Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/5286?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5286?format=api", "vulnerability_id": "VCID-qdvm-a9f2-quch", "summary": "certificate verification bypass", "aliases": [ { "alias": "CVE-2014-3577" }, { "alias": "GHSA-cfh5-3ghh-wfjx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/3005?format=api", "purl": "pkg:alpm/archlinux/jenkins@2.315-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jenkins@2.315-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/172293?format=api", "purl": "pkg:deb/debian/commons-httpclient@3.1-11?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/commons-httpclient@3.1-11%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/172290?format=api", "purl": "pkg:deb/debian/commons-httpclient@3.1-16?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/commons-httpclient@3.1-16%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/180522?format=api", "purl": "pkg:deb/debian/httpcomponents-client@4.3.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/httpcomponents-client@4.3.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/180517?format=api", "purl": "pkg:deb/debian/httpcomponents-client@4.5.13-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/httpcomponents-client@4.5.13-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/180515?format=api", "purl": "pkg:deb/debian/httpcomponents-client@4.5.14-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/httpcomponents-client@4.5.14-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/55723?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.3.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gjc-zk6t-6ffr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.3.5" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/3004?format=api", "purl": "pkg:alpm/archlinux/jenkins@2.314-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-h8rq-bvnw-m3hh" }, { "vulnerability": "VCID-qdvm-a9f2-quch" }, { "vulnerability": "VCID-tt8h-gtaf-gfha" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jenkins@2.314-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/124577?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gjc-zk6t-6ffr" }, { "vulnerability": "VCID-bw71-k5ar-5yf5" }, { "vulnerability": "VCID-qdvm-a9f2-quch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/124578?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gjc-zk6t-6ffr" }, { "vulnerability": "VCID-bw71-k5ar-5yf5" }, { "vulnerability": "VCID-qdvm-a9f2-quch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/124579?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gjc-zk6t-6ffr" }, { "vulnerability": "VCID-bw71-k5ar-5yf5" }, { "vulnerability": "VCID-qdvm-a9f2-quch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.0.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/124571?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.0-alpha1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gjc-zk6t-6ffr" }, { "vulnerability": "VCID-bw71-k5ar-5yf5" }, { "vulnerability": "VCID-qdvm-a9f2-quch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.0-alpha1" }, { "url": "http://public2.vulnerablecode.io/api/packages/124572?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.0-alpha2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gjc-zk6t-6ffr" }, { "vulnerability": "VCID-bw71-k5ar-5yf5" }, { "vulnerability": "VCID-qdvm-a9f2-quch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.0-alpha2" }, { "url": "http://public2.vulnerablecode.io/api/packages/124573?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.0-alpha3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gjc-zk6t-6ffr" }, { "vulnerability": "VCID-bw71-k5ar-5yf5" }, { "vulnerability": "VCID-qdvm-a9f2-quch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.0-alpha3" }, { "url": "http://public2.vulnerablecode.io/api/packages/124574?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.0-alpha4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gjc-zk6t-6ffr" }, { "vulnerability": "VCID-bw71-k5ar-5yf5" }, { "vulnerability": "VCID-qdvm-a9f2-quch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.0-alpha4" }, { "url": "http://public2.vulnerablecode.io/api/packages/124575?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.0-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gjc-zk6t-6ffr" }, { "vulnerability": "VCID-bw71-k5ar-5yf5" }, { "vulnerability": "VCID-qdvm-a9f2-quch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.0-beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/124576?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.0-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gjc-zk6t-6ffr" }, { "vulnerability": "VCID-bw71-k5ar-5yf5" }, { "vulnerability": "VCID-qdvm-a9f2-quch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.0-beta2" }, { "url": "http://public2.vulnerablecode.io/api/packages/124583?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gjc-zk6t-6ffr" }, { "vulnerability": "VCID-bw71-k5ar-5yf5" }, { "vulnerability": "VCID-qdvm-a9f2-quch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/124584?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gjc-zk6t-6ffr" }, { "vulnerability": "VCID-bw71-k5ar-5yf5" }, { "vulnerability": "VCID-qdvm-a9f2-quch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/124585?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gjc-zk6t-6ffr" }, { "vulnerability": "VCID-bw71-k5ar-5yf5" }, { "vulnerability": "VCID-qdvm-a9f2-quch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/124586?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gjc-zk6t-6ffr" }, { "vulnerability": "VCID-bw71-k5ar-5yf5" }, { "vulnerability": "VCID-qdvm-a9f2-quch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.1.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/124580?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.1-alpha1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gjc-zk6t-6ffr" }, { "vulnerability": "VCID-bw71-k5ar-5yf5" }, { "vulnerability": "VCID-qdvm-a9f2-quch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.1-alpha1" }, { "url": "http://public2.vulnerablecode.io/api/packages/124581?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.1-alpha2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gjc-zk6t-6ffr" }, { "vulnerability": "VCID-bw71-k5ar-5yf5" }, { "vulnerability": "VCID-qdvm-a9f2-quch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.1-alpha2" }, { "url": "http://public2.vulnerablecode.io/api/packages/124582?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.1-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gjc-zk6t-6ffr" }, { "vulnerability": "VCID-bw71-k5ar-5yf5" }, { "vulnerability": "VCID-qdvm-a9f2-quch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.1-beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/124589?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gjc-zk6t-6ffr" }, { "vulnerability": "VCID-bw71-k5ar-5yf5" }, { "vulnerability": "VCID-qdvm-a9f2-quch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/124590?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gjc-zk6t-6ffr" }, { "vulnerability": "VCID-bw71-k5ar-5yf5" }, { "vulnerability": "VCID-qdvm-a9f2-quch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/124591?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gjc-zk6t-6ffr" }, { "vulnerability": "VCID-bw71-k5ar-5yf5" }, { "vulnerability": "VCID-qdvm-a9f2-quch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.2.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/124592?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.2.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gjc-zk6t-6ffr" }, { "vulnerability": "VCID-qdvm-a9f2-quch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.2.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/124593?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.2.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gjc-zk6t-6ffr" }, { "vulnerability": "VCID-qdvm-a9f2-quch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.2.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/124594?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.2.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gjc-zk6t-6ffr" }, { "vulnerability": "VCID-qdvm-a9f2-quch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.2.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/124587?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.2-alpha1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gjc-zk6t-6ffr" }, { "vulnerability": "VCID-bw71-k5ar-5yf5" }, { "vulnerability": "VCID-qdvm-a9f2-quch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.2-alpha1" }, { "url": "http://public2.vulnerablecode.io/api/packages/124588?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.2-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gjc-zk6t-6ffr" }, { "vulnerability": "VCID-bw71-k5ar-5yf5" }, { "vulnerability": "VCID-qdvm-a9f2-quch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.2-beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/124598?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gjc-zk6t-6ffr" }, { "vulnerability": "VCID-qdvm-a9f2-quch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.3.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/124599?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gjc-zk6t-6ffr" }, { "vulnerability": "VCID-qdvm-a9f2-quch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.3.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/124600?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gjc-zk6t-6ffr" }, { "vulnerability": "VCID-qdvm-a9f2-quch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/124595?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.3-alpha1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gjc-zk6t-6ffr" }, { "vulnerability": "VCID-qdvm-a9f2-quch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.3-alpha1" }, { "url": "http://public2.vulnerablecode.io/api/packages/124596?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.3-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gjc-zk6t-6ffr" }, { "vulnerability": "VCID-qdvm-a9f2-quch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.3-beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/124597?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.3-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gjc-zk6t-6ffr" }, { "vulnerability": "VCID-qdvm-a9f2-quch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.3-beta2" }, { "url": "http://public2.vulnerablecode.io/api/packages/61337?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gjc-zk6t-6ffr" }, { "vulnerability": "VCID-bw71-k5ar-5yf5" }, { "vulnerability": "VCID-qdvm-a9f2-quch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/55712?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gjc-zk6t-6ffr" }, { "vulnerability": "VCID-qdvm-a9f2-quch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.2.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/61527?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gjc-zk6t-6ffr" }, { "vulnerability": "VCID-muzj-qpj2-yfce" }, { "vulnerability": "VCID-qdvm-a9f2-quch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/61528?format=api", "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gjc-zk6t-6ffr" }, { "vulnerability": "VCID-qdvm-a9f2-quch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.3.1" } ], "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00032.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00032.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00033.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00033.html" }, { "reference_url": "http://packetstormsecurity.com/files/127913/Apache-HttpComponents-Man-In-The-Middle.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://packetstormsecurity.com/files/127913/Apache-HttpComponents-Man-In-The-Middle.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1146.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1146.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1166.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1166.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1833.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1833.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1834.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1834.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1835.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1835.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1836.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1836.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1891.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1891.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1892.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1892.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0125.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0125.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0158.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0158.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0850.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0850.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0851.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0851.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1176.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1176.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1177.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1177.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1888.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1888.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1773.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1773.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1931.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1931.html" }, { "reference_url": "https://access.redhat.com/solutions/1165533", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/solutions/1165533" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3577", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01368", "scoring_system": "epss", "scoring_elements": "0.80514", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3577" }, { "reference_url": "http://seclists.org/fulldisclosure/2014/Aug/48", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://seclists.org/fulldisclosure/2014/Aug/48" }, { "reference_url": "http://secunia.com/advisories/60466", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/60466" }, { "reference_url": "http://secunia.com/advisories/60589", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/60589" }, { "reference_url": "http://secunia.com/advisories/60713", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/60713" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95327", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95327" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/apache/httpcomponents-client", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/httpcomponents-client" }, { "reference_url": "https://github.com/apache/httpcomponents-client/commit/51cc67567765d67f878f0dcef61b5ded454d3122", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/httpcomponents-client/commit/51cc67567765d67f878f0dcef61b5ded454d3122" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05103564", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05103564" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05363782", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05363782" }, { "reference_url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20231027-0003", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20231027-0003" }, { "reference_url": "https://svn.apache.org/viewvc?view=revision&revision=1614064", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://svn.apache.org/viewvc?view=revision&revision=1614064" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2021/10/06/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2021/10/06/1" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" }, { "reference_url": "http://www.osvdb.org/110143", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.osvdb.org/110143" }, { "reference_url": "http://www.securityfocus.com/bid/69258", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/69258" }, { "reference_url": "http://www.securitytracker.com/id/1030812", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1030812" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2769-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.ubuntu.com/usn/USN-2769-1" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=758086", "reference_id": "758086", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=758086" }, { "reference_url": "https://security.archlinux.org/AVG-2448", "reference_id": "AVG-2448", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2448" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3577", "reference_id": "CVE-2014-3577", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3577" }, { "reference_url": "https://github.com/advisories/GHSA-cfh5-3ghh-wfjx", "reference_id": "GHSA-cfh5-3ghh-wfjx", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cfh5-3ghh-wfjx" }, { "reference_url": "https://usn.ubuntu.com/2769-1/", "reference_id": "USN-2769-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2769-1/" } ], "weaknesses": [ { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 347, "name": "Improper Verification of Cryptographic Signature", "description": "The product does not verify, or incorrectly verifies, the cryptographic signature for data." } ], "exploits": [], "severity_range_score": "4.0 - 6.9", "exploitability": "0.5", "weighted_severity": "6.2", "risk_score": 3.1, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qdvm-a9f2-quch" }