{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/11944?format=json","vulnerability_id":"VCID-r67p-yqg2-9bbq","summary":"Improper Input Validation and Injection in Apache Log4j2\nApache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to an attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.","aliases":[{"alias":"CVE-2021-44832"},{"alias":"GHSA-8489-44mv-ggj8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583999?format=json","purl":"pkg:deb/debian/apache-log4j2@2.17.1-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j2@2.17.1-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1054116?format=json","purl":"pkg:deb/debian/apache-log4j2@2.17.1-1~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gcyx-fdns-k3bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j2@2.17.1-1~deb11u1"},{"url":"http://public2.vulnerablecode.io/api/packages/586066?format=json","purl":"pkg:deb/debian/apache-log4j2@2.17.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j2@2.17.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584000?format=json","purl":"pkg:deb/debian/apache-log4j2@2.19.0-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gcyx-fdns-k3bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j2@2.19.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42879?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74dr-6hxt-tbgu"},{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-mz9r-j78c-dfe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.3.2"},{"url":"http://public2.vulnerablecode.io/api/packages/42880?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.12.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nzu-3a6y-jqab"},{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.12.4"},{"url":"http://public2.vulnerablecode.io/api/packages/42881?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.17.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nzu-3a6y-jqab"},{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.17.1"},{"url":"http://public2.vulnerablecode.io/api/packages/42077?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.9.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gnhu-4afv-pfhy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.9.2"},{"url":"http://public2.vulnerablecode.io/api/packages/42590?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gnhu-4afv-pfhy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.9"},{"url":"http://public2.vulnerablecode.io/api/packages/42972?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.13"},{"url":"http://public2.vulnerablecode.io/api/packages/42974?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.14","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.14"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1038193?format=json","purl":"pkg:deb/debian/apache-log4j2@2.0~beta9-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74dr-6hxt-tbgu"},{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-mz9r-j78c-dfe3"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j2@2.0~beta9-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1038194?format=json","purl":"pkg:deb/debian/apache-log4j2@2.7-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-mz9r-j78c-dfe3"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j2@2.7-2"},{"url":"http://public2.vulnerablecode.io/api/packages/1038195?format=json","purl":"pkg:deb/debian/apache-log4j2@2.17.1-1~deb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j2@2.17.1-1~deb10u1"},{"url":"http://public2.vulnerablecode.io/api/packages/42876?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.0-beta7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-khr7-6pza-afab"},{"vulnerability":"VCID-mz9r-j78c-dfe3"},{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.0-beta7"},{"url":"http://public2.vulnerablecode.io/api/packages/205213?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.0-beta8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-khr7-6pza-afab"},{"vulnerability":"VCID-mz9r-j78c-dfe3"},{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.0-beta8"},{"url":"http://public2.vulnerablecode.io/api/packages/67065?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.0-beta9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-khr7-6pza-afab"},{"vulnerability":"VCID-mz9r-j78c-dfe3"},{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.0-beta9"},{"url":"http://public2.vulnerablecode.io/api/packages/205214?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.0-rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-khr7-6pza-afab"},{"vulnerability":"VCID-mz9r-j78c-dfe3"},{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.0-rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/205215?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.0-rc2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-khr7-6pza-afab"},{"vulnerability":"VCID-mz9r-j78c-dfe3"},{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.0-rc2"},{"url":"http://public2.vulnerablecode.io/api/packages/56413?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74dr-6hxt-tbgu"},{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-mz9r-j78c-dfe3"},{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/198543?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74dr-6hxt-tbgu"},{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-mz9r-j78c-dfe3"},{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/198544?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74dr-6hxt-tbgu"},{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-mz9r-j78c-dfe3"},{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/198545?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74dr-6hxt-tbgu"},{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-mz9r-j78c-dfe3"},{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.1"},{"url":"http://public2.vulnerablecode.io/api/packages/198546?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74dr-6hxt-tbgu"},{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-mz9r-j78c-dfe3"},{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.2"},{"url":"http://public2.vulnerablecode.io/api/packages/198547?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74dr-6hxt-tbgu"},{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-mz9r-j78c-dfe3"},{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/42059?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.3.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74dr-6hxt-tbgu"},{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-mz9r-j78c-dfe3"},{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/42877?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74dr-6hxt-tbgu"},{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-mz9r-j78c-dfe3"},{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.4"},{"url":"http://public2.vulnerablecode.io/api/packages/198548?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74dr-6hxt-tbgu"},{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-mz9r-j78c-dfe3"},{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.4.1"},{"url":"http://public2.vulnerablecode.io/api/packages/198549?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74dr-6hxt-tbgu"},{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-mz9r-j78c-dfe3"},{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.5"},{"url":"http://public2.vulnerablecode.io/api/packages/198550?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74dr-6hxt-tbgu"},{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-mz9r-j78c-dfe3"},{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.6"},{"url":"http://public2.vulnerablecode.io/api/packages/198551?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.6.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74dr-6hxt-tbgu"},{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-mz9r-j78c-dfe3"},{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.6.1"},{"url":"http://public2.vulnerablecode.io/api/packages/198552?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.6.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74dr-6hxt-tbgu"},{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-mz9r-j78c-dfe3"},{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.6.2"},{"url":"http://public2.vulnerablecode.io/api/packages/198553?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74dr-6hxt-tbgu"},{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-mz9r-j78c-dfe3"},{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.7"},{"url":"http://public2.vulnerablecode.io/api/packages/198554?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74dr-6hxt-tbgu"},{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-mz9r-j78c-dfe3"},{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.8"},{"url":"http://public2.vulnerablecode.io/api/packages/198555?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.8.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74dr-6hxt-tbgu"},{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-mz9r-j78c-dfe3"},{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.8.1"},{"url":"http://public2.vulnerablecode.io/api/packages/73011?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.8.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-mz9r-j78c-dfe3"},{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.8.2"},{"url":"http://public2.vulnerablecode.io/api/packages/205216?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.9.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-mz9r-j78c-dfe3"},{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.9.0"},{"url":"http://public2.vulnerablecode.io/api/packages/205217?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.9.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-mz9r-j78c-dfe3"},{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.9.1"},{"url":"http://public2.vulnerablecode.io/api/packages/205218?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-mz9r-j78c-dfe3"},{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.10.0"},{"url":"http://public2.vulnerablecode.io/api/packages/205219?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.11.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-mz9r-j78c-dfe3"},{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.11.0"},{"url":"http://public2.vulnerablecode.io/api/packages/205220?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.11.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-mz9r-j78c-dfe3"},{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.11.1"},{"url":"http://public2.vulnerablecode.io/api/packages/205221?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.11.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-mz9r-j78c-dfe3"},{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.11.2"},{"url":"http://public2.vulnerablecode.io/api/packages/205222?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.12.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nzu-3a6y-jqab"},{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-mz9r-j78c-dfe3"},{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.12.0"},{"url":"http://public2.vulnerablecode.io/api/packages/205223?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.12.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nzu-3a6y-jqab"},{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-mz9r-j78c-dfe3"},{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.12.1"},{"url":"http://public2.vulnerablecode.io/api/packages/42060?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.12.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nzu-3a6y-jqab"},{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-mz9r-j78c-dfe3"},{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.12.2"},{"url":"http://public2.vulnerablecode.io/api/packages/42585?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.12.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nzu-3a6y-jqab"},{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.12.3"},{"url":"http://public2.vulnerablecode.io/api/packages/42878?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.13.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nzu-3a6y-jqab"},{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-mz9r-j78c-dfe3"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.13.0"},{"url":"http://public2.vulnerablecode.io/api/packages/205224?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.13.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nzu-3a6y-jqab"},{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-mz9r-j78c-dfe3"},{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.13.1"},{"url":"http://public2.vulnerablecode.io/api/packages/73345?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.13.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nzu-3a6y-jqab"},{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.13.2"},{"url":"http://public2.vulnerablecode.io/api/packages/275967?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.13.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nzu-3a6y-jqab"},{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.13.3"},{"url":"http://public2.vulnerablecode.io/api/packages/275968?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.14.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nzu-3a6y-jqab"},{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.14.0"},{"url":"http://public2.vulnerablecode.io/api/packages/275969?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.14.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nzu-3a6y-jqab"},{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.14.1"},{"url":"http://public2.vulnerablecode.io/api/packages/42058?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.15.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nzu-3a6y-jqab"},{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.15.0"},{"url":"http://public2.vulnerablecode.io/api/packages/42269?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.16.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nzu-3a6y-jqab"},{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.16.0"},{"url":"http://public2.vulnerablecode.io/api/packages/42586?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.17.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nzu-3a6y-jqab"},{"vulnerability":"VCID-gcyx-fdns-k3bt"},{"vulnerability":"VCID-hhc8-3wd3-4bh5"},{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.17.0"},{"url":"http://public2.vulnerablecode.io/api/packages/42072?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gnhu-4afv-pfhy"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.0"},{"url":"http://public2.vulnerablecode.io/api/packages/274202?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gnhu-4afv-pfhy"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.1"},{"url":"http://public2.vulnerablecode.io/api/packages/274203?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gnhu-4afv-pfhy"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.2"},{"url":"http://public2.vulnerablecode.io/api/packages/274204?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gnhu-4afv-pfhy"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.3"},{"url":"http://public2.vulnerablecode.io/api/packages/274205?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gnhu-4afv-pfhy"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.4"},{"url":"http://public2.vulnerablecode.io/api/packages/274206?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gnhu-4afv-pfhy"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.5"},{"url":"http://public2.vulnerablecode.io/api/packages/274207?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gnhu-4afv-pfhy"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.6"},{"url":"http://public2.vulnerablecode.io/api/packages/274208?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gnhu-4afv-pfhy"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.7"},{"url":"http://public2.vulnerablecode.io/api/packages/274209?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.9.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gnhu-4afv-pfhy"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.9.0"},{"url":"http://public2.vulnerablecode.io/api/packages/274210?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.9.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gnhu-4afv-pfhy"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.9.1"},{"url":"http://public2.vulnerablecode.io/api/packages/42073?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gnhu-4afv-pfhy"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.0"},{"url":"http://public2.vulnerablecode.io/api/packages/274211?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gnhu-4afv-pfhy"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.1"},{"url":"http://public2.vulnerablecode.io/api/packages/274212?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gnhu-4afv-pfhy"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.2"},{"url":"http://public2.vulnerablecode.io/api/packages/274213?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gnhu-4afv-pfhy"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.3"},{"url":"http://public2.vulnerablecode.io/api/packages/274214?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gnhu-4afv-pfhy"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.4"},{"url":"http://public2.vulnerablecode.io/api/packages/274215?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gnhu-4afv-pfhy"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.5"},{"url":"http://public2.vulnerablecode.io/api/packages/274216?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gnhu-4afv-pfhy"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.6"},{"url":"http://public2.vulnerablecode.io/api/packages/274217?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gnhu-4afv-pfhy"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.7"},{"url":"http://public2.vulnerablecode.io/api/packages/42078?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gnhu-4afv-pfhy"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.8"},{"url":"http://public2.vulnerablecode.io/api/packages/42074?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gnhu-4afv-pfhy"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.0"},{"url":"http://public2.vulnerablecode.io/api/packages/274218?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gnhu-4afv-pfhy"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.1"},{"url":"http://public2.vulnerablecode.io/api/packages/274219?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gnhu-4afv-pfhy"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.2"},{"url":"http://public2.vulnerablecode.io/api/packages/274220?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gnhu-4afv-pfhy"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.3"},{"url":"http://public2.vulnerablecode.io/api/packages/274221?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gnhu-4afv-pfhy"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.4"},{"url":"http://public2.vulnerablecode.io/api/packages/274222?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gnhu-4afv-pfhy"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.5"},{"url":"http://public2.vulnerablecode.io/api/packages/274223?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gnhu-4afv-pfhy"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.6"},{"url":"http://public2.vulnerablecode.io/api/packages/274224?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gnhu-4afv-pfhy"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.7"},{"url":"http://public2.vulnerablecode.io/api/packages/274225?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gnhu-4afv-pfhy"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.8"},{"url":"http://public2.vulnerablecode.io/api/packages/274226?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gnhu-4afv-pfhy"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.9"},{"url":"http://public2.vulnerablecode.io/api/packages/42079?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.10"},{"url":"http://public2.vulnerablecode.io/api/packages/42299?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.11"},{"url":"http://public2.vulnerablecode.io/api/packages/42591?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.12"},{"url":"http://public2.vulnerablecode.io/api/packages/42076?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gnhu-4afv-pfhy"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/274227?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gnhu-4afv-pfhy"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/274228?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gnhu-4afv-pfhy"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/274229?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gnhu-4afv-pfhy"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.3"},{"url":"http://public2.vulnerablecode.io/api/packages/274230?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gnhu-4afv-pfhy"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.4"},{"url":"http://public2.vulnerablecode.io/api/packages/274231?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gnhu-4afv-pfhy"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.5"},{"url":"http://public2.vulnerablecode.io/api/packages/274232?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gnhu-4afv-pfhy"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.6"},{"url":"http://public2.vulnerablecode.io/api/packages/274233?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gnhu-4afv-pfhy"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.7"},{"url":"http://public2.vulnerablecode.io/api/packages/274234?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gnhu-4afv-pfhy"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.8"},{"url":"http://public2.vulnerablecode.io/api/packages/274235?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gnhu-4afv-pfhy"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.9"},{"url":"http://public2.vulnerablecode.io/api/packages/274236?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-gnhu-4afv-pfhy"},{"vulnerability":"VCID-jwav-88m7-6fhz"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.10"},{"url":"http://public2.vulnerablecode.io/api/packages/42080?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.11"},{"url":"http://public2.vulnerablecode.io/api/packages/42300?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.12"},{"url":"http://public2.vulnerablecode.io/api/packages/42592?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-r67p-yqg2-9bbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.13"},{"url":"http://public2.vulnerablecode.io/api/packages/99531?format=json","purl":"pkg:rpm/redhat/eap7-log4j@2.17.1-1.redhat_00001.1?arch=el8eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vfk-arae-ubha"},{"vulnerability":"VCID-698m-2hju-2qcv"},{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-9k99-jzq8-fyge"},{"vulnerability":"VCID-bbq3-tx7c-yucn"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-log4j@2.17.1-1.redhat_00001.1%3Farch=el8eap"},{"url":"http://public2.vulnerablecode.io/api/packages/99613?format=json","purl":"pkg:rpm/redhat/eap7-log4j@2.17.1-1.redhat_00001.1?arch=el7eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vfk-arae-ubha"},{"vulnerability":"VCID-698m-2hju-2qcv"},{"vulnerability":"VCID-8977-tjss-w7ba"},{"vulnerability":"VCID-9k99-jzq8-fyge"},{"vulnerability":"VCID-bbq3-tx7c-yucn"},{"vulnerability":"VCID-r67p-yqg2-9bbq"},{"vulnerability":"VCID-sjuz-dd96-sqe3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-log4j@2.17.1-1.redhat_00001.1%3Farch=el7eap"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44832.json","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44832.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44832","reference_id":"","reference_type":"","scores":[{"value":"0.50443","scoring_system":"epss","scoring_elements":"0.97871","published_at":"2026-05-15T12:55:00Z"},{"value":"0.50443","scoring_system":"epss","scoring_elements":"0.97868","published_at":"2026-05-14T12:55:00Z"},{"value":"0.50443","scoring_system":"epss","scoring_elements":"0.97863","published_at":"2026-05-12T12:55:00Z"},{"value":"0.50443","scoring_system":"epss","scoring_elements":"0.9786","published_at":"2026-05-11T12:55:00Z"},{"value":"0.50443","scoring_system":"epss","scoring_elements":"0.97858","published_at":"2026-05-07T12:55:00Z"},{"value":"0.50443","scoring_system":"epss","scoring_elements":"0.97859","published_at":"2026-05-05T12:55:00Z"},{"value":"0.50589","scoring_system":"epss","scoring_elements":"0.9785","published_at":"2026-04-13T12:55:00Z"},{"value":"0.53648","scoring_system":"epss","scoring_elements":"0.97987","published_at":"2026-04-08T12:55:00Z"},{"value":"0.53648","scoring_system":"epss","scoring_elements":"0.98003","published_at":"2026-04-29T12:55:00Z"},{"value":"0.53648","scoring_system":"epss","scoring_elements":"0.97999","published_at":"2026-04-26T12:55:00Z"},{"value":"0.53648","scoring_system":"epss","scoring_elements":"0.98001","published_at":"2026-04-18T12:55:00Z"},{"value":"0.53648","scoring_system":"epss","scoring_elements":"0.98","published_at":"2026-04-16T12:55:00Z"},{"value":"0.53648","scoring_system":"epss","scoring_elements":"0.97993","published_at":"2026-04-12T12:55:00Z"},{"value":"0.53648","scoring_system":"epss","scoring_elements":"0.97991","published_at":"2026-04-11T12:55:00Z"},{"value":"0.53648","scoring_system":"epss","scoring_elements":"0.97989","published_at":"2026-04-09T12:55:00Z"},{"value":"0.53648","scoring_system":"epss","scoring_elements":"0.97976","published_at":"2026-04-01T12:55:00Z"},{"value":"0.53648","scoring_system":"epss","scoring_elements":"0.97979","published_at":"2026-04-02T12:55:00Z"},{"value":"0.53648","scoring_system":"epss","scoring_elements":"0.97981","published_at":"2026-04-04T12:55:00Z"},{"value":"0.53648","scoring_system":"epss","scoring_elements":"0.97982","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44832"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44832","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44832"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/apache/logging-log4j2","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/logging-log4j2"},{"reference_url":"https://issues.apache.org/jira/browse/LOG4J2-3293","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://issues.apache.org/jira/browse/LOG4J2-3293"},{"reference_url":"https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC"},{"reference_url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220104-0001","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20220104-0001"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2022.html","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuapr2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2022.html","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpujan2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2022.html","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/12/28/1","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2021/12/28/1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1002813","reference_id":"1002813","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1002813"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2035951","reference_id":"2035951","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2035951"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-44832","reference_id":"CVE-2021-44832","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-44832"},{"reference_url":"https://github.com/advisories/GHSA-8489-44mv-ggj8","reference_id":"GHSA-8489-44mv-ggj8","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8489-44mv-ggj8"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0083","reference_id":"RHSA-2022:0083","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0083"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0138","reference_id":"RHSA-2022:0138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0181","reference_id":"RHSA-2022:0181","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0181"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0203","reference_id":"RHSA-2022:0203","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0203"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0205","reference_id":"RHSA-2022:0205","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0205"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0216","reference_id":"RHSA-2022:0216","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0216"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0222","reference_id":"RHSA-2022:0222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0223","reference_id":"RHSA-2022:0223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0225","reference_id":"RHSA-2022:0225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0225"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0226","reference_id":"RHSA-2022:0226","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0226"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0227","reference_id":"RHSA-2022:0227","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0227"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0230","reference_id":"RHSA-2022:0230","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0230"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0236","reference_id":"RHSA-2022:0236","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0236"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0467","reference_id":"RHSA-2022:0467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0467"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0485","reference_id":"RHSA-2022:0485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0493","reference_id":"RHSA-2022:0493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1296","reference_id":"RHSA-2022:1296","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1296"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1297","reference_id":"RHSA-2022:1297","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1297"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1299","reference_id":"RHSA-2022:1299","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1299"},{"reference_url":"https://usn.ubuntu.com/5222-1/","reference_id":"USN-5222-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5222-1/"}],"weaknesses":[{"cwe_id":20,"name":"Improper Input Validation","description":"The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly."},{"cwe_id":74,"name":"Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')","description":"The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."},{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."},{"cwe_id":78,"name":"Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","description":"The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component."}],"exploits":[],"severity_range_score":"4.0 - 6.9","exploitability":"0.5","weighted_severity":"6.2","risk_score":3.1,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r67p-yqg2-9bbq"}