Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/4980?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4980?format=api", "vulnerability_id": "VCID-3ur6-9s61-13a3", "summary": "http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents HttpClient before 4.3.6 ignores the http.socket.timeout configuration setting during an SSL handshake, which allows remote attackers to cause a denial of service (HTTPS call hang) via unspecified vectors.", "aliases": [ { "alias": "CVE-2015-5262" }, { "alias": "GHSA-fmj5-wv96-r2ch" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/585990?format=api", "purl": "pkg:deb/debian/commons-httpclient@3.1-12?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/commons-httpclient@3.1-12%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1057332?format=api", "purl": "pkg:deb/debian/commons-httpclient@3.1-12", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/commons-httpclient@3.1-12" }, { "url": "http://public2.vulnerablecode.io/api/packages/582929?format=api", "purl": "pkg:deb/debian/commons-httpclient@3.1-16?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/commons-httpclient@3.1-16%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/925048?format=api", "purl": "pkg:deb/debian/httpcomponents-client@4.3.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/httpcomponents-client@4.3.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038412?format=api", "purl": "pkg:deb/debian/httpcomponents-client@4.5.2-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mrdq-9pb2-3qb5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/httpcomponents-client@4.5.2-2" }, { "url": "http://public2.vulnerablecode.io/api/packages/925045?format=api", "purl": "pkg:deb/debian/httpcomponents-client@4.5.13-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/httpcomponents-client@4.5.13-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/925043?format=api", "purl": "pkg:deb/debian/httpcomponents-client@4.5.14-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/httpcomponents-client@4.5.14-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31824?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mrdq-9pb2-3qb5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.3.6" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1051585?format=api", "purl": "pkg:deb/debian/commons-httpclient@2.0a1%2B20020904-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-da65-c1ce-v7f5" }, { "vulnerability": "VCID-m27v-7mbm-nffc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/commons-httpclient@2.0a1%252B20020904-2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1051586?format=api", "purl": "pkg:deb/debian/commons-httpclient@3.0.1-0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-da65-c1ce-v7f5" }, { "vulnerability": "VCID-m27v-7mbm-nffc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/commons-httpclient@3.0.1-0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1051587?format=api", "purl": "pkg:deb/debian/commons-httpclient@3.1-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-da65-c1ce-v7f5" }, { "vulnerability": "VCID-m27v-7mbm-nffc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/commons-httpclient@3.1-2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1051588?format=api", "purl": "pkg:deb/debian/commons-httpclient@3.1-9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-da65-c1ce-v7f5" }, { "vulnerability": "VCID-m27v-7mbm-nffc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/commons-httpclient@3.1-9" }, { "url": "http://public2.vulnerablecode.io/api/packages/1051589?format=api", "purl": "pkg:deb/debian/commons-httpclient@3.1-9%2Bdeb6u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-da65-c1ce-v7f5" }, { "vulnerability": "VCID-m27v-7mbm-nffc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/commons-httpclient@3.1-9%252Bdeb6u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1051590?format=api", "purl": "pkg:deb/debian/commons-httpclient@3.1-10.2%2Bdeb7u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/commons-httpclient@3.1-10.2%252Bdeb7u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1054554?format=api", "purl": "pkg:deb/debian/commons-httpclient@3.1-11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ur6-9s61-13a3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/commons-httpclient@3.1-11" }, { "url": "http://public2.vulnerablecode.io/api/packages/1057331?format=api", "purl": "pkg:deb/debian/commons-httpclient@3.1-11%2Bdeb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ur6-9s61-13a3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/commons-httpclient@3.1-11%252Bdeb8u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038409?format=api", "purl": "pkg:deb/debian/httpcomponents-client@4.0.1-1squeeze1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2phd-tw5c-xbdb" }, { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-mrdq-9pb2-3qb5" }, { "vulnerability": "VCID-qyy2-d6f6-gbaq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/httpcomponents-client@4.0.1-1squeeze1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038410?format=api", "purl": "pkg:deb/debian/httpcomponents-client@4.1.1-2%2Bdeb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2phd-tw5c-xbdb" }, { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-mrdq-9pb2-3qb5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/httpcomponents-client@4.1.1-2%252Bdeb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038411?format=api", "purl": "pkg:deb/debian/httpcomponents-client@4.3.5-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-mrdq-9pb2-3qb5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/httpcomponents-client@4.3.5-2" }, { "url": "http://public2.vulnerablecode.io/api/packages/178755?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.0-alpha1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-da65-c1ce-v7f5" }, { "vulnerability": "VCID-m27v-7mbm-nffc" }, { "vulnerability": "VCID-mrdq-9pb2-3qb5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.0-alpha1" }, { "url": "http://public2.vulnerablecode.io/api/packages/178756?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.0-alpha2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-da65-c1ce-v7f5" }, { "vulnerability": "VCID-m27v-7mbm-nffc" }, { "vulnerability": "VCID-mrdq-9pb2-3qb5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.0-alpha2" }, { "url": "http://public2.vulnerablecode.io/api/packages/178757?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.0-alpha3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-da65-c1ce-v7f5" }, { "vulnerability": "VCID-m27v-7mbm-nffc" }, { "vulnerability": "VCID-mrdq-9pb2-3qb5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.0-alpha3" }, { "url": "http://public2.vulnerablecode.io/api/packages/178758?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.0-alpha4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-da65-c1ce-v7f5" }, { "vulnerability": "VCID-m27v-7mbm-nffc" }, { "vulnerability": "VCID-mrdq-9pb2-3qb5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.0-alpha4" }, { "url": "http://public2.vulnerablecode.io/api/packages/178759?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.0-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-da65-c1ce-v7f5" }, { "vulnerability": "VCID-m27v-7mbm-nffc" }, { "vulnerability": "VCID-mrdq-9pb2-3qb5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.0-beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/178760?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.0-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-da65-c1ce-v7f5" }, { "vulnerability": "VCID-m27v-7mbm-nffc" }, { "vulnerability": "VCID-mrdq-9pb2-3qb5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.0-beta2" }, { "url": "http://public2.vulnerablecode.io/api/packages/51914?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-da65-c1ce-v7f5" }, { "vulnerability": "VCID-mrdq-9pb2-3qb5" }, { "vulnerability": "VCID-qyy2-d6f6-gbaq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/178761?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-da65-c1ce-v7f5" }, { "vulnerability": "VCID-mrdq-9pb2-3qb5" }, { "vulnerability": "VCID-qyy2-d6f6-gbaq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/178762?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-da65-c1ce-v7f5" }, { "vulnerability": "VCID-mrdq-9pb2-3qb5" }, { "vulnerability": "VCID-qyy2-d6f6-gbaq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/178763?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-da65-c1ce-v7f5" }, { "vulnerability": "VCID-mrdq-9pb2-3qb5" }, { "vulnerability": "VCID-qyy2-d6f6-gbaq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.0.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/178764?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.1-alpha1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-da65-c1ce-v7f5" }, { "vulnerability": "VCID-mrdq-9pb2-3qb5" }, { "vulnerability": "VCID-qyy2-d6f6-gbaq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.1-alpha1" }, { "url": "http://public2.vulnerablecode.io/api/packages/178765?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.1-alpha2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-da65-c1ce-v7f5" }, { "vulnerability": "VCID-mrdq-9pb2-3qb5" }, { "vulnerability": "VCID-qyy2-d6f6-gbaq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.1-alpha2" }, { "url": "http://public2.vulnerablecode.io/api/packages/178766?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.1-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-da65-c1ce-v7f5" }, { "vulnerability": "VCID-mrdq-9pb2-3qb5" }, { "vulnerability": "VCID-qyy2-d6f6-gbaq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.1-beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/178767?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-da65-c1ce-v7f5" }, { "vulnerability": "VCID-mrdq-9pb2-3qb5" }, { "vulnerability": "VCID-qyy2-d6f6-gbaq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/82159?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-da65-c1ce-v7f5" }, { "vulnerability": "VCID-mrdq-9pb2-3qb5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/178768?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-da65-c1ce-v7f5" }, { "vulnerability": "VCID-mrdq-9pb2-3qb5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/178769?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-da65-c1ce-v7f5" }, { "vulnerability": "VCID-mrdq-9pb2-3qb5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.1.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/178770?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.2-alpha1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-da65-c1ce-v7f5" }, { "vulnerability": "VCID-mrdq-9pb2-3qb5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.2-alpha1" }, { "url": "http://public2.vulnerablecode.io/api/packages/178771?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.2-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-da65-c1ce-v7f5" }, { "vulnerability": "VCID-mrdq-9pb2-3qb5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.2-beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/178772?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-da65-c1ce-v7f5" }, { "vulnerability": "VCID-mrdq-9pb2-3qb5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/178773?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-da65-c1ce-v7f5" }, { "vulnerability": "VCID-mrdq-9pb2-3qb5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/178774?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-da65-c1ce-v7f5" }, { "vulnerability": "VCID-mrdq-9pb2-3qb5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.2.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/31915?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-mrdq-9pb2-3qb5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.2.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/178775?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.2.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-mrdq-9pb2-3qb5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.2.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/178776?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.2.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-mrdq-9pb2-3qb5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.2.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/178777?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.2.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-mrdq-9pb2-3qb5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.2.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/178778?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.3-alpha1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-mrdq-9pb2-3qb5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.3-alpha1" }, { "url": "http://public2.vulnerablecode.io/api/packages/178779?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.3-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-mrdq-9pb2-3qb5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.3-beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/178780?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.3-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-mrdq-9pb2-3qb5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.3-beta2" }, { "url": "http://public2.vulnerablecode.io/api/packages/52905?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2phd-tw5c-xbdb" }, { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-mrdq-9pb2-3qb5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/52906?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-mrdq-9pb2-3qb5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/178781?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-mrdq-9pb2-3qb5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.3.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/178782?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-mrdq-9pb2-3qb5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.3.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/178783?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3bxq-vmjj-kqfe" }, { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-mrdq-9pb2-3qb5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/31963?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.3.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ur6-9s61-13a3" }, { "vulnerability": "VCID-mrdq-9pb2-3qb5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.3.5" } ], "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/167962.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/167962.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/167999.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/167999.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168030.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168030.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00032.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00032.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00033.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00033.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5262.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5262.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5262", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0092", "scoring_system": "epss", "scoring_elements": "0.75932", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0092", "scoring_system": "epss", "scoring_elements": "0.75897", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0092", "scoring_system": "epss", "scoring_elements": "0.759", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0092", "scoring_system": "epss", "scoring_elements": "0.75911", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0162", "scoring_system": "epss", "scoring_elements": "0.81858", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0162", "scoring_system": "epss", "scoring_elements": "0.81813", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0162", "scoring_system": "epss", "scoring_elements": "0.8182", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0162", "scoring_system": "epss", "scoring_elements": "0.81839", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0162", "scoring_system": "epss", "scoring_elements": "0.81827", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0162", "scoring_system": "epss", "scoring_elements": "0.81821", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5262" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1261538", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1261538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5262", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5262" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/apache/httpcomponents-client/commit/09027e7286974bf6b61f4106395da2623121db8d", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/httpcomponents-client/commit/09027e7286974bf6b61f4106395da2623121db8d" }, { "reference_url": "https://github.com/apache/httpcomponents-client/commit/6705924879810f617a7a21d34f16b6c0d61e8d34", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/httpcomponents-client/commit/6705924879810f617a7a21d34f16b6c0d61e8d34" }, { "reference_url": "https://github.com/apache/httpcomponents-client/commit/d954cd287dfcdad8f153e61181e20d253175ca8c", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/httpcomponents-client/commit/d954cd287dfcdad8f153e61181e20d253175ca8c" }, { "reference_url": "https://issues.apache.org/jira/browse/HTTPCLIENT-1478", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://issues.apache.org/jira/browse/HTTPCLIENT-1478" }, { "reference_url": "https://jenkins.io/security/advisory/2018-02-26", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://jenkins.io/security/advisory/2018-02-26" }, { "reference_url": "https://jenkins.io/security/advisory/2018-02-26/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://jenkins.io/security/advisory/2018-02-26/" }, { "reference_url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E" }, { "reference_url": "http://svn.apache.org/viewvc?view=revision&revision=1626784", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://svn.apache.org/viewvc?view=revision&revision=1626784" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" }, { "reference_url": "http://www.securitytracker.com/id/1033743", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securitytracker.com/id/1033743" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2769-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.ubuntu.com/usn/USN-2769-1" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=798650", "reference_id": "798650", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=798650" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:httpclient:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:httpclient:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:httpclient:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5262", "reference_id": "CVE-2015-5262", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5262" }, { "reference_url": "https://github.com/advisories/GHSA-fmj5-wv96-r2ch", "reference_id": "GHSA-fmj5-wv96-r2ch", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fmj5-wv96-r2ch" }, { "reference_url": "https://usn.ubuntu.com/2769-1/", "reference_id": "USN-2769-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2769-1/" } ], "weaknesses": [ { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." }, { "cwe_id": 399, "name": "Resource Management Errors", "description": "Weaknesses in this category are related to improper management of system resources." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 770, "name": "Allocation of Resources Without Limits or Throttling", "description": "The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor." } ], "exploits": [], "severity_range_score": "4.0 - 7.5", "exploitability": "0.5", "weighted_severity": "6.2", "risk_score": 3.1, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3ur6-9s61-13a3" }