Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/80936?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80936?format=api", "vulnerability_id": "VCID-ptk1-n6zn-9bbn", "summary": "Thymeleaf is a server-side Java template engine for web and standalone environments. Prior to 3.1.5.RELEASE, a security bypass vulnerability exists in the expression execution mechanisms of Thymeleaf. Although the library provides mechanisms to avoid the execution of potentially dangerous expressions in some specific sandboxed (restricted) contexts, it fails to properly neutralize specific constructs that allow this kind of expressions to be executed. If an application developer passes to the template engine unsanitized variables that contain such expressions, and these values are used in sandboxed contexts inside the templates, these expressions can be executed achieving Server-Side Template Injection (SSTI). This vulnerability is fixed in 3.1.5.RELEASE.", "aliases": [ { "alias": "CVE-2026-41901" }, { "alias": "GHSA-c9ph-gxww-7744" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/375353?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@3.1.5.RELEASE", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@3.1.5.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/375354?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf-spring5@3.1.5.RELEASE", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf-spring5@3.1.5.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/375355?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf-spring6@3.1.5.RELEASE", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf-spring6@3.1.5.RELEASE" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1008021?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@m1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@m1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008022?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@1.0.0-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@1.0.0-beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008023?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@1.0.0-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@1.0.0-beta2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008024?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@1.0.0-beta3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@1.0.0-beta3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008025?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@1.0.0-beta4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@1.0.0-beta4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008026?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@1.0.0-beta5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@1.0.0-beta5" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008027?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@1.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@1.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008028?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@1.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@1.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008029?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@1.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@1.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008030?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@1.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@1.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008031?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@1.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@1.1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008032?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@1.1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@1.1.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008033?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@1.1.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@1.1.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008034?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@1.1.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@1.1.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008035?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@2.0.0-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@2.0.0-beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008036?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@2.0.0-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@2.0.0-beta2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008037?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@2.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@2.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008038?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@2.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@2.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008039?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@2.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@2.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008040?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@2.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@2.0.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008041?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@2.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@2.0.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008042?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@2.0.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@2.0.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008043?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@2.0.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@2.0.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008044?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@2.0.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@2.0.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008045?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@2.0.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@2.0.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008046?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@2.0.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@2.0.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008047?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@2.0.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@2.0.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008048?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@2.0.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@2.0.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008049?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@2.0.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@2.0.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008050?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@2.0.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@2.0.13" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008051?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@2.0.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@2.0.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008052?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@2.0.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@2.0.15" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008053?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@2.0.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@2.0.16" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008054?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@2.0.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@2.0.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008055?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@2.0.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@2.0.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008056?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@2.0.19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@2.0.19" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008057?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@2.0.20", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@2.0.20" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008058?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@2.0.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@2.0.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008059?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@2.1.0-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@2.1.0-beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008060?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@2.1.0-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@2.1.0-beta2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008061?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@2.1.0-m1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@2.1.0-m1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008062?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@2.1.0-m2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@2.1.0-m2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008063?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@2.1.0-m3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@2.1.0-m3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008064?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@2.1.0.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@2.1.0.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008065?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@2.1.1.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@2.1.1.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008066?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@2.1.2.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@2.1.2.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008067?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@2.1.3.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@2.1.3.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008068?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@2.1.4.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@2.1.4.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008069?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@2.1.5.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@2.1.5.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008070?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@2.1.6.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@2.1.6.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008071?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@3.0.0.ALPHA01", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@3.0.0.ALPHA01" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008072?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@3.0.0.ALPHA02", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@3.0.0.ALPHA02" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008073?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@3.0.0.ALPHA03", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@3.0.0.ALPHA03" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008074?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@3.0.0.BETA01", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@3.0.0.BETA01" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008075?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@3.0.0.BETA02", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@3.0.0.BETA02" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008076?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@3.0.0.BETA03", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@3.0.0.BETA03" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008077?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@3.0.0.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@3.0.0.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008078?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@3.0.1.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@3.0.1.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008079?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@3.0.2.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@3.0.2.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008080?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@3.0.3.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@3.0.3.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008081?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@3.0.4.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@3.0.4.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008082?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@3.0.5.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@3.0.5.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008083?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@3.0.6.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@3.0.6.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008084?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@3.0.7.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@3.0.7.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008085?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@3.0.8.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@3.0.8.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008086?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@3.0.9.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@3.0.9.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008087?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@3.0.10.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@3.0.10.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008088?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@3.0.11.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@3.0.11.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008089?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@3.0.12.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@3.0.12.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008090?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@3.0.13.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@3.0.13.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008091?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@3.0.14.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@3.0.14.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008092?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@3.0.15.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@3.0.15.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008093?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@3.1.0.M1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@3.1.0.M1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008094?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@3.1.0.M2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@3.1.0.M2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008095?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@3.1.0.M3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@3.1.0.M3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008096?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@3.1.0.RC1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@3.1.0.RC1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008097?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@3.1.0.RC2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@3.1.0.RC2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008098?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@3.1.0.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@3.1.0.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008099?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@3.1.1.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@3.1.1.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008100?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@3.1.2.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@3.1.2.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008101?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@3.1.3.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@3.1.3.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/373326?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf@3.1.4.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf@3.1.4.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/639290?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf-spring5@3.0.3.M1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-9rm9-dd2r-ayat" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf-spring5@3.0.3.M1" }, { "url": "http://public2.vulnerablecode.io/api/packages/639291?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf-spring5@3.0.4.M2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-9rm9-dd2r-ayat" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf-spring5@3.0.4.M2" }, { "url": "http://public2.vulnerablecode.io/api/packages/639292?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf-spring5@3.0.5.M3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-9rm9-dd2r-ayat" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf-spring5@3.0.5.M3" }, { "url": "http://public2.vulnerablecode.io/api/packages/639293?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf-spring5@3.0.6.M4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-9rm9-dd2r-ayat" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf-spring5@3.0.6.M4" }, { "url": "http://public2.vulnerablecode.io/api/packages/639294?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf-spring5@3.0.7.RC1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-9rm9-dd2r-ayat" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf-spring5@3.0.7.RC1" }, { "url": "http://public2.vulnerablecode.io/api/packages/639295?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf-spring5@3.0.8.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-9rm9-dd2r-ayat" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf-spring5@3.0.8.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/639296?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf-spring5@3.0.9.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-9rm9-dd2r-ayat" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf-spring5@3.0.9.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/639297?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf-spring5@3.0.10.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-9rm9-dd2r-ayat" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf-spring5@3.0.10.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/639298?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf-spring5@3.0.11.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-9rm9-dd2r-ayat" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf-spring5@3.0.11.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/17994?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf-spring5@3.0.12.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2hyy-acxm-1bam" }, { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-9rm9-dd2r-ayat" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf-spring5@3.0.12.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/17995?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf-spring5@3.0.13.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-9rm9-dd2r-ayat" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf-spring5@3.0.13.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/639299?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf-spring5@3.0.14.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-9rm9-dd2r-ayat" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf-spring5@3.0.14.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/639300?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf-spring5@3.0.15.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-9rm9-dd2r-ayat" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf-spring5@3.0.15.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/639301?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf-spring5@3.1.0.M1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-9rm9-dd2r-ayat" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf-spring5@3.1.0.M1" }, { "url": "http://public2.vulnerablecode.io/api/packages/639302?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf-spring5@3.1.0.M2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-9rm9-dd2r-ayat" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf-spring5@3.1.0.M2" }, { "url": "http://public2.vulnerablecode.io/api/packages/639303?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf-spring5@3.1.0.M3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-9rm9-dd2r-ayat" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf-spring5@3.1.0.M3" }, { "url": "http://public2.vulnerablecode.io/api/packages/639304?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf-spring5@3.1.0.RC1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-9rm9-dd2r-ayat" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf-spring5@3.1.0.RC1" }, { "url": "http://public2.vulnerablecode.io/api/packages/639305?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf-spring5@3.1.0.RC2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-9rm9-dd2r-ayat" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf-spring5@3.1.0.RC2" }, { "url": "http://public2.vulnerablecode.io/api/packages/639306?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf-spring5@3.1.0.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-9rm9-dd2r-ayat" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf-spring5@3.1.0.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/639307?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf-spring5@3.1.1.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf-spring5@3.1.1.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/393919?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf-spring5@3.1.2.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf-spring5@3.1.2.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008263?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf-spring5@3.1.3.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf-spring5@3.1.3.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/373327?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf-spring5@3.1.4.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf-spring5@3.1.4.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008006?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf-spring6@3.1.0.M1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf-spring6@3.1.0.M1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008007?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf-spring6@3.1.0.M2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf-spring6@3.1.0.M2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008008?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf-spring6@3.1.0.M3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf-spring6@3.1.0.M3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008009?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf-spring6@3.1.0.RC1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf-spring6@3.1.0.RC1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008010?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf-spring6@3.1.0.RC2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf-spring6@3.1.0.RC2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008011?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf-spring6@3.1.0.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf-spring6@3.1.0.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008012?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf-spring6@3.1.1.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf-spring6@3.1.1.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008013?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf-spring6@3.1.2.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf-spring6@3.1.2.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/1008014?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf-spring6@3.1.3.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3r8s-er6d-zqh7" }, { "vulnerability": "VCID-jypn-wmp5-y7dm" }, { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf-spring6@3.1.3.RELEASE" }, { "url": "http://public2.vulnerablecode.io/api/packages/373328?format=api", "purl": "pkg:maven/org.thymeleaf/thymeleaf-spring6@3.1.4.RELEASE", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ptk1-n6zn-9bbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.thymeleaf/thymeleaf-spring6@3.1.4.RELEASE" } ], "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41901", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.27842", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28041", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29713", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29698", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41901" }, { "reference_url": "https://github.com/thymeleaf/thymeleaf", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/thymeleaf/thymeleaf" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41901", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41901" }, { "reference_url": "https://github.com/advisories/GHSA-c9ph-gxww-7744", "reference_id": "GHSA-c9ph-gxww-7744", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-c9ph-gxww-7744" }, { "reference_url": "https://github.com/thymeleaf/thymeleaf/security/advisories/GHSA-c9ph-gxww-7744", "reference_id": "GHSA-c9ph-gxww-7744", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "9.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-13T12:07:53Z/" } ], "url": "https://github.com/thymeleaf/thymeleaf/security/advisories/GHSA-c9ph-gxww-7744" } ], "weaknesses": [ { "cwe_id": 917, "name": "Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')", "description": "The product constructs all or part of an expression language (EL) statement in a framework such as a Java Server Page (JSP) using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended EL statement before it is executed." }, { "cwe_id": 1336, "name": "Improper Neutralization of Special Elements Used in a Template Engine", "description": "The product uses a template engine to insert or process externally-influenced input, but it does not neutralize or incorrectly neutralizes special elements or syntax that can be interpreted as template expressions or other code directives when processed by the engine." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." } ], "exploits": [], "severity_range_score": "9.0 - 10.0", "exploitability": "0.5", "weighted_severity": "9.0", "risk_score": 4.5, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ptk1-n6zn-9bbn" }