Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/72133?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72133?format=api", "vulnerability_id": "VCID-5kns-j1rv-9ybf", "summary": "The org.h2.util.JdbcUtils.getConnection method of the H2 database takes as parameters the class name of the driver and URL of the database. An attacker may pass a JNDI driver name and a URL leading to a LDAP or RMI servers, causing remote code execution. This can be exploited through various attack vectors, most notably through the H2 Console which leads to unauthenticated remote code execution.", "aliases": [ { "alias": "CVE-2021-42392" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516158?format=api", "purl": "pkg:deb/debian/h2database@1.4.197-4%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5kns-j1rv-9ybf" }, { "vulnerability": "VCID-sw4g-uf26-m3bw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/h2database@1.4.197-4%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/98248?format=api", "purl": "pkg:deb/debian/h2database@1.4.197-4%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/h2database@1.4.197-4%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/909384?format=api", "purl": "pkg:deb/debian/h2database@1.4.197-4%2Bdeb11u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/h2database@1.4.197-4%252Bdeb11u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/98250?format=api", "purl": "pkg:deb/debian/h2database@2.1.210-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/h2database@2.1.210-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/98246?format=api", "purl": "pkg:deb/debian/h2database@2.1.214-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/h2database@2.1.214-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/98249?format=api", "purl": "pkg:deb/debian/h2database@2.2.220-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/h2database@2.2.220-1%3Fdistro=trixie" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516157?format=api", "purl": "pkg:deb/debian/h2database@1.4.193-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5kns-j1rv-9ybf" }, { "vulnerability": "VCID-sw4g-uf26-m3bw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/h2database@1.4.193-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/516158?format=api", "purl": "pkg:deb/debian/h2database@1.4.197-4%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5kns-j1rv-9ybf" }, { "vulnerability": "VCID-sw4g-uf26-m3bw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/h2database@1.4.197-4%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/134429?format=api", "purl": "pkg:rpm/redhat/eap7-h2database@1.4.197-2.redhat_00004.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5kns-j1rv-9ybf" }, { "vulnerability": "VCID-sw4g-uf26-m3bw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-h2database@1.4.197-2.redhat_00004.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/134431?format=api", "purl": "pkg:rpm/redhat/eap7-h2database@1.4.197-2.redhat_00004.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5kns-j1rv-9ybf" }, { "vulnerability": "VCID-sw4g-uf26-m3bw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-h2database@1.4.197-2.redhat_00004.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/126411?format=api", "purl": "pkg:rpm/redhat/eap7-hal-console@3.2.17-1.Final_redhat_00001.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5kns-j1rv-9ybf" }, { "vulnerability": "VCID-8n99-buv5-wkes" }, { "vulnerability": "VCID-d2hp-jmtk-kfb9" }, { "vulnerability": "VCID-e9hn-47hj-jbbc" }, { "vulnerability": "VCID-hm4x-n9xk-ckes" }, { "vulnerability": "VCID-m99z-sjft-8fbs" }, { "vulnerability": "VCID-nbdw-rgrx-bkeb" }, { "vulnerability": "VCID-r4xe-h69g-vfhk" }, { "vulnerability": "VCID-uumb-j4ue-fbfe" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-hal-console@3.2.17-1.Final_redhat_00001.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/126418?format=api", "purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.10.4-2.redhat_00004.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5kns-j1rv-9ybf" }, { "vulnerability": "VCID-8n99-buv5-wkes" }, { "vulnerability": "VCID-d2hp-jmtk-kfb9" }, { "vulnerability": "VCID-e9hn-47hj-jbbc" }, { "vulnerability": "VCID-hm4x-n9xk-ckes" }, { "vulnerability": "VCID-m99z-sjft-8fbs" }, { "vulnerability": "VCID-nbdw-rgrx-bkeb" }, { "vulnerability": "VCID-r4xe-h69g-vfhk" }, { "vulnerability": "VCID-uumb-j4ue-fbfe" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-annotations@2.10.4-2.redhat_00004.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/126421?format=api", "purl": "pkg:rpm/redhat/eap7-jackson-core@2.10.4-2.redhat_00004.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5kns-j1rv-9ybf" }, { "vulnerability": "VCID-8n99-buv5-wkes" }, { "vulnerability": "VCID-d2hp-jmtk-kfb9" }, { "vulnerability": "VCID-e9hn-47hj-jbbc" }, { "vulnerability": "VCID-hm4x-n9xk-ckes" }, { "vulnerability": "VCID-m99z-sjft-8fbs" }, { "vulnerability": "VCID-nbdw-rgrx-bkeb" }, { "vulnerability": "VCID-r4xe-h69g-vfhk" }, { "vulnerability": "VCID-uumb-j4ue-fbfe" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-core@2.10.4-2.redhat_00004.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/126420?format=api", "purl": "pkg:rpm/redhat/eap7-jackson-databind@2.10.4-4.redhat_00004.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5kns-j1rv-9ybf" }, { "vulnerability": "VCID-8n99-buv5-wkes" }, { "vulnerability": "VCID-d2hp-jmtk-kfb9" }, { "vulnerability": "VCID-e9hn-47hj-jbbc" }, { "vulnerability": "VCID-hm4x-n9xk-ckes" }, { "vulnerability": "VCID-m99z-sjft-8fbs" }, { "vulnerability": "VCID-nbdw-rgrx-bkeb" }, { "vulnerability": "VCID-r4xe-h69g-vfhk" }, { "vulnerability": "VCID-r94a-3fq2-efdg" }, { "vulnerability": "VCID-uumb-j4ue-fbfe" }, { "vulnerability": "VCID-w1c4-c4xs-yba4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-databind@2.10.4-4.redhat_00004.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/126423?format=api", "purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.10.4-2.redhat_00004.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5kns-j1rv-9ybf" }, { "vulnerability": "VCID-8n99-buv5-wkes" }, { "vulnerability": "VCID-d2hp-jmtk-kfb9" }, { "vulnerability": "VCID-e9hn-47hj-jbbc" }, { "vulnerability": "VCID-hm4x-n9xk-ckes" }, { "vulnerability": "VCID-m99z-sjft-8fbs" }, { "vulnerability": "VCID-nbdw-rgrx-bkeb" }, { "vulnerability": "VCID-r4xe-h69g-vfhk" }, { "vulnerability": "VCID-uumb-j4ue-fbfe" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.10.4-2.redhat_00004.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/126412?format=api", "purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.10.4-4.redhat_00004.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5kns-j1rv-9ybf" }, { "vulnerability": "VCID-8n99-buv5-wkes" }, { "vulnerability": "VCID-d2hp-jmtk-kfb9" }, { "vulnerability": "VCID-e9hn-47hj-jbbc" }, { "vulnerability": "VCID-hm4x-n9xk-ckes" }, { "vulnerability": "VCID-m99z-sjft-8fbs" }, { "vulnerability": "VCID-nbdw-rgrx-bkeb" }, { "vulnerability": "VCID-r4xe-h69g-vfhk" }, { "vulnerability": "VCID-uumb-j4ue-fbfe" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-modules-base@2.10.4-4.redhat_00004.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/126415?format=api", "purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.10.4-2.redhat_00004.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5kns-j1rv-9ybf" }, { "vulnerability": "VCID-8n99-buv5-wkes" }, { "vulnerability": "VCID-az78-umjq-z3bc" }, { "vulnerability": "VCID-d2hp-jmtk-kfb9" }, { "vulnerability": "VCID-e9hn-47hj-jbbc" }, { "vulnerability": "VCID-hm4x-n9xk-ckes" }, { "vulnerability": "VCID-m99z-sjft-8fbs" }, { "vulnerability": "VCID-nbdw-rgrx-bkeb" }, { "vulnerability": "VCID-r4xe-h69g-vfhk" }, { "vulnerability": "VCID-r94a-3fq2-efdg" }, { "vulnerability": "VCID-uumb-j4ue-fbfe" }, { "vulnerability": "VCID-w1c4-c4xs-yba4" }, { "vulnerability": "VCID-yywj-jh4h-qbhw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-modules-java8@2.10.4-2.redhat_00004.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/126422?format=api", "purl": "pkg:rpm/redhat/eap7-jettison@1.5.2-2.redhat_00002.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5kns-j1rv-9ybf" }, { "vulnerability": "VCID-8n99-buv5-wkes" }, { "vulnerability": "VCID-d2hp-jmtk-kfb9" }, { "vulnerability": "VCID-e9hn-47hj-jbbc" }, { "vulnerability": "VCID-hm4x-n9xk-ckes" }, { "vulnerability": "VCID-m99z-sjft-8fbs" }, { "vulnerability": "VCID-nbdw-rgrx-bkeb" }, { "vulnerability": "VCID-r4xe-h69g-vfhk" }, { "vulnerability": "VCID-uumb-j4ue-fbfe" }, { "vulnerability": "VCID-yywj-jh4h-qbhw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jettison@1.5.2-2.redhat_00002.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/126426?format=api", "purl": "pkg:rpm/redhat/eap7-netty@4.1.63-4.Final_redhat_00002.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5kns-j1rv-9ybf" }, { "vulnerability": "VCID-8n99-buv5-wkes" }, { "vulnerability": "VCID-d2hp-jmtk-kfb9" }, { "vulnerability": "VCID-e9hn-47hj-jbbc" }, { "vulnerability": "VCID-hm4x-n9xk-ckes" }, { "vulnerability": "VCID-m99z-sjft-8fbs" }, { "vulnerability": "VCID-nbdw-rgrx-bkeb" }, { "vulnerability": "VCID-r4xe-h69g-vfhk" }, { "vulnerability": "VCID-uumb-j4ue-fbfe" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-netty@4.1.63-4.Final_redhat_00002.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/126413?format=api", "purl": "pkg:rpm/redhat/eap7-resteasy@3.11.6-1.Final_redhat_00001.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5kns-j1rv-9ybf" }, { "vulnerability": "VCID-8n99-buv5-wkes" }, { "vulnerability": "VCID-az78-umjq-z3bc" }, { "vulnerability": "VCID-d2hp-jmtk-kfb9" }, { "vulnerability": "VCID-e9hn-47hj-jbbc" }, { "vulnerability": "VCID-hm4x-n9xk-ckes" }, { "vulnerability": "VCID-m99z-sjft-8fbs" }, { "vulnerability": "VCID-nbdw-rgrx-bkeb" }, { "vulnerability": "VCID-r4xe-h69g-vfhk" }, { "vulnerability": "VCID-r94a-3fq2-efdg" }, { "vulnerability": "VCID-uumb-j4ue-fbfe" }, { "vulnerability": "VCID-w1c4-c4xs-yba4" }, { "vulnerability": "VCID-yywj-jh4h-qbhw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-resteasy@3.11.6-1.Final_redhat_00001.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/126424?format=api", "purl": "pkg:rpm/redhat/eap7-snakeyaml@1.33.0-1.SP1_redhat_00001.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5kns-j1rv-9ybf" }, { "vulnerability": "VCID-8n99-buv5-wkes" }, { "vulnerability": "VCID-az78-umjq-z3bc" }, { "vulnerability": "VCID-d2hp-jmtk-kfb9" }, { "vulnerability": "VCID-e9hn-47hj-jbbc" }, { "vulnerability": "VCID-hm4x-n9xk-ckes" }, { "vulnerability": "VCID-m99z-sjft-8fbs" }, { "vulnerability": "VCID-nbdw-rgrx-bkeb" }, { "vulnerability": "VCID-r4xe-h69g-vfhk" }, { "vulnerability": "VCID-uumb-j4ue-fbfe" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-snakeyaml@1.33.0-1.SP1_redhat_00001.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/126417?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly@7.3.12-3.GA_redhat_00002.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5kns-j1rv-9ybf" }, { "vulnerability": "VCID-8n99-buv5-wkes" }, { "vulnerability": "VCID-d2hp-jmtk-kfb9" }, { "vulnerability": "VCID-e9hn-47hj-jbbc" }, { "vulnerability": "VCID-hm4x-n9xk-ckes" }, { "vulnerability": "VCID-m99z-sjft-8fbs" }, { "vulnerability": "VCID-nbdw-rgrx-bkeb" }, { "vulnerability": "VCID-r4xe-h69g-vfhk" }, { "vulnerability": "VCID-uumb-j4ue-fbfe" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly@7.3.12-3.GA_redhat_00002.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/130639?format=api", "purl": "pkg:rpm/redhat/rh-sso7@1-5?arch=el9sso", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dxq-vw4d-jfhq" }, { "vulnerability": "VCID-5kns-j1rv-9ybf" }, { "vulnerability": "VCID-8fr2-v728-cfcc" }, { "vulnerability": "VCID-8sqn-nkzx-euec" }, { "vulnerability": "VCID-8ze1-r95u-xbg8" }, { "vulnerability": "VCID-9evr-uk2w-ayg6" }, { "vulnerability": "VCID-ag7u-zdts-2qb1" }, { "vulnerability": "VCID-apmf-stq4-8udt" }, { "vulnerability": "VCID-c4ms-cx82-n7bm" }, { "vulnerability": "VCID-r9dc-6tk9-qkeh" }, { "vulnerability": "VCID-tqvr-tetp-8ugb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7@1-5%3Farch=el9sso" }, { "url": "http://public2.vulnerablecode.io/api/packages/130644?format=api", "purl": "pkg:rpm/redhat/rh-sso7-javapackages-tools@6.0.0-7?arch=el9sso", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dxq-vw4d-jfhq" }, { "vulnerability": "VCID-5kns-j1rv-9ybf" }, { "vulnerability": "VCID-8fr2-v728-cfcc" }, { "vulnerability": "VCID-8sqn-nkzx-euec" }, { "vulnerability": "VCID-8ze1-r95u-xbg8" }, { "vulnerability": "VCID-9evr-uk2w-ayg6" }, { "vulnerability": "VCID-ag7u-zdts-2qb1" }, { "vulnerability": "VCID-apmf-stq4-8udt" }, { "vulnerability": "VCID-c4ms-cx82-n7bm" }, { "vulnerability": "VCID-tqvr-tetp-8ugb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-javapackages-tools@6.0.0-7%3Farch=el9sso" }, { "url": "http://public2.vulnerablecode.io/api/packages/130640?format=api", "purl": "pkg:rpm/redhat/rh-sso7-keycloak@15.0.8-1.redhat_00001.1?arch=el7sso", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5kns-j1rv-9ybf" }, { "vulnerability": "VCID-8fr2-v728-cfcc" }, { "vulnerability": "VCID-8sqn-nkzx-euec" }, { "vulnerability": "VCID-8ze1-r95u-xbg8" }, { "vulnerability": "VCID-9evr-uk2w-ayg6" }, { "vulnerability": "VCID-ag7u-zdts-2qb1" }, { "vulnerability": "VCID-apmf-stq4-8udt" }, { "vulnerability": "VCID-kfxs-f5j7-mfhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@15.0.8-1.redhat_00001.1%3Farch=el7sso" }, { "url": "http://public2.vulnerablecode.io/api/packages/130643?format=api", "purl": "pkg:rpm/redhat/rh-sso7-keycloak@15.0.8-1.redhat_00001.1?arch=el8sso", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5kns-j1rv-9ybf" }, { "vulnerability": "VCID-8fr2-v728-cfcc" }, { "vulnerability": "VCID-8sqn-nkzx-euec" }, { "vulnerability": "VCID-8ze1-r95u-xbg8" }, { "vulnerability": "VCID-9evr-uk2w-ayg6" }, { "vulnerability": "VCID-ag7u-zdts-2qb1" }, { "vulnerability": "VCID-apmf-stq4-8udt" }, { "vulnerability": "VCID-kfxs-f5j7-mfhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@15.0.8-1.redhat_00001.1%3Farch=el8sso" }, { "url": "http://public2.vulnerablecode.io/api/packages/130638?format=api", "purl": "pkg:rpm/redhat/rh-sso7-keycloak@18.0.3-1.redhat_00001.1?arch=el9sso", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dxq-vw4d-jfhq" }, { "vulnerability": "VCID-5kns-j1rv-9ybf" }, { "vulnerability": "VCID-8fr2-v728-cfcc" }, { "vulnerability": "VCID-8sqn-nkzx-euec" }, { "vulnerability": "VCID-8ze1-r95u-xbg8" }, { "vulnerability": "VCID-9evr-uk2w-ayg6" }, { "vulnerability": "VCID-ag7u-zdts-2qb1" }, { "vulnerability": "VCID-apmf-stq4-8udt" }, { "vulnerability": "VCID-c4ms-cx82-n7bm" }, { "vulnerability": "VCID-r9dc-6tk9-qkeh" }, { "vulnerability": "VCID-tqvr-tetp-8ugb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@18.0.3-1.redhat_00001.1%3Farch=el9sso" }, { "url": "http://public2.vulnerablecode.io/api/packages/130641?format=api", "purl": "pkg:rpm/redhat/rh-sso7-keycloak@18.0.3-1.redhat_00001.1?arch=el8sso", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dxq-vw4d-jfhq" }, { "vulnerability": "VCID-5kns-j1rv-9ybf" }, { "vulnerability": "VCID-8fr2-v728-cfcc" }, { "vulnerability": "VCID-8sqn-nkzx-euec" }, { "vulnerability": "VCID-8ze1-r95u-xbg8" }, { "vulnerability": "VCID-9evr-uk2w-ayg6" }, { "vulnerability": "VCID-ag7u-zdts-2qb1" }, { "vulnerability": "VCID-apmf-stq4-8udt" }, { "vulnerability": "VCID-c4ms-cx82-n7bm" }, { "vulnerability": "VCID-r9dc-6tk9-qkeh" }, { "vulnerability": "VCID-tqvr-tetp-8ugb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@18.0.3-1.redhat_00001.1%3Farch=el8sso" }, { "url": "http://public2.vulnerablecode.io/api/packages/130642?format=api", "purl": "pkg:rpm/redhat/rh-sso7-keycloak@18.0.3-1.redhat_00001.1?arch=el7sso", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dxq-vw4d-jfhq" }, { "vulnerability": "VCID-5kns-j1rv-9ybf" }, { "vulnerability": "VCID-8fr2-v728-cfcc" }, { "vulnerability": "VCID-8sqn-nkzx-euec" }, { "vulnerability": "VCID-8ze1-r95u-xbg8" }, { "vulnerability": "VCID-9evr-uk2w-ayg6" }, { "vulnerability": "VCID-ag7u-zdts-2qb1" }, { "vulnerability": "VCID-apmf-stq4-8udt" }, { "vulnerability": "VCID-c4ms-cx82-n7bm" }, { "vulnerability": "VCID-r9dc-6tk9-qkeh" }, { "vulnerability": "VCID-tqvr-tetp-8ugb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@18.0.3-1.redhat_00001.1%3Farch=el7sso" } ], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42392.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42392.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-42392", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.90592", "scoring_system": "epss", "scoring_elements": "0.99632", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.90592", "scoring_system": "epss", "scoring_elements": "0.99633", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-42392" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42392", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42392" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23221", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23221" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003894", "reference_id": "1003894", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003894" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039403", "reference_id": "2039403", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039403" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1013", "reference_id": "RHSA-2022:1013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4918", "reference_id": "RHSA-2022:4918", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4918" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4919", "reference_id": "RHSA-2022:4919", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4919" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4922", "reference_id": "RHSA-2022:4922", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4922" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6782", "reference_id": "RHSA-2022:6782", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6782" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6783", "reference_id": "RHSA-2022:6783", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6783" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6787", "reference_id": "RHSA-2022:6787", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6787" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7409", "reference_id": "RHSA-2022:7409", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7409" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7410", "reference_id": "RHSA-2022:7410", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7410" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7411", "reference_id": "RHSA-2022:7411", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7411" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7417", "reference_id": "RHSA-2022:7417", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7417" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1747", "reference_id": "RHSA-2025:1747", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1747" }, { "reference_url": "https://usn.ubuntu.com/5365-1/", "reference_id": "USN-5365-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5365-1/" }, { "reference_url": "https://usn.ubuntu.com/6834-1/", "reference_id": "USN-6834-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6834-1/" } ], "weaknesses": [ { "cwe_id": 502, "name": "Deserialization of Untrusted Data", "description": "The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid." } ], "exploits": [], "severity_range_score": "9.8 - 9.8", "exploitability": "2.0", "weighted_severity": "8.8", "risk_score": 10.0, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5kns-j1rv-9ybf" }