, { "reference_url": "https://github.com/advisories/GHSA-pfcc-3g6r-8rg8", "reference_id": "GHSA-pfcc-3g6r-8rg8", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-pfcc-3g6r-8rg8" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2100", "reference_id": "RHSA-2023:2100", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2100" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2705", "reference_id": "RHSA-2023:2705", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2705" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2706", "reference_id": "RHSA-2023:2706", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2706" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2707", "reference_id": "RHSA-2023:2707", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2707" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2710", "reference_id": "RHSA-2023:2710", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2710" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2713", "reference_id": "RHSA-2023:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2713" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3813", "reference_id": "RHSA-2023:3813", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3813" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4627", "reference_id": "RHSA-2023:4627", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4627" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4983", "reference_id": "RHSA-2023:4983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4983" } ], "weaknesses": [ { "cwe_id": 918, "name": "Server-Side Request Forgery (SSRF)", "description": "The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." }, { "cwe_id": 550, "name": "Server-generated Error Message Containing Sensitive Information", "description": "Certain conditions, such as network failure, will cause a server error message to be displayed." } ], "exploits": [], "severity_range_score": "7.5 - 10.0", "exploitability": "0.5", "weighted_severity": "9.0", "risk_score": 4.5, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6y93-ewt4-5kaz" }