Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/13176?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13176?format=api", "vulnerability_id": "VCID-zh9y-6uac-53c6", "summary": "Improper Restriction of XML External Entity Reference in Liquibase\nThe XMLChangeLogSAXParser() function in Liquibase prior to version 4.8.0 contains an issue that may lead to to Improper Restriction of XML External Entity Reference.", "aliases": [ { "alias": "CVE-2022-0839" }, { "alias": "GHSA-jvfv-hrrc-6q72" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/47222?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@4.8.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.8.0" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/288206?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@1.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@1.3.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/288207?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@1.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@1.4.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/288208?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@1.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@1.5.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/288209?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@1.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@1.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/288210?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@1.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@1.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/288211?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@1.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@1.7.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/288212?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@1.8.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@1.8.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/288213?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@1.8.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@1.8.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/288214?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@1.9.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@1.9.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/288215?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@1.9.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@1.9.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/288216?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@1.9.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@1.9.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/288217?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@1.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@1.9.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/288218?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@1.9.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@1.9.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/288219?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@1.9.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@1.9.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/288220?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@2.0-rc3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@2.0-rc3" }, { "url": "http://public2.vulnerablecode.io/api/packages/288221?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@2.0-rc4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@2.0-rc4" }, { "url": "http://public2.vulnerablecode.io/api/packages/288222?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@2.0-rc5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@2.0-rc5" }, { "url": "http://public2.vulnerablecode.io/api/packages/288223?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@2.0-rc6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@2.0-rc6" }, { "url": "http://public2.vulnerablecode.io/api/packages/288224?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@2.0-rc7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@2.0-rc7" }, { "url": "http://public2.vulnerablecode.io/api/packages/288225?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@2.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@2.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/288226?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@2.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@2.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/288227?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@2.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@2.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/288228?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@2.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@2.0.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/288229?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@2.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@2.0.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/288230?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@2.0.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@2.0.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/288231?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.0.0-rc1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.0.0-rc1" }, { "url": "http://public2.vulnerablecode.io/api/packages/288232?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.0.0-rc2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.0.0-rc2" }, { "url": "http://public2.vulnerablecode.io/api/packages/288233?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/288234?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/288235?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/288236?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.0.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/288237?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.0.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/288238?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.0.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.0.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/288239?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.0.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.0.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/288240?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.0.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.0.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/288241?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.0.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.0.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/288242?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/288243?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/288244?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/288245?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/288246?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.2.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/288247?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.2.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/288248?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.3.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/288249?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/288250?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.3.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/288251?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.3.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/288252?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/288253?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.3.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.3.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/288254?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.4.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/288255?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.4.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/288256?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.4.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/288257?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.5.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.5.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/288258?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.5.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/288259?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/288260?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/288261?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.5.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/288262?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.5.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.5.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/288263?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.6.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/288264?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/288265?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.6.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.6.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/288266?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/288267?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.7.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/288268?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.8.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.8.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/288269?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.8.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.8.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/288270?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.8.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.8.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/288271?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.8.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.8.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/288272?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.8.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/288273?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.8.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.8.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/288274?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.8.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.8.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/288275?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.8.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.8.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/288276?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.8.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.8.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/288277?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.8.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.8.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/288278?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.9.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.9.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/288279?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.10.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/288280?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.10.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/288281?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.10.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.10.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/288282?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@3.10.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.10.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/288283?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@4.0.0-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.0.0-beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/288284?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@4.0.0-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.0.0-beta2" }, { "url": "http://public2.vulnerablecode.io/api/packages/288285?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@4.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/288286?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@4.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/288287?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@4.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/288288?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@4.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/288289?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@4.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/288290?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@4.2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.2.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/288291?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@4.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.3.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/288292?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@4.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/288293?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@4.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.3.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/288294?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@4.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.3.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/288295?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@4.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/288296?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@4.3.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.3.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/288297?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@4.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.4.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/288298?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@4.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.4.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/288299?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@4.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.4.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/288300?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@4.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/288301?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@4.5.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.5.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/288302?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@4.6.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/288303?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@4.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/288304?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@4.6.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.6.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/288305?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.7.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/288306?format=api", "purl": "pkg:maven/org.liquibase/liquibase-core@4.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.7.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/99630?format=api", "purl": "pkg:rpm/redhat/rh-sso7@1-4?arch=el7sso", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-em5z-nvqy-fucp" }, { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7@1-4%3Farch=el7sso" }, { "url": "http://public2.vulnerablecode.io/api/packages/99634?format=api", "purl": "pkg:rpm/redhat/rh-sso7@1-4?arch=el8sso", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-em5z-nvqy-fucp" }, { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7@1-4%3Farch=el8sso" }, { "url": "http://public2.vulnerablecode.io/api/packages/99633?format=api", "purl": "pkg:rpm/redhat/rh-sso7-javapackages-tools@3.4.1-5.15.3.jbcs?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2g8t-qjp5-ebc7" }, { "vulnerability": "VCID-85y2-ejk7-qud9" }, { "vulnerability": "VCID-em5z-nvqy-fucp" }, { "vulnerability": "VCID-tzmu-y1p4-8bac" }, { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-javapackages-tools@3.4.1-5.15.3.jbcs%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/99635?format=api", "purl": "pkg:rpm/redhat/rh-sso7-javapackages-tools@3.4.1-5.15.6?arch=el8sso", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-em5z-nvqy-fucp" }, { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-javapackages-tools@3.4.1-5.15.6%3Farch=el8sso" }, { "url": "http://public2.vulnerablecode.io/api/packages/99632?format=api", "purl": "pkg:rpm/redhat/rh-sso7-keycloak@18.0.0-2.redhat_00001.1?arch=el8sso", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-em5z-nvqy-fucp" }, { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@18.0.0-2.redhat_00001.1%3Farch=el8sso" }, { "url": "http://public2.vulnerablecode.io/api/packages/99631?format=api", "purl": "pkg:rpm/redhat/rh-sso7-keycloak@18.0.0-2.redhat_00001.1?arch=el7sso", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-em5z-nvqy-fucp" }, { "vulnerability": "VCID-zh9y-6uac-53c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@18.0.0-2.redhat_00001.1%3Farch=el7sso" } ], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0839.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0839.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0839", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27493", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27564", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27672", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.2773", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27773", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27798", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27791", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27849", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27892", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27886", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27845", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27777", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.2789", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27986", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27945", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42242", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42138", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42213", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42228", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42144", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42173", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0839" }, { "reference_url": "http://seclists.org/fulldisclosure/2025/Apr/14", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://seclists.org/fulldisclosure/2025/Apr/14" }, { "reference_url": "https://github.com/liquibase/liquibase", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/liquibase/liquibase" }, { "reference_url": "https://github.com/liquibase/liquibase/commit/33d9d925082097fb1a3d2fc8e44423d964cd9381", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/liquibase/liquibase/commit/33d9d925082097fb1a3d2fc8e44423d964cd9381" }, { "reference_url": "https://huntr.dev/bounties/f1ae5779-b406-4594-a8a3-d089c68d6e70", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://huntr.dev/bounties/f1ae5779-b406-4594-a8a3-d089c68d6e70" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2081484", "reference_id": "2081484", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2081484" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0839", "reference_id": "CVE-2022-0839", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0839" }, { "reference_url": "https://github.com/advisories/GHSA-jvfv-hrrc-6q72", "reference_id": "GHSA-jvfv-hrrc-6q72", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jvfv-hrrc-6q72" } ], "weaknesses": [ { "cwe_id": 611, "name": "Improper Restriction of XML External Entity Reference", "description": "The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." } ], "exploits": [], "severity_range_score": "7.3 - 10.0", "exploitability": "0.5", "weighted_severity": "9.0", "risk_score": 4.5, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zh9y-6uac-53c6" }