Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/55088?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/55088?format=api", "vulnerability_id": "VCID-9nj7-fupw-vqaw", "summary": "Withdrawn Advisory: Improper Certificate Validation in Apache Qpid Proton\n## Withdrawn Advisory\nThis advisory has been withdrawn because the vulnerability only affects the **Qpid Proton C library** and not `org.apache.qpid:proton-j`. This link has been maintained to preserve external references.\n\n## Original Description\n\nWhile investigating bug PROTON-2014, we discovered that under some circumstances Apache Qpid Proton versions 0.9 to 0.27.0 (C library and its language bindings) can connect to a peer anonymously using TLS *even when configured to verify the peer certificate* while used with OpenSSL versions before 1.1.0. This means that an undetected man in the middle attack could be constructed if an attacker can arrange to intercept TLS traffic.", "aliases": [ { "alias": "CVE-2019-0223" }, { "alias": "GHSA-5h6x-m52p-23ph" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937188?format=api", "purl": "pkg:deb/debian/qpid-proton@0.22.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qpid-proton@0.22.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1058483?format=api", "purl": "pkg:deb/debian/qpid-proton@0.22.0-3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qpid-proton@0.22.0-3" }, { "url": "http://public2.vulnerablecode.io/api/packages/937185?format=api", "purl": "pkg:deb/debian/qpid-proton@0.22.0-5.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qpid-proton@0.22.0-5.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/937183?format=api", "purl": "pkg:deb/debian/qpid-proton@0.37.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qpid-proton@0.37.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/937187?format=api", "purl": "pkg:deb/debian/qpid-proton@0.37.0-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qpid-proton@0.37.0-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/937186?format=api", "purl": "pkg:deb/debian/qpid-proton@0.37.0-7?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qpid-proton@0.37.0-7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067618?format=api", "purl": "pkg:deb/debian/qpid-proton@0.37.0-8?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qpid-proton@0.37.0-8%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/82267?format=api", "purl": "pkg:maven/org.apache.qpid/proton-j@0.27.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-sbrt-43uu-6qgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.qpid/proton-j@0.27.1" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1058480?format=api", "purl": "pkg:deb/debian/qpid-proton@0.7-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-sbrt-43uu-6qgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qpid-proton@0.7-2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1058481?format=api", "purl": "pkg:deb/debian/qpid-proton@0.14.0-4~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-sbrt-43uu-6qgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qpid-proton@0.14.0-4~bpo8%252B1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1058482?format=api", "purl": "pkg:deb/debian/qpid-proton@0.14.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-sbrt-43uu-6qgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qpid-proton@0.14.0-5" }, { "url": "http://public2.vulnerablecode.io/api/packages/178194?format=api", "purl": "pkg:maven/org.apache.qpid/proton-j@0.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6xkf-evrx-pyau" }, { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-sbrt-43uu-6qgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.qpid/proton-j@0.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/178195?format=api", "purl": "pkg:maven/org.apache.qpid/proton-j@0.9.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6xkf-evrx-pyau" }, { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-sbrt-43uu-6qgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.qpid/proton-j@0.9.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/178196?format=api", "purl": "pkg:maven/org.apache.qpid/proton-j@0.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6xkf-evrx-pyau" }, { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-sbrt-43uu-6qgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.qpid/proton-j@0.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/178197?format=api", "purl": "pkg:maven/org.apache.qpid/proton-j@0.11.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6xkf-evrx-pyau" }, { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-sbrt-43uu-6qgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.qpid/proton-j@0.11.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/178198?format=api", "purl": "pkg:maven/org.apache.qpid/proton-j@0.11.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6xkf-evrx-pyau" }, { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-sbrt-43uu-6qgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.qpid/proton-j@0.11.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/178199?format=api", "purl": "pkg:maven/org.apache.qpid/proton-j@0.12.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6xkf-evrx-pyau" }, { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-sbrt-43uu-6qgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.qpid/proton-j@0.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/31236?format=api", "purl": "pkg:maven/org.apache.qpid/proton-j@0.12.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-sbrt-43uu-6qgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.qpid/proton-j@0.12.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/180661?format=api", "purl": "pkg:maven/org.apache.qpid/proton-j@0.12.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-sbrt-43uu-6qgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.qpid/proton-j@0.12.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/180662?format=api", "purl": "pkg:maven/org.apache.qpid/proton-j@0.13.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-sbrt-43uu-6qgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.qpid/proton-j@0.13.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/180663?format=api", "purl": "pkg:maven/org.apache.qpid/proton-j@0.13.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-sbrt-43uu-6qgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.qpid/proton-j@0.13.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/180664?format=api", "purl": "pkg:maven/org.apache.qpid/proton-j@0.14.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-sbrt-43uu-6qgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.qpid/proton-j@0.14.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/180665?format=api", "purl": "pkg:maven/org.apache.qpid/proton-j@0.15.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-sbrt-43uu-6qgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.qpid/proton-j@0.15.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/180666?format=api", "purl": "pkg:maven/org.apache.qpid/proton-j@0.16.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-sbrt-43uu-6qgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.qpid/proton-j@0.16.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/180667?format=api", "purl": "pkg:maven/org.apache.qpid/proton-j@0.17.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-sbrt-43uu-6qgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.qpid/proton-j@0.17.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/180668?format=api", "purl": "pkg:maven/org.apache.qpid/proton-j@0.18.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-sbrt-43uu-6qgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.qpid/proton-j@0.18.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/180669?format=api", "purl": "pkg:maven/org.apache.qpid/proton-j@0.19.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-sbrt-43uu-6qgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.qpid/proton-j@0.19.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/180670?format=api", "purl": "pkg:maven/org.apache.qpid/proton-j@0.20.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-sbrt-43uu-6qgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.qpid/proton-j@0.20.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/180671?format=api", "purl": "pkg:maven/org.apache.qpid/proton-j@0.21.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-sbrt-43uu-6qgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.qpid/proton-j@0.21.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/180672?format=api", "purl": "pkg:maven/org.apache.qpid/proton-j@0.22.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-sbrt-43uu-6qgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.qpid/proton-j@0.22.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/180673?format=api", "purl": "pkg:maven/org.apache.qpid/proton-j@0.23.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-sbrt-43uu-6qgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.qpid/proton-j@0.23.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/180674?format=api", "purl": "pkg:maven/org.apache.qpid/proton-j@0.24.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-sbrt-43uu-6qgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.qpid/proton-j@0.24.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/180675?format=api", "purl": "pkg:maven/org.apache.qpid/proton-j@0.25.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-sbrt-43uu-6qgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.qpid/proton-j@0.25.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/180676?format=api", "purl": "pkg:maven/org.apache.qpid/proton-j@0.26.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-sbrt-43uu-6qgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.qpid/proton-j@0.26.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/180677?format=api", "purl": "pkg:maven/org.apache.qpid/proton-j@0.27.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-sbrt-43uu-6qgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.qpid/proton-j@0.27.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/106306?format=api", "purl": "pkg:rpm/redhat/ansible-runner@1.3.4-2?arch=el8ar", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ansible-runner@1.3.4-2%3Farch=el8ar" }, { "url": "http://public2.vulnerablecode.io/api/packages/106284?format=api", "purl": "pkg:rpm/redhat/ansible-tower@3.5.2-1?arch=el8at", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ansible-tower@3.5.2-1%3Farch=el8at" }, { "url": "http://public2.vulnerablecode.io/api/packages/106275?format=api", "purl": "pkg:rpm/redhat/cfme@5.11.0.28-1?arch=el8cf", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cfme@5.11.0.28-1%3Farch=el8cf" }, { "url": "http://public2.vulnerablecode.io/api/packages/106269?format=api", "purl": "pkg:rpm/redhat/cfme-amazon-smartstate@5.11.0.28-1?arch=el8cf", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cfme-amazon-smartstate@5.11.0.28-1%3Farch=el8cf" }, { "url": "http://public2.vulnerablecode.io/api/packages/106252?format=api", "purl": "pkg:rpm/redhat/cfme-appliance@5.11.0.28-1?arch=el8cf", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cfme-appliance@5.11.0.28-1%3Farch=el8cf" }, { "url": "http://public2.vulnerablecode.io/api/packages/106256?format=api", "purl": "pkg:rpm/redhat/cfme-gemset@5.11.0.28-1?arch=el8cf", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cfme-gemset@5.11.0.28-1%3Farch=el8cf" }, { "url": "http://public2.vulnerablecode.io/api/packages/106281?format=api", "purl": "pkg:rpm/redhat/jsoncpp@1.7.7-1?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jsoncpp@1.7.7-1%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/106250?format=api", "purl": "pkg:rpm/redhat/ovirt-ansible-cluster-upgrade@1.1.13-1?arch=el8ev", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ovirt-ansible-cluster-upgrade@1.1.13-1%3Farch=el8ev" }, { "url": "http://public2.vulnerablecode.io/api/packages/106265?format=api", "purl": "pkg:rpm/redhat/ovirt-ansible-disaster-recovery@1.2.0-1?arch=el8ev", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ovirt-ansible-disaster-recovery@1.2.0-1%3Farch=el8ev" }, { "url": "http://public2.vulnerablecode.io/api/packages/106302?format=api", "purl": "pkg:rpm/redhat/ovirt-ansible-engine-setup@1.1.9-1?arch=el8ev", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ovirt-ansible-engine-setup@1.1.9-1%3Farch=el8ev" }, { "url": "http://public2.vulnerablecode.io/api/packages/106255?format=api", "purl": "pkg:rpm/redhat/ovirt-ansible-hosted-engine-setup@1.0.26-1?arch=el8ev", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ovirt-ansible-hosted-engine-setup@1.0.26-1%3Farch=el8ev" }, { "url": "http://public2.vulnerablecode.io/api/packages/106299?format=api", "purl": "pkg:rpm/redhat/ovirt-ansible-image-template@1.1.11-1?arch=el8ev", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ovirt-ansible-image-template@1.1.11-1%3Farch=el8ev" }, { "url": "http://public2.vulnerablecode.io/api/packages/106279?format=api", "purl": "pkg:rpm/redhat/ovirt-ansible-infra@1.1.12-1?arch=el8ev", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ovirt-ansible-infra@1.1.12-1%3Farch=el8ev" }, { "url": "http://public2.vulnerablecode.io/api/packages/106297?format=api", "purl": "pkg:rpm/redhat/ovirt-ansible-manageiq@1.1.14-1?arch=el8ev", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ovirt-ansible-manageiq@1.1.14-1%3Farch=el8ev" }, { "url": "http://public2.vulnerablecode.io/api/packages/106308?format=api", "purl": "pkg:rpm/redhat/ovirt-ansible-repositories@1.1.5-1?arch=el8ev", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ovirt-ansible-repositories@1.1.5-1%3Farch=el8ev" }, { "url": "http://public2.vulnerablecode.io/api/packages/106257?format=api", "purl": "pkg:rpm/redhat/ovirt-ansible-roles@1.1.7-2?arch=el8ev", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ovirt-ansible-roles@1.1.7-2%3Farch=el8ev" }, { "url": "http://public2.vulnerablecode.io/api/packages/106270?format=api", "purl": "pkg:rpm/redhat/ovirt-ansible-shutdown-env@1.0.3-1?arch=el8ev", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ovirt-ansible-shutdown-env@1.0.3-1%3Farch=el8ev" }, { "url": "http://public2.vulnerablecode.io/api/packages/106300?format=api", "purl": "pkg:rpm/redhat/ovirt-ansible-vm-infra@1.1.19-1?arch=el8ev", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ovirt-ansible-vm-infra@1.1.19-1%3Farch=el8ev" }, { "url": "http://public2.vulnerablecode.io/api/packages/106287?format=api", "purl": "pkg:rpm/redhat/prince@12.4-1?arch=el8cf", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/prince@12.4-1%3Farch=el8cf" }, { "url": "http://public2.vulnerablecode.io/api/packages/106291?format=api", "purl": "pkg:rpm/redhat/python3-ovirt-engine-sdk4@4.3.2-1?arch=el8ev", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python3-ovirt-engine-sdk4@4.3.2-1%3Farch=el8ev" }, { "url": "http://public2.vulnerablecode.io/api/packages/106264?format=api", "purl": "pkg:rpm/redhat/python-bambou@3.0.1-2?arch=el8cf", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python-bambou@3.0.1-2%3Farch=el8cf" }, { "url": "http://public2.vulnerablecode.io/api/packages/106289?format=api", "purl": "pkg:rpm/redhat/python-colorama@0.4.1-1?arch=el8ost", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python-colorama@0.4.1-1%3Farch=el8ost" }, { "url": "http://public2.vulnerablecode.io/api/packages/106292?format=api", "purl": "pkg:rpm/redhat/python-daemon@2.1.2-9?arch=el8ar", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python-daemon@2.1.2-9%3Farch=el8ar" }, { "url": "http://public2.vulnerablecode.io/api/packages/106276?format=api", "purl": "pkg:rpm/redhat/python-funcsigs@1.0.2-3?arch=el8ost", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python-funcsigs@1.0.2-3%3Farch=el8ost" }, { "url": "http://public2.vulnerablecode.io/api/packages/106305?format=api", "purl": "pkg:rpm/redhat/python-future@0.16.0-1?arch=el8cf", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python-future@0.16.0-1%3Farch=el8cf" }, { "url": "http://public2.vulnerablecode.io/api/packages/98710?format=api", "purl": "pkg:rpm/redhat/python-lockfile@1:0.11.0-8?arch=el8ar", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" }, { "vulnerability": "VCID-x63z-bjr8-j7d7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python-lockfile@1:0.11.0-8%3Farch=el8ar" }, { "url": "http://public2.vulnerablecode.io/api/packages/106273?format=api", "purl": "pkg:rpm/redhat/python-mock@2.0.0-11?arch=el8ost", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python-mock@2.0.0-11%3Farch=el8ost" }, { "url": "http://public2.vulnerablecode.io/api/packages/106303?format=api", "purl": "pkg:rpm/redhat/python-pbr@5.1.2-2?arch=el8ost", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python-pbr@5.1.2-2%3Farch=el8ost" }, { "url": "http://public2.vulnerablecode.io/api/packages/98603?format=api", "purl": "pkg:rpm/redhat/python-pexpect@4.6-2?arch=el8ar", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" }, { "vulnerability": "VCID-x63z-bjr8-j7d7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python-pexpect@4.6-2%3Farch=el8ar" }, { "url": "http://public2.vulnerablecode.io/api/packages/106266?format=api", "purl": "pkg:rpm/redhat/python-psutil@5.4.3-5?arch=el8ar", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python-psutil@5.4.3-5%3Farch=el8ar" }, { "url": "http://public2.vulnerablecode.io/api/packages/106274?format=api", "purl": "pkg:rpm/redhat/python-pylxca@2.1.1-2?arch=el8cf", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python-pylxca@2.1.1-2%3Farch=el8cf" }, { "url": "http://public2.vulnerablecode.io/api/packages/106253?format=api", "purl": "pkg:rpm/redhat/python-requests-toolbelt@0.8.0-2?arch=el8cf", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python-requests-toolbelt@0.8.0-2%3Farch=el8cf" }, { "url": "http://public2.vulnerablecode.io/api/packages/106272?format=api", "purl": "pkg:rpm/redhat/python-tabulate@0.8.2-1?arch=el8cf", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python-tabulate@0.8.2-1%3Farch=el8cf" }, { "url": "http://public2.vulnerablecode.io/api/packages/106290?format=api", "purl": "pkg:rpm/redhat/python-vspk@5.3.2-2?arch=el8cf", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python-vspk@5.3.2-2%3Farch=el8cf" }, { "url": "http://public2.vulnerablecode.io/api/packages/106260?format=api", "purl": "pkg:rpm/redhat/qpid-proton@0.9-22?arch=el5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/qpid-proton@0.9-22%3Farch=el5" }, { "url": "http://public2.vulnerablecode.io/api/packages/106293?format=api", "purl": "pkg:rpm/redhat/qpid-proton@0.16.0-14?arch=el6sat", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/qpid-proton@0.16.0-14%3Farch=el6sat" }, { "url": "http://public2.vulnerablecode.io/api/packages/106282?format=api", "purl": "pkg:rpm/redhat/qpid-proton@0.16.0-14?arch=el7sat", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/qpid-proton@0.16.0-14%3Farch=el7sat" }, { "url": "http://public2.vulnerablecode.io/api/packages/106258?format=api", "purl": "pkg:rpm/redhat/qpid-proton@0.27.0-3?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/qpid-proton@0.27.0-3%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/106259?format=api", "purl": "pkg:rpm/redhat/qpid-proton@0.27.0-3?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/qpid-proton@0.27.0-3%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/106286?format=api", "purl": "pkg:rpm/redhat/qpid-proton@0.28.0-1?arch=el8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/qpid-proton@0.28.0-1%3Farch=el8" }, { "url": "http://public2.vulnerablecode.io/api/packages/105726?format=api", "purl": "pkg:rpm/redhat/qpid-proton@0.28.0-1?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3af2-c1m7-3kdr" }, { "vulnerability": "VCID-3t8t-yt9b-1fce" }, { "vulnerability": "VCID-6fxc-s6ht-x7ht" }, { "vulnerability": "VCID-6wxf-ewtr-z3hb" }, { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-bsbd-bsbq-7qdk" }, { "vulnerability": "VCID-hmcs-7s53-mbft" }, { "vulnerability": "VCID-nmya-eyxd-9ybe" }, { "vulnerability": "VCID-sw69-1r7d-kkht" }, { "vulnerability": "VCID-zx5n-czhy-6qgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/qpid-proton@0.28.0-1%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/106267?format=api", "purl": "pkg:rpm/redhat/repmgr10@4.0.6-3?arch=el8cf", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/repmgr10@4.0.6-3%3Farch=el8cf" }, { "url": "http://public2.vulnerablecode.io/api/packages/106295?format=api", "purl": "pkg:rpm/redhat/rubygem-bcrypt@3.1.13-1?arch=el8cf", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rubygem-bcrypt@3.1.13-1%3Farch=el8cf" }, { "url": "http://public2.vulnerablecode.io/api/packages/106254?format=api", "purl": "pkg:rpm/redhat/rubygem-byebug@11.0.1-1?arch=el8cf", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rubygem-byebug@11.0.1-1%3Farch=el8cf" }, { "url": "http://public2.vulnerablecode.io/api/packages/106277?format=api", "purl": "pkg:rpm/redhat/rubygem-escape_utils@1.2.1-1?arch=el8cf", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rubygem-escape_utils@1.2.1-1%3Farch=el8cf" }, { "url": "http://public2.vulnerablecode.io/api/packages/106283?format=api", "purl": "pkg:rpm/redhat/rubygem-ffi@1.9.25-1?arch=el8cf", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rubygem-ffi@1.9.25-1%3Farch=el8cf" }, { "url": "http://public2.vulnerablecode.io/api/packages/106288?format=api", "purl": "pkg:rpm/redhat/rubygem-hamlit@2.8.10-1?arch=el8cf", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rubygem-hamlit@2.8.10-1%3Farch=el8cf" }, { "url": "http://public2.vulnerablecode.io/api/packages/106285?format=api", "purl": "pkg:rpm/redhat/rubygem-http_parser.rb@0.6.0-1?arch=el8cf", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rubygem-http_parser.rb@0.6.0-1%3Farch=el8cf" }, { "url": "http://public2.vulnerablecode.io/api/packages/106251?format=api", "purl": "pkg:rpm/redhat/rubygem-linux_block_device@0.2.1-1?arch=el8cf", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rubygem-linux_block_device@0.2.1-1%3Farch=el8cf" }, { "url": "http://public2.vulnerablecode.io/api/packages/106278?format=api", "purl": "pkg:rpm/redhat/rubygem-memory_buffer@0.1.0-2?arch=el8cf", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rubygem-memory_buffer@0.1.0-2%3Farch=el8cf" }, { "url": "http://public2.vulnerablecode.io/api/packages/106301?format=api", "purl": "pkg:rpm/redhat/rubygem-nio4r@2.4.0-1?arch=el8cf", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rubygem-nio4r@2.4.0-1%3Farch=el8cf" }, { "url": "http://public2.vulnerablecode.io/api/packages/106263?format=api", "purl": "pkg:rpm/redhat/rubygem-nokogiri@1.8.5-1?arch=el8cf", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rubygem-nokogiri@1.8.5-1%3Farch=el8cf" }, { "url": "http://public2.vulnerablecode.io/api/packages/106309?format=api", "purl": "pkg:rpm/redhat/rubygem-ovirt-engine-sdk4@4.3.0-1?arch=el8cf", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rubygem-ovirt-engine-sdk4@4.3.0-1%3Farch=el8cf" }, { "url": "http://public2.vulnerablecode.io/api/packages/106304?format=api", "purl": "pkg:rpm/redhat/rubygem-puma@3.7.1-1?arch=el8cf", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rubygem-puma@3.7.1-1%3Farch=el8cf" }, { "url": "http://public2.vulnerablecode.io/api/packages/106298?format=api", "purl": "pkg:rpm/redhat/rubygem-qpid_proton@0.26.0-1?arch=el8cf", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rubygem-qpid_proton@0.26.0-1%3Farch=el8cf" }, { "url": "http://public2.vulnerablecode.io/api/packages/106310?format=api", "purl": "pkg:rpm/redhat/rubygem-rugged@0.28.2-1?arch=el8cf", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rubygem-rugged@0.28.2-1%3Farch=el8cf" }, { "url": "http://public2.vulnerablecode.io/api/packages/106261?format=api", "purl": "pkg:rpm/redhat/rubygem-sassc@2.0.1-1?arch=el8cf", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rubygem-sassc@2.0.1-1%3Farch=el8cf" }, { "url": "http://public2.vulnerablecode.io/api/packages/106262?format=api", "purl": "pkg:rpm/redhat/rubygem-sqlite3@1.3.13-2?arch=el8cf", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rubygem-sqlite3@1.3.13-2%3Farch=el8cf" }, { "url": "http://public2.vulnerablecode.io/api/packages/106294?format=api", "purl": "pkg:rpm/redhat/rubygem-surro-gate@1.0.5-1?arch=el8cf", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rubygem-surro-gate@1.0.5-1%3Farch=el8cf" }, { "url": "http://public2.vulnerablecode.io/api/packages/106268?format=api", "purl": "pkg:rpm/redhat/rubygem-unf_ext@0.0.7.6-1?arch=el8cf", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rubygem-unf_ext@0.0.7.6-1%3Farch=el8cf" }, { "url": "http://public2.vulnerablecode.io/api/packages/106280?format=api", "purl": "pkg:rpm/redhat/rubygem-websocket-driver@0.6.5-1?arch=el8cf", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rubygem-websocket-driver@0.6.5-1%3Farch=el8cf" }, { "url": "http://public2.vulnerablecode.io/api/packages/106271?format=api", "purl": "pkg:rpm/redhat/smem@1.4-1?arch=el8cf", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/smem@1.4-1%3Farch=el8cf" }, { "url": "http://public2.vulnerablecode.io/api/packages/106307?format=api", "purl": "pkg:rpm/redhat/v2v-conversion-host@1.14.2-1?arch=el8ev", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/v2v-conversion-host@1.14.2-1%3Farch=el8ev" }, { "url": "http://public2.vulnerablecode.io/api/packages/106296?format=api", "purl": "pkg:rpm/redhat/wmi@1.3.14-8?arch=el8cf", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nj7-fupw-vqaw" }, { "vulnerability": "VCID-eh2s-9hss-yken" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/wmi@1.3.14-8%3Farch=el8cf" } ], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0223.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0223.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0223", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60719", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.6068", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60713", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.6067", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60691", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60705", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60541", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60615", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60645", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60616", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60664", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0223" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0223", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0223" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://issues.apache.org/jira/browse/PROTON-2014?page=com.atlassian.jira.plugin.system.issuetabpanels%3Aall-tabpanel", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://issues.apache.org/jira/browse/PROTON-2014?page=com.atlassian.jira.plugin.system.issuetabpanels%3Aall-tabpanel" }, { "reference_url": "https://lists.apache.org/thread.html/008ee5e78e5a090e1fcc5f6617f425e4e51d59f03d3eda2dd006df9f@%3Cusers.qpid.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/008ee5e78e5a090e1fcc5f6617f425e4e51d59f03d3eda2dd006df9f@%3Cusers.qpid.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/3adb2f020f705b4fd453982992a68cd10f9d5ac728b699efdb73c1f5@%3Cdev.qpid.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/3adb2f020f705b4fd453982992a68cd10f9d5ac728b699efdb73c1f5@%3Cdev.qpid.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/49c83f0acce5ceaeffca51714ec2ba0f0199bcb8f99167181bba441b@%3Cdev.qpid.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/49c83f0acce5ceaeffca51714ec2ba0f0199bcb8f99167181bba441b@%3Cdev.qpid.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/914424e4d798a340f523b6169aaf39b626971d9bb00fcdeb1d5d6c0d@%3Ccommits.qpid.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/914424e4d798a340f523b6169aaf39b626971d9bb00fcdeb1d5d6c0d@%3Ccommits.qpid.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/d9c9a882a292e2defaed1f954528c916fb64497ce57db652727e39b0@%3Cannounce.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/d9c9a882a292e2defaed1f954528c916fb64497ce57db652727e39b0@%3Cannounce.apache.org%3E" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0223", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0223" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/04/23/4", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2019/04/23/4" }, { "reference_url": "http://www.securityfocus.com/bid/108044", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/108044" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1702439", "reference_id": "1702439", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1702439" }, { "reference_url": "https://github.com/advisories/GHSA-5h6x-m52p-23ph", "reference_id": "GHSA-5h6x-m52p-23ph", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5h6x-m52p-23ph" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0886", "reference_id": "RHSA-2019:0886", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:0886" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1398", "reference_id": "RHSA-2019:1398", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1398" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1399", "reference_id": "RHSA-2019:1399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1400", "reference_id": "RHSA-2019:1400", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1400" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2777", "reference_id": "RHSA-2019:2777", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2777" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2778", "reference_id": "RHSA-2019:2778", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2778" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2779", "reference_id": "RHSA-2019:2779", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2779" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2780", "reference_id": "RHSA-2019:2780", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2780" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2781", "reference_id": "RHSA-2019:2781", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2781" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2782", "reference_id": "RHSA-2019:2782", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2782" } ], "weaknesses": [ { "cwe_id": 295, "name": "Improper Certificate Validation", "description": "The product does not validate, or incorrectly validates, a certificate." }, { "cwe_id": 358, "name": "Improperly Implemented Security Check for Standard", "description": "The product does not implement or incorrectly implements one or more security-relevant checks as specified by the design of a standardized algorithm, protocol, or technique." }, { "cwe_id": 300, "name": "Channel Accessible by Non-Endpoint", "description": "The product does not adequately verify the identity of actors at both ends of a communication channel, or does not adequately ensure the integrity of the channel, in a way that allows the channel to be accessed or influenced by an actor that is not an endpoint." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." } ], "exploits": [], "severity_range_score": "7.0 - 8.9", "exploitability": "0.5", "weighted_severity": "8.0", "risk_score": 4.0, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9nj7-fupw-vqaw" }