{"url":"http://public2.vulnerablecode.io/api/packages/112016?format=json","purl":"pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.23-122.jbcs?arch=el7","type":"rpm","namespace":"redhat","name":"jbcs-httpd24-httpd","version":"2.4.23-122.jbcs","qualifiers":{"arch":"el7"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3759?format=json","vulnerability_id":"VCID-3wuk-hwg1-6fa6","summary":"A design error in the \"ap_some_auth_required\" function renders the API unusuable in httpd 2.4.x. In particular the API is documented to answering if the request required authentication but only answers if there are Require lines in the applicable configuration. Since 2.4.x Require lines are used for authorization as well and can appear in configurations even when no authentication is required and the request is entirely unrestricted. This could lead to modules using this API to allow access when they should otherwise not do so. API users should use the new ap_some_authn_required API added in 2.4.16 instead.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3185.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3185.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-3185","reference_id":"","reference_type":"","scores":[{"value":"0.09491","scoring_system":"epss","scoring_elements":"0.92802","published_at":"2026-04-01T12:55:00Z"},{"value":"0.09491","scoring_system":"epss","scoring_elements":"0.92809","published_at":"2026-04-02T12:55:00Z"},{"value":"0.09491","scoring_system":"epss","scoring_elements":"0.92814","published_at":"2026-04-04T12:55:00Z"},{"value":"0.09491","scoring_system":"epss","scoring_elements":"0.92812","published_at":"2026-04-07T12:55:00Z"},{"value":"0.09491","scoring_system":"epss","scoring_elements":"0.92821","published_at":"2026-04-08T12:55:00Z"},{"value":"0.09491","scoring_system":"epss","scoring_elements":"0.92825","published_at":"2026-04-09T12:55:00Z"},{"value":"0.09491","scoring_system":"epss","scoring_elements":"0.92829","published_at":"2026-04-13T12:55:00Z"},{"value":"0.09491","scoring_system":"epss","scoring_elements":"0.92839","published_at":"2026-04-16T12:55:00Z"},{"value":"0.09491","scoring_system":"epss","scoring_elements":"0.9284","published_at":"2026-04-18T12:55:00Z"},{"value":"0.09491","scoring_system":"epss","scoring_elements":"0.92845","published_at":"2026-04-21T12:55:00Z"},{"value":"0.09491","scoring_system":"epss","scoring_elements":"0.92852","published_at":"2026-04-24T12:55:00Z"},{"value":"0.09491","scoring_system":"epss","scoring_elements":"0.92854","published_at":"2026-04-26T12:55:00Z"},{"value":"0.09491","scoring_system":"epss","scoring_elements":"0.92849","published_at":"2026-04-29T12:55:00Z"},{"value":"0.09491","scoring_system":"epss","scoring_elements":"0.92858","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-3185"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3185","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3185"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1243888","reference_id":"1243888","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1243888"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2015-3185.json","reference_id":"CVE-2015-3185","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2015-3185.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1666","reference_id":"RHSA-2015:1666","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1666"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1667","reference_id":"RHSA-2015:1667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2957","reference_id":"RHSA-2016:2957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2957"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2708","reference_id":"RHSA-2017:2708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2708"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2709","reference_id":"RHSA-2017:2709","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2709"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2710","reference_id":"RHSA-2017:2710","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2710"},{"reference_url":"https://usn.ubuntu.com/2686-1/","reference_id":"USN-2686-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2686-1/"}],"fixed_packages":[],"aliases":["CVE-2015-3185"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3wuk-hwg1-6fa6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3773?format=json","vulnerability_id":"VCID-jt89-ruvk-1kbj","summary":"The value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments. by mod_auth_digest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9788.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9788.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9788","reference_id":"","reference_type":"","scores":[{"value":"0.47063","scoring_system":"epss","scoring_elements":"0.97699","published_at":"2026-05-05T12:55:00Z"},{"value":"0.47063","scoring_system":"epss","scoring_elements":"0.97695","published_at":"2026-04-29T12:55:00Z"},{"value":"0.50243","scoring_system":"epss","scoring_elements":"0.97843","published_at":"2026-04-26T12:55:00Z"},{"value":"0.50243","scoring_system":"epss","scoring_elements":"0.97842","published_at":"2026-04-24T12:55:00Z"},{"value":"0.52641","scoring_system":"epss","scoring_elements":"0.97934","published_at":"2026-04-08T12:55:00Z"},{"value":"0.52641","scoring_system":"epss","scoring_elements":"0.97941","published_at":"2026-04-11T12:55:00Z"},{"value":"0.52641","scoring_system":"epss","scoring_elements":"0.97942","published_at":"2026-04-12T12:55:00Z"},{"value":"0.52641","scoring_system":"epss","scoring_elements":"0.97944","published_at":"2026-04-13T12:55:00Z"},{"value":"0.52641","scoring_system":"epss","scoring_elements":"0.9795","published_at":"2026-04-21T12:55:00Z"},{"value":"0.52641","scoring_system":"epss","scoring_elements":"0.97951","published_at":"2026-04-18T12:55:00Z"},{"value":"0.52641","scoring_system":"epss","scoring_elements":"0.97937","published_at":"2026-04-09T12:55:00Z"},{"value":"0.52641","scoring_system":"epss","scoring_elements":"0.97921","published_at":"2026-04-01T12:55:00Z"},{"value":"0.52641","scoring_system":"epss","scoring_elements":"0.97924","published_at":"2026-04-02T12:55:00Z"},{"value":"0.52641","scoring_system":"epss","scoring_elements":"0.97926","published_at":"2026-04-04T12:55:00Z"},{"value":"0.52641","scoring_system":"epss","scoring_elements":"0.97929","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9788"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9788","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9788"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:N/A:P"},{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1470748","reference_id":"1470748","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1470748"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868467","reference_id":"868467","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868467"},{"reference_url":"https://security.archlinux.org/ASA-201707-15","reference_id":"ASA-201707-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201707-15"},{"reference_url":"https://security.archlinux.org/AVG-350","reference_id":"AVG-350","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-350"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2017-9788.json","reference_id":"CVE-2017-9788","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2017-9788.json"},{"reference_url":"https://security.gentoo.org/glsa/201710-32","reference_id":"GLSA-201710-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-32"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2478","reference_id":"RHSA-2017:2478","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2478"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2479","reference_id":"RHSA-2017:2479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2483","reference_id":"RHSA-2017:2483","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2483"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2708","reference_id":"RHSA-2017:2708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2708"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2709","reference_id":"RHSA-2017:2709","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2709"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2710","reference_id":"RHSA-2017:2710","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2710"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3193","reference_id":"RHSA-2017:3193","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3193"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3194","reference_id":"RHSA-2017:3194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3194"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3195","reference_id":"RHSA-2017:3195","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3195"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3239","reference_id":"RHSA-2017:3239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3240","reference_id":"RHSA-2017:3240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3240"},{"reference_url":"https://usn.ubuntu.com/3370-1/","reference_id":"USN-3370-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3370-1/"},{"reference_url":"https://usn.ubuntu.com/3370-2/","reference_id":"USN-3370-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3370-2/"}],"fixed_packages":[],"aliases":["CVE-2017-9788"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jt89-ruvk-1kbj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37005?format=json","vulnerability_id":"VCID-x54g-mhs4-mug4","summary":"Multiple vulnerabilities have been found in Oracle's JRE and JDK\n    software suites, the worst of which may allow execution of arbitrary code","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2183.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2183.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2183","reference_id":"","reference_type":"","scores":[{"value":"0.37753","scoring_system":"epss","scoring_elements":"0.97224","published_at":"2026-05-05T12:55:00Z"},{"value":"0.37753","scoring_system":"epss","scoring_elements":"0.97219","published_at":"2026-04-29T12:55:00Z"},{"value":"0.40993","scoring_system":"epss","scoring_elements":"0.97356","published_at":"2026-04-01T12:55:00Z"},{"value":"0.40993","scoring_system":"epss","scoring_elements":"0.97378","published_at":"2026-04-13T12:55:00Z"},{"value":"0.40993","scoring_system":"epss","scoring_elements":"0.97386","published_at":"2026-04-16T12:55:00Z"},{"value":"0.40993","scoring_system":"epss","scoring_elements":"0.97389","published_at":"2026-04-18T12:55:00Z"},{"value":"0.40993","scoring_system":"epss","scoring_elements":"0.97362","published_at":"2026-04-02T12:55:00Z"},{"value":"0.40993","scoring_system":"epss","scoring_elements":"0.97366","published_at":"2026-04-04T12:55:00Z"},{"value":"0.40993","scoring_system":"epss","scoring_elements":"0.97367","published_at":"2026-04-07T12:55:00Z"},{"value":"0.40993","scoring_system":"epss","scoring_elements":"0.97374","published_at":"2026-04-08T12:55:00Z"},{"value":"0.40993","scoring_system":"epss","scoring_elements":"0.97375","published_at":"2026-04-09T12:55:00Z"},{"value":"0.40993","scoring_system":"epss","scoring_elements":"0.97377","published_at":"2026-04-11T12:55:00Z"},{"value":"0.41582","scoring_system":"epss","scoring_elements":"0.97426","published_at":"2026-04-26T12:55:00Z"},{"value":"0.41582","scoring_system":"epss","scoring_elements":"0.97424","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2183"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1369383","reference_id":"1369383","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1369383"},{"reference_url":"https://security.archlinux.org/ASA-201609-23","reference_id":"ASA-201609-23","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-23"},{"reference_url":"https://security.archlinux.org/ASA-201609-24","reference_id":"ASA-201609-24","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-24"},{"reference_url":"https://security.archlinux.org/AVG-29","reference_id":"AVG-29","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-29"},{"reference_url":"https://security.archlinux.org/AVG-30","reference_id":"AVG-30","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-30"},{"reference_url":"https://security.gentoo.org/glsa/201612-16","reference_id":"GLSA-201612-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-16"},{"reference_url":"https://security.gentoo.org/glsa/201701-65","reference_id":"GLSA-201701-65","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-65"},{"reference_url":"https://security.gentoo.org/glsa/201707-01","reference_id":"GLSA-201707-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201707-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1940","reference_id":"RHSA-2016:1940","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1940"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0336","reference_id":"RHSA-2017:0336","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0336"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0337","reference_id":"RHSA-2017:0337","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0337"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0338","reference_id":"RHSA-2017:0338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0462","reference_id":"RHSA-2017:0462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1216","reference_id":"RHSA-2017:1216","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1216"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2708","reference_id":"RHSA-2017:2708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2708"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2709","reference_id":"RHSA-2017:2709","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2709"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2710","reference_id":"RHSA-2017:2710","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2710"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3239","reference_id":"RHSA-2017:3239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3240","reference_id":"RHSA-2017:3240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2123","reference_id":"RHSA-2018:2123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2123"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1245","reference_id":"RHSA-2019:1245","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1245"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2859","reference_id":"RHSA-2019:2859","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2859"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0451","reference_id":"RHSA-2020:0451","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0451"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3842","reference_id":"RHSA-2020:3842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0308","reference_id":"RHSA-2021:0308","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0308"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2438","reference_id":"RHSA-2021:2438","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2438"},{"reference_url":"https://usn.ubuntu.com/3087-1/","reference_id":"USN-3087-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3087-1/"},{"reference_url":"https://usn.ubuntu.com/3179-1/","reference_id":"USN-3179-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3179-1/"},{"reference_url":"https://usn.ubuntu.com/3194-1/","reference_id":"USN-3194-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3194-1/"},{"reference_url":"https://usn.ubuntu.com/3198-1/","reference_id":"USN-3198-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3198-1/"},{"reference_url":"https://usn.ubuntu.com/3270-1/","reference_id":"USN-3270-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3270-1/"},{"reference_url":"https://usn.ubuntu.com/3372-1/","reference_id":"USN-3372-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3372-1/"}],"fixed_packages":[],"aliases":["CVE-2016-2183"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x54g-mhs4-mug4"}],"fixing_vulnerabilities":[],"risk_score":"4.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.23-122.jbcs%3Farch=el7"}