{"url":"http://public2.vulnerablecode.io/api/packages/102909?format=json","purl":"pkg:rpm/redhat/eap8-apache-cxf-xjc-utils@4.1.0-1.redhat_00001.1?arch=el9eap","type":"rpm","namespace":"redhat","name":"eap8-apache-cxf-xjc-utils","version":"4.1.0-1.redhat_00001.1","qualifiers":{"arch":"el9eap"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57828?format=json","vulnerability_id":"VCID-36k9-5vt3-7yd6","summary":"Netty affected by MadeYouReset HTTP/2 DDoS vulnerability\nThe MadeYouReset DDoS vulnerability is a logical vulnerability in the HTTP/2 protocol, that uses malformed HTTP/2 control frames in order to break the max concurrent streams limit - which results in resource exhaustion and distributed denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55163.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55163.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-55163","reference_id":"","reference_type":"","scores":[{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16929","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16806","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16887","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16924","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00122","scoring_system":"epss","scoring_elements":"0.30839","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-55163"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55163","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55163"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/grpc/grpc-java/commit/6462ef9a11980e168c21d90bbc7245c728fd1a7a","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/grpc/grpc-java/commit/6462ef9a11980e168c21d90bbc7245c728fd1a7a"},{"reference_url":"https://github.com/netty/netty","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/netty/netty"},{"reference_url":"https://github.com/netty/netty/commit/be53dc3c9acd9af2e20d0c3c07cd77115a594cf1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/netty/netty/commit/be53dc3c9acd9af2e20d0c3c07cd77115a594cf1"},{"reference_url":"https://www.kb.cert.org/vuls/id/767506","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.kb.cert.org/vuls/id/767506"},{"reference_url":"http://www.openwall.com/lists/oss-security/2025/08/16/1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2025/08/16/1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111105","reference_id":"1111105","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111105"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2388252","reference_id":"2388252","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2388252"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-55163","reference_id":"CVE-2025-55163","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-55163"},{"reference_url":"https://github.com/advisories/GHSA-prj3-ccx8-p6x4","reference_id":"GHSA-prj3-ccx8-p6x4","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-prj3-ccx8-p6x4"},{"reference_url":"https://github.com/netty/netty/security/advisories/GHSA-prj3-ccx8-p6x4","reference_id":"GHSA-prj3-ccx8-p6x4","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-13T14:37:06Z/"}],"url":"https://github.com/netty/netty/security/advisories/GHSA-prj3-ccx8-p6x4"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14004","reference_id":"RHSA-2025:14004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14008","reference_id":"RHSA-2025:14008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14008"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14197","reference_id":"RHSA-2025:14197","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14197"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14911","reference_id":"RHSA-2025:14911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14911"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14919","reference_id":"RHSA-2025:14919","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14919"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15612","reference_id":"RHSA-2025:15612","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15612"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15697","reference_id":"RHSA-2025:15697","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15697"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16407","reference_id":"RHSA-2025:16407","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16407"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17298","reference_id":"RHSA-2025:17298","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17298"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17299","reference_id":"RHSA-2025:17299","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17299"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17317","reference_id":"RHSA-2025:17317","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17317"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17318","reference_id":"RHSA-2025:17318","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17318"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17501","reference_id":"RHSA-2025:17501","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17501"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18989","reference_id":"RHSA-2025:18989","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18989"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19094","reference_id":"RHSA-2025:19094","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19094"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0742","reference_id":"RHSA-2026:0742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0742"}],"fixed_packages":[],"aliases":["CVE-2025-55163","GHSA-prj3-ccx8-p6x4"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-36k9-5vt3-7yd6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57799?format=json","vulnerability_id":"VCID-48we-7j9n-eba8","summary":"Apache CXF: Untrusted JMS configuration can lead to RCE\nIf untrusted users are allowed to configure JMS for Apache CXF, previously they could use RMI or LDAP URLs, potentially leading to code execution capabilities.  This interface is now restricted to reject those protocols, removing this possibility.\n\nUsers are recommended to upgrade to versions 3.6.8, 4.0.9 or 4.1.3, which fix this issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48913.json","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48913.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-48913","reference_id":"","reference_type":"","scores":[{"value":"0.0044","scoring_system":"epss","scoring_elements":"0.63538","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0044","scoring_system":"epss","scoring_elements":"0.63525","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0044","scoring_system":"epss","scoring_elements":"0.63536","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0044","scoring_system":"epss","scoring_elements":"0.63545","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-48913"},{"reference_url":"https://github.com/apache/cxf","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/cxf"},{"reference_url":"https://github.com/apache/cxf/commit/24e50ffeca3132570c2f297c5c7dbd05a1bb1bfa","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/cxf/commit/24e50ffeca3132570c2f297c5c7dbd05a1bb1bfa"},{"reference_url":"https://lists.apache.org/thread/f1nv488ztc0js4g5ml2v88mzkzslyh83","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-08-13T15:03:45Z/"}],"url":"https://lists.apache.org/thread/f1nv488ztc0js4g5ml2v88mzkzslyh83"},{"reference_url":"http://www.openwall.com/lists/oss-security/2025/08/07/2","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2025/08/07/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2387221","reference_id":"2387221","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2387221"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-48913","reference_id":"CVE-2025-48913","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-48913"},{"reference_url":"https://github.com/advisories/GHSA-g4px-6qhm-hqjm","reference_id":"GHSA-g4px-6qhm-hqjm","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-g4px-6qhm-hqjm"},{"reference_url":"https://github.com/mbhatt1/disclosures/security/advisories/GHSA-hv69-h8rg-7jg2","reference_id":"GHSA-hv69-h8rg-7jg2","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mbhatt1/disclosures/security/advisories/GHSA-hv69-h8rg-7jg2"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17298","reference_id":"RHSA-2025:17298","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17298"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17299","reference_id":"RHSA-2025:17299","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17299"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17317","reference_id":"RHSA-2025:17317","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17317"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17318","reference_id":"RHSA-2025:17318","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17318"}],"fixed_packages":[],"aliases":["CVE-2025-48913","GHSA-g4px-6qhm-hqjm"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-48we-7j9n-eba8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58065?format=json","vulnerability_id":"VCID-tdx9-auyq-sugr","summary":"Netty vulnerable to request smuggling due to incorrect parsing of chunk extensions\nA flaw in netty's parsing of chunk extensions in HTTP/1.1 messages with chunked encoding can lead to request smuggling issues with some reverse proxies.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58056.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58056.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-58056","reference_id":"","reference_type":"","scores":[{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.2672","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26816","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26807","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26767","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26712","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-58056"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58056","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58056"},{"reference_url":"https://datatracker.ietf.org/doc/html/rfc9112#name-chunked-transfer-coding","reference_id":"","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-04T19:09:52Z/"}],"url":"https://datatracker.ietf.org/doc/html/rfc9112#name-chunked-transfer-coding"},{"reference_url":"https://github.com/github/advisory-database/pull/6092","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/github/advisory-database/pull/6092"},{"reference_url":"https://github.com/JLLeitschuh/unCVEed/issues/1","reference_id":"","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-04T19:09:52Z/"}],"url":"https://github.com/JLLeitschuh/unCVEed/issues/1"},{"reference_url":"https://github.com/netty/netty","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/netty/netty"},{"reference_url":"https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284","reference_id":"","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-04T19:09:52Z/"}],"url":"https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284"},{"reference_url":"https://github.com/netty/netty/issues/15522","reference_id":"","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-04T19:09:52Z/"}],"url":"https://github.com/netty/netty/issues/15522"},{"reference_url":"https://github.com/netty/netty/pull/15611","reference_id":"","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-04T19:09:52Z/"}],"url":"https://github.com/netty/netty/pull/15611"},{"reference_url":"https://w4ke.info/2025/06/18/funky-chunks.html","reference_id":"","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-04T19:09:52Z/"}],"url":"https://w4ke.info/2025/06/18/funky-chunks.html"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1113995","reference_id":"1113995","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1113995"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2392996","reference_id":"2392996","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2392996"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-58056","reference_id":"CVE-2025-58056","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-58056"},{"reference_url":"https://github.com/advisories/GHSA-fghv-69vj-qj49","reference_id":"GHSA-fghv-69vj-qj49","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-fghv-69vj-qj49"},{"reference_url":"https://github.com/netty/netty/security/advisories/GHSA-fghv-69vj-qj49","reference_id":"GHSA-fghv-69vj-qj49","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-04T19:09:52Z/"}],"url":"https://github.com/netty/netty/security/advisories/GHSA-fghv-69vj-qj49"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17187","reference_id":"RHSA-2025:17187","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17187"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17298","reference_id":"RHSA-2025:17298","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17298"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17299","reference_id":"RHSA-2025:17299","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17299"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17317","reference_id":"RHSA-2025:17317","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17317"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17318","reference_id":"RHSA-2025:17318","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17318"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17563","reference_id":"RHSA-2025:17563","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17563"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17567","reference_id":"RHSA-2025:17567","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17567"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18028","reference_id":"RHSA-2025:18028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18076","reference_id":"RHSA-2025:18076","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18076"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21148","reference_id":"RHSA-2025:21148","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21148"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3102","reference_id":"RHSA-2026:3102","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3102"},{"reference_url":"https://usn.ubuntu.com/7918-1/","reference_id":"USN-7918-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7918-1/"}],"fixed_packages":[],"aliases":["CVE-2025-58056","GHSA-fghv-69vj-qj49"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tdx9-auyq-sugr"}],"fixing_vulnerabilities":[],"risk_score":"4.4","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap8-apache-cxf-xjc-utils@4.1.0-1.redhat_00001.1%3Farch=el9eap"}