{"url":"http://public2.vulnerablecode.io/api/packages/525836?format=json","purl":"pkg:maven/com.amazonaws/aws-iot-device-sdk-java@1.2.0","type":"maven","namespace":"com.amazonaws","name":"aws-iot-device-sdk-java","version":"1.2.0","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1.4.2","latest_non_vulnerable_version":"1.5.0","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/206684?format=json","vulnerability_id":"VCID-45fj-a7yk-s3br","summary":"Improper certificate management in AWS IoT Device SDK v2","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-40831","reference_id":"","reference_type":"","scores":[{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.51509","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-40831"},{"reference_url":"https://github.com/aws/aws-iot-device-sdk-cpp-v2","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/aws/aws-iot-device-sdk-cpp-v2"},{"reference_url":"https://github.com/aws/aws-iot-device-sdk-java-v2","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/aws/aws-iot-device-sdk-java-v2"},{"reference_url":"https://github.com/aws/aws-iot-device-sdk-java-v2/commit/46375e9b1bfb34109b9ff3b1eff9c770f9daa186","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/aws/aws-iot-device-sdk-java-v2/commit/46375e9b1bfb34109b9ff3b1eff9c770f9daa186"},{"reference_url":"https://github.com/aws/aws-iot-device-sdk-js-v2","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/aws/aws-iot-device-sdk-js-v2"},{"reference_url":"https://github.com/aws/aws-iot-device-sdk-js-v2/commit/22f1989f5bdb0bdd9c912a5a2d255ee6c0854f68","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/aws/aws-iot-device-sdk-js-v2/commit/22f1989f5bdb0bdd9c912a5a2d255ee6c0854f68"},{"reference_url":"https://github.com/aws/aws-iot-device-sdk-python-v2","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/aws/aws-iot-device-sdk-python-v2"},{"reference_url":"https://github.com/aws/aws-iot-device-sdk-python-v2/commit/5aef82573202309063eb540b72cee0e565f85a2d","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/aws/aws-iot-device-sdk-python-v2/commit/5aef82573202309063eb540b72cee0e565f85a2d"},{"reference_url":"https://github.com/awslabs/aws-c-io","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/awslabs/aws-c-io"},{"reference_url":"https://github.com/awslabs/aws-c-io/","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/awslabs/aws-c-io/"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/awsiotsdk/PYSEC-2021-864.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/awsiotsdk/PYSEC-2021-864.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-40831","reference_id":"CVE-2021-40831","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-40831"},{"reference_url":"https://github.com/advisories/GHSA-j3f7-7rmc-6wqj","reference_id":"GHSA-j3f7-7rmc-6wqj","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-j3f7-7rmc-6wqj"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/391933?format=json","purl":"pkg:maven/com.amazonaws/aws-iot-device-sdk-java@1.5.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.amazonaws/aws-iot-device-sdk-java@1.5.0"}],"aliases":["CVE-2021-40831","GHSA-j3f7-7rmc-6wqj","PYSEC-2021-864"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-45fj-a7yk-s3br"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/206697?format=json","vulnerability_id":"VCID-bpb2-ryh1-37dw","summary":"Improper certificate management in AWS IoT Device SDK v2","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-40829","reference_id":"","reference_type":"","scores":[{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.27493","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-40829"},{"reference_url":"https://github.com/aws/aws-iot-device-sdk-cpp-v2","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/aws/aws-iot-device-sdk-cpp-v2"},{"reference_url":"https://github.com/aws/aws-iot-device-sdk-java-v2","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/aws/aws-iot-device-sdk-java-v2"},{"reference_url":"https://github.com/aws/aws-iot-device-sdk-java-v2/commits/v1.4.2","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/aws/aws-iot-device-sdk-java-v2/commits/v1.4.2"},{"reference_url":"https://github.com/aws/aws-iot-device-sdk-js-v2","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/aws/aws-iot-device-sdk-js-v2"},{"reference_url":"https://github.com/aws/aws-iot-device-sdk-python-v2","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/aws/aws-iot-device-sdk-python-v2"},{"reference_url":"https://github.com/awslabs/aws-c-io","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/awslabs/aws-c-io"},{"reference_url":"https://github.com/awslabs/aws-c-io/","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/awslabs/aws-c-io/"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/awsiotsdk/PYSEC-2021-862.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/awsiotsdk/PYSEC-2021-862.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-40829","reference_id":"CVE-2021-40829","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-40829"},{"reference_url":"https://github.com/advisories/GHSA-743r-5g92-5vgf","reference_id":"GHSA-743r-5g92-5vgf","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-743r-5g92-5vgf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/391932?format=json","purl":"pkg:maven/com.amazonaws/aws-iot-device-sdk-java@1.4.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.amazonaws/aws-iot-device-sdk-java@1.4.2"}],"aliases":["CVE-2021-40829","GHSA-743r-5g92-5vgf","PYSEC-2021-862"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bpb2-ryh1-37dw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/206693?format=json","vulnerability_id":"VCID-n19n-umqd-rqaj","summary":"Improper certificate management in AWS IoT Device SDK v2","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-40828","reference_id":"","reference_type":"","scores":[{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.27493","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-40828"},{"reference_url":"https://github.com/aws/aws-iot-device-sdk-cpp-v2","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"5.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/aws/aws-iot-device-sdk-cpp-v2"},{"reference_url":"https://github.com/aws/aws-iot-device-sdk-java-v2","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"5.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/aws/aws-iot-device-sdk-java-v2"},{"reference_url":"https://github.com/aws/aws-iot-device-sdk-java-v2/commit/67950ad2a02f2f9355c310b69dc9226b017f32f2","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"5.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/aws/aws-iot-device-sdk-java-v2/commit/67950ad2a02f2f9355c310b69dc9226b017f32f2"},{"reference_url":"https://github.com/aws/aws-iot-device-sdk-js-v2","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"5.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/aws/aws-iot-device-sdk-js-v2"},{"reference_url":"https://github.com/aws/aws-iot-device-sdk-js-v2/commit/4be41394f1aee979e6f4b012fcb01eecabd0c08d","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"5.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/aws/aws-iot-device-sdk-js-v2/commit/4be41394f1aee979e6f4b012fcb01eecabd0c08d"},{"reference_url":"https://github.com/aws/aws-iot-device-sdk-python-v2","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"5.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/aws/aws-iot-device-sdk-python-v2"},{"reference_url":"https://github.com/aws/aws-iot-device-sdk-python-v2/commit/fd4c0ba04b35eab9e20c635af5548fcc5a92d8be","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"5.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/aws/aws-iot-device-sdk-python-v2/commit/fd4c0ba04b35eab9e20c635af5548fcc5a92d8be"},{"reference_url":"https://github.com/awslabs/aws-c-io","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"5.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/awslabs/aws-c-io"},{"reference_url":"https://github.com/awslabs/aws-c-io/","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/awslabs/aws-c-io/"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/awsiotsdk/PYSEC-2021-861.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"5.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/awsiotsdk/PYSEC-2021-861.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-40828","reference_id":"CVE-2021-40828","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"5.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-40828"},{"reference_url":"https://github.com/advisories/GHSA-94jq-q5v2-76wj","reference_id":"GHSA-94jq-q5v2-76wj","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-94jq-q5v2-76wj"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/391931?format=json","purl":"pkg:maven/com.amazonaws/aws-iot-device-sdk-java@1.3.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-45fj-a7yk-s3br"},{"vulnerability":"VCID-bpb2-ryh1-37dw"},{"vulnerability":"VCID-tknc-vbsf-6ffx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.amazonaws/aws-iot-device-sdk-java@1.3.3"}],"aliases":["CVE-2021-40828","GHSA-94jq-q5v2-76wj","PYSEC-2021-861"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n19n-umqd-rqaj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/206702?format=json","vulnerability_id":"VCID-tknc-vbsf-6ffx","summary":"Improper certificate management in AWS IoT Device SDK v2","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-40830","reference_id":"","reference_type":"","scores":[{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27657","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-40830"},{"reference_url":"https://github.com/aws/aws-iot-device-sdk-cpp-v2","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/aws/aws-iot-device-sdk-cpp-v2"},{"reference_url":"https://github.com/aws/aws-iot-device-sdk-java-v2","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/aws/aws-iot-device-sdk-java-v2"},{"reference_url":"https://github.com/aws/aws-iot-device-sdk-java-v2/commit/67950ad2a02f2f9355c310b69dc9226b017f32f2","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/aws/aws-iot-device-sdk-java-v2/commit/67950ad2a02f2f9355c310b69dc9226b017f32f2"},{"reference_url":"https://github.com/aws/aws-iot-device-sdk-js-v2","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/aws/aws-iot-device-sdk-js-v2"},{"reference_url":"https://github.com/aws/aws-iot-device-sdk-js-v2/commit/53a36e3ac203291494120604d416b6de59177cac","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/aws/aws-iot-device-sdk-js-v2/commit/53a36e3ac203291494120604d416b6de59177cac"},{"reference_url":"https://github.com/aws/aws-iot-device-sdk-python-v2","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/aws/aws-iot-device-sdk-python-v2"},{"reference_url":"https://github.com/aws/aws-iot-device-sdk-python-v2/commit/0450ce68add7e3d05c6d781ecdac953c299c053a","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/aws/aws-iot-device-sdk-python-v2/commit/0450ce68add7e3d05c6d781ecdac953c299c053a"},{"reference_url":"https://github.com/awslabs/aws-c-io","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/awslabs/aws-c-io"},{"reference_url":"https://github.com/awslabs/aws-c-io/","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/awslabs/aws-c-io/"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/awsiotsdk/PYSEC-2021-863.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/awsiotsdk/PYSEC-2021-863.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-40830","reference_id":"CVE-2021-40830","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-40830"},{"reference_url":"https://github.com/advisories/GHSA-c4rh-4376-gff4","reference_id":"GHSA-c4rh-4376-gff4","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-c4rh-4376-gff4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/391933?format=json","purl":"pkg:maven/com.amazonaws/aws-iot-device-sdk-java@1.5.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.amazonaws/aws-iot-device-sdk-java@1.5.0"}],"aliases":["CVE-2021-40830","GHSA-c4rh-4376-gff4","PYSEC-2021-863"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tknc-vbsf-6ffx"}],"fixing_vulnerabilities":[],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.amazonaws/aws-iot-device-sdk-java@1.2.0"}