{"url":"http://public2.vulnerablecode.io/api/packages/99704?format=json","purl":"pkg:rpm/redhat/rh-sso7-keycloak@15.0.6-1.redhat_00001.1?arch=el8sso","type":"rpm","namespace":"redhat","name":"rh-sso7-keycloak","version":"15.0.6-1.redhat_00001.1","qualifiers":{"arch":"el8sso"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/11891?format=json","vulnerability_id":"VCID-sjuz-dd96-sqe3","summary":"Uncontrolled Recursion\nThis advisory has been marked as a false positive.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-45105.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-45105.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-45105","reference_id":"","reference_type":"","scores":[{"value":"0.70431","scoring_system":"epss","scoring_elements":"0.98697","published_at":"2026-04-24T12:55:00Z"},{"value":"0.70431","scoring_system":"epss","scoring_elements":"0.98706","published_at":"2026-05-09T12:55:00Z"},{"value":"0.70431","scoring_system":"epss","scoring_elements":"0.98704","published_at":"2026-05-05T12:55:00Z"},{"value":"0.70431","scoring_system":"epss","scoring_elements":"0.987","published_at":"2026-04-29T12:55:00Z"},{"value":"0.70431","scoring_system":"epss","scoring_elements":"0.98699","published_at":"2026-04-26T12:55:00Z"},{"value":"0.70431","scoring_system":"epss","scoring_elements":"0.98693","published_at":"2026-04-21T12:55:00Z"},{"value":"0.70431","scoring_system":"epss","scoring_elements":"0.98692","published_at":"2026-04-18T12:55:00Z"},{"value":"0.70431","scoring_system":"epss","scoring_elements":"0.98691","published_at":"2026-04-16T12:55:00Z"},{"value":"0.70431","scoring_system":"epss","scoring_elements":"0.98688","published_at":"2026-04-13T12:55:00Z"},{"value":"0.70431","scoring_system":"epss","scoring_elements":"0.98687","published_at":"2026-04-12T12:55:00Z"},{"value":"0.70431","scoring_system":"epss","scoring_elements":"0.98685","published_at":"2026-04-09T12:55:00Z"},{"value":"0.71364","scoring_system":"epss","scoring_elements":"0.98717","published_at":"2026-04-08T12:55:00Z"},{"value":"0.71364","scoring_system":"epss","scoring_elements":"0.98716","published_at":"2026-04-07T12:55:00Z"},{"value":"0.71364","scoring_system":"epss","scoring_elements":"0.98713","published_at":"2026-04-04T12:55:00Z"},{"value":"0.71364","scoring_system":"epss","scoring_elements":"0.98709","published_at":"2026-04-02T12:55:00Z"},{"value":"0.71364","scoring_system":"epss","scoring_elements":"0.98708","published_at":"2026-04-01T12:55:00Z"},{"value":"0.74536","scoring_system":"epss","scoring_elements":"0.98873","published_at":"2026-05-12T12:55:00Z"},{"value":"0.74536","scoring_system":"epss","scoring_elements":"0.98872","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-45105"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45105","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45105"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/12/msg00017.html","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2021/12/msg00017.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EOKPQGV24RRBBI4TBZUDQMM4MEH7MXCY","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EOKPQGV24RRBBI4TBZUDQMM4MEH7MXCY"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EOKPQGV24RRBBI4TBZUDQMM4MEH7MXCY/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EOKPQGV24RRBBI4TBZUDQMM4MEH7MXCY/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SIG7FZULMNK2XF6FZRU4VWYDQXNMUGAJ","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SIG7FZULMNK2XF6FZRU4VWYDQXNMUGAJ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SIG7FZULMNK2XF6FZRU4VWYDQXNMUGAJ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SIG7FZULMNK2XF6FZRU4VWYDQXNMUGAJ/"},{"reference_url":"https://logging.apache.org/log4j/2.x/security.html","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://logging.apache.org/log4j/2.x/security.html"},{"reference_url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032"},{"reference_url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"},{"reference_url":"https://security.netapp.com/advisory/ntap-20211218-0001","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20211218-0001"},{"reference_url":"https://security.netapp.com/advisory/ntap-20211218-0001/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20211218-0001/"},{"reference_url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd","reference_id":"","reference_type":"","scores":[],"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"},{"reference_url":"https://www.debian.org/security/2021/dsa-5024","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2021/dsa-5024"},{"reference_url":"https://www.kb.cert.org/vuls/id/930724","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.kb.cert.org/vuls/id/930724"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2022.html","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuapr2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2022.html","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpujan2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2022.html","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-21-1541","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-21-1541"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-21-1541/","reference_id":"","reference_type":"","scores":[],"url":"https://www.zerodayinitiative.com/advisories/ZDI-21-1541/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/12/19/1","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2021/12/19/1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1001891","reference_id":"1001891","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1001891"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2034067","reference_id":"2034067","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2034067"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-45105","reference_id":"CVE-2021-45105","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-45105"},{"reference_url":"https://github.com/advisories/GHSA-p6xc-xr62-6r2g","reference_id":"GHSA-p6xc-xr62-6r2g","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-p6xc-xr62-6r2g"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0026","reference_id":"RHSA-2022:0026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0042","reference_id":"RHSA-2022:0042","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0042"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0043","reference_id":"RHSA-2022:0043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0043"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0044","reference_id":"RHSA-2022:0044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0047","reference_id":"RHSA-2022:0047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0083","reference_id":"RHSA-2022:0083","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0083"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0203","reference_id":"RHSA-2022:0203","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0203"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0205","reference_id":"RHSA-2022:0205","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0205"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0216","reference_id":"RHSA-2022:0216","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0216"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0219","reference_id":"RHSA-2022:0219","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0219"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0222","reference_id":"RHSA-2022:0222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0223","reference_id":"RHSA-2022:0223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1296","reference_id":"RHSA-2022:1296","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1296"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1297","reference_id":"RHSA-2022:1297","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1297"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1299","reference_id":"RHSA-2022:1299","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1299"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1462","reference_id":"RHSA-2022:1462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1463","reference_id":"RHSA-2022:1463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1469","reference_id":"RHSA-2022:1469","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1469"},{"reference_url":"https://usn.ubuntu.com/5203-1/","reference_id":"USN-5203-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5203-1/"},{"reference_url":"https://usn.ubuntu.com/5222-1/","reference_id":"USN-5222-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5222-1/"}],"fixed_packages":[],"aliases":["CVE-2021-45105","GHSA-p6xc-xr62-6r2g"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sjuz-dd96-sqe3"}],"fixing_vulnerabilities":[],"risk_score":"4.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@15.0.6-1.redhat_00001.1%3Farch=el8sso"}