{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/13176?format=json","vulnerability_id":"VCID-zh9y-6uac-53c6","summary":"Improper Restriction of XML External Entity Reference in Liquibase\nThe XMLChangeLogSAXParser() function in Liquibase prior to version 4.8.0 contains an issue that may lead to to Improper Restriction of XML External Entity Reference.","aliases":[{"alias":"CVE-2022-0839"},{"alias":"GHSA-jvfv-hrrc-6q72"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/47222?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@4.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.8.0"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/288206?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@1.3.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@1.3.3"},{"url":"http://public2.vulnerablecode.io/api/packages/288207?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@1.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@1.4.1"},{"url":"http://public2.vulnerablecode.io/api/packages/288208?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@1.5.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@1.5.1"},{"url":"http://public2.vulnerablecode.io/api/packages/288209?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@1.5.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@1.5.2"},{"url":"http://public2.vulnerablecode.io/api/packages/288210?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@1.6.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@1.6.1"},{"url":"http://public2.vulnerablecode.io/api/packages/288211?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@1.7.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@1.7.0"},{"url":"http://public2.vulnerablecode.io/api/packages/288212?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@1.8.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@1.8.0"},{"url":"http://public2.vulnerablecode.io/api/packages/288213?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@1.8.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@1.8.1"},{"url":"http://public2.vulnerablecode.io/api/packages/288214?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@1.9.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@1.9.0"},{"url":"http://public2.vulnerablecode.io/api/packages/288215?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@1.9.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@1.9.1"},{"url":"http://public2.vulnerablecode.io/api/packages/288216?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@1.9.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@1.9.2"},{"url":"http://public2.vulnerablecode.io/api/packages/288217?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@1.9.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@1.9.3"},{"url":"http://public2.vulnerablecode.io/api/packages/288218?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@1.9.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@1.9.4"},{"url":"http://public2.vulnerablecode.io/api/packages/288219?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@1.9.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@1.9.5"},{"url":"http://public2.vulnerablecode.io/api/packages/288220?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@2.0-rc3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@2.0-rc3"},{"url":"http://public2.vulnerablecode.io/api/packages/288221?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@2.0-rc4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@2.0-rc4"},{"url":"http://public2.vulnerablecode.io/api/packages/288222?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@2.0-rc5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@2.0-rc5"},{"url":"http://public2.vulnerablecode.io/api/packages/288223?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@2.0-rc6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@2.0-rc6"},{"url":"http://public2.vulnerablecode.io/api/packages/288224?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@2.0-rc7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@2.0-rc7"},{"url":"http://public2.vulnerablecode.io/api/packages/288225?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@2.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@2.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/288226?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@2.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@2.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/288227?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@2.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@2.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/288228?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@2.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@2.0.3"},{"url":"http://public2.vulnerablecode.io/api/packages/288229?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@2.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@2.0.4"},{"url":"http://public2.vulnerablecode.io/api/packages/288230?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@2.0.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@2.0.5"},{"url":"http://public2.vulnerablecode.io/api/packages/288231?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.0.0-rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.0.0-rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/288232?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.0.0-rc2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.0.0-rc2"},{"url":"http://public2.vulnerablecode.io/api/packages/288233?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/288234?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/288235?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/288236?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.0.3"},{"url":"http://public2.vulnerablecode.io/api/packages/288237?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.0.4"},{"url":"http://public2.vulnerablecode.io/api/packages/288238?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.0.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.0.5"},{"url":"http://public2.vulnerablecode.io/api/packages/288239?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.0.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.0.6"},{"url":"http://public2.vulnerablecode.io/api/packages/288240?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.0.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.0.7"},{"url":"http://public2.vulnerablecode.io/api/packages/288241?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.0.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.0.8"},{"url":"http://public2.vulnerablecode.io/api/packages/288242?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.1.0"},{"url":"http://public2.vulnerablecode.io/api/packages/288243?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/288244?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/288245?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.2.1"},{"url":"http://public2.vulnerablecode.io/api/packages/288246?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.2.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.2.2"},{"url":"http://public2.vulnerablecode.io/api/packages/288247?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/288248?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.3.0"},{"url":"http://public2.vulnerablecode.io/api/packages/288249?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.3.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/288250?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.3.2"},{"url":"http://public2.vulnerablecode.io/api/packages/288251?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.3.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.3.3"},{"url":"http://public2.vulnerablecode.io/api/packages/288252?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.3.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.3.4"},{"url":"http://public2.vulnerablecode.io/api/packages/288253?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.3.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.3.5"},{"url":"http://public2.vulnerablecode.io/api/packages/288254?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.4.0"},{"url":"http://public2.vulnerablecode.io/api/packages/288255?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.4.1"},{"url":"http://public2.vulnerablecode.io/api/packages/288256?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.4.2"},{"url":"http://public2.vulnerablecode.io/api/packages/288257?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.5.0"},{"url":"http://public2.vulnerablecode.io/api/packages/288258?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.5.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.5.1"},{"url":"http://public2.vulnerablecode.io/api/packages/288259?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.5.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.5.2"},{"url":"http://public2.vulnerablecode.io/api/packages/288260?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.5.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.5.3"},{"url":"http://public2.vulnerablecode.io/api/packages/288261?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.5.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.5.4"},{"url":"http://public2.vulnerablecode.io/api/packages/288262?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.5.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.5.5"},{"url":"http://public2.vulnerablecode.io/api/packages/288263?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.6.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/288264?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.6.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.6.1"},{"url":"http://public2.vulnerablecode.io/api/packages/288265?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.6.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.6.2"},{"url":"http://public2.vulnerablecode.io/api/packages/288266?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.6.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.6.3"},{"url":"http://public2.vulnerablecode.io/api/packages/288267?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.7.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.7.0"},{"url":"http://public2.vulnerablecode.io/api/packages/288268?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.8.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.8.0"},{"url":"http://public2.vulnerablecode.io/api/packages/288269?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.8.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.8.1"},{"url":"http://public2.vulnerablecode.io/api/packages/288270?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.8.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.8.2"},{"url":"http://public2.vulnerablecode.io/api/packages/288271?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.8.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.8.3"},{"url":"http://public2.vulnerablecode.io/api/packages/288272?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.8.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.8.4"},{"url":"http://public2.vulnerablecode.io/api/packages/288273?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.8.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.8.5"},{"url":"http://public2.vulnerablecode.io/api/packages/288274?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.8.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.8.6"},{"url":"http://public2.vulnerablecode.io/api/packages/288275?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.8.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.8.7"},{"url":"http://public2.vulnerablecode.io/api/packages/288276?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.8.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.8.8"},{"url":"http://public2.vulnerablecode.io/api/packages/288277?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.8.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.8.9"},{"url":"http://public2.vulnerablecode.io/api/packages/288278?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.9.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.9.0"},{"url":"http://public2.vulnerablecode.io/api/packages/288279?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.10.0"},{"url":"http://public2.vulnerablecode.io/api/packages/288280?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.10.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.10.1"},{"url":"http://public2.vulnerablecode.io/api/packages/288281?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.10.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.10.2"},{"url":"http://public2.vulnerablecode.io/api/packages/288282?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@3.10.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@3.10.3"},{"url":"http://public2.vulnerablecode.io/api/packages/288283?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@4.0.0-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.0.0-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/288284?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@4.0.0-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.0.0-beta2"},{"url":"http://public2.vulnerablecode.io/api/packages/288285?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@4.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/288286?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@4.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.1.0"},{"url":"http://public2.vulnerablecode.io/api/packages/288287?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@4.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/288288?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@4.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/288289?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@4.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.2.1"},{"url":"http://public2.vulnerablecode.io/api/packages/288290?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@4.2.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.2.2"},{"url":"http://public2.vulnerablecode.io/api/packages/288291?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@4.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.3.0"},{"url":"http://public2.vulnerablecode.io/api/packages/288292?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@4.3.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/288293?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@4.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.3.2"},{"url":"http://public2.vulnerablecode.io/api/packages/288294?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@4.3.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.3.3"},{"url":"http://public2.vulnerablecode.io/api/packages/288295?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@4.3.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.3.4"},{"url":"http://public2.vulnerablecode.io/api/packages/288296?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@4.3.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.3.5"},{"url":"http://public2.vulnerablecode.io/api/packages/288297?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@4.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.4.0"},{"url":"http://public2.vulnerablecode.io/api/packages/288298?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@4.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.4.1"},{"url":"http://public2.vulnerablecode.io/api/packages/288299?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@4.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.4.2"},{"url":"http://public2.vulnerablecode.io/api/packages/288300?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@4.4.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.4.3"},{"url":"http://public2.vulnerablecode.io/api/packages/288301?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@4.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.5.0"},{"url":"http://public2.vulnerablecode.io/api/packages/288302?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@4.6.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/288303?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@4.6.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.6.1"},{"url":"http://public2.vulnerablecode.io/api/packages/288304?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@4.6.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.6.2"},{"url":"http://public2.vulnerablecode.io/api/packages/288305?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@4.7.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.7.0"},{"url":"http://public2.vulnerablecode.io/api/packages/288306?format=json","purl":"pkg:maven/org.liquibase/liquibase-core@4.7.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.liquibase/liquibase-core@4.7.1"},{"url":"http://public2.vulnerablecode.io/api/packages/99630?format=json","purl":"pkg:rpm/redhat/rh-sso7@1-4?arch=el7sso","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-em5z-nvqy-fucp"},{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7@1-4%3Farch=el7sso"},{"url":"http://public2.vulnerablecode.io/api/packages/99634?format=json","purl":"pkg:rpm/redhat/rh-sso7@1-4?arch=el8sso","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-em5z-nvqy-fucp"},{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7@1-4%3Farch=el8sso"},{"url":"http://public2.vulnerablecode.io/api/packages/99633?format=json","purl":"pkg:rpm/redhat/rh-sso7-javapackages-tools@3.4.1-5.15.3.jbcs?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2g8t-qjp5-ebc7"},{"vulnerability":"VCID-85y2-ejk7-qud9"},{"vulnerability":"VCID-em5z-nvqy-fucp"},{"vulnerability":"VCID-tzmu-y1p4-8bac"},{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-javapackages-tools@3.4.1-5.15.3.jbcs%3Farch=el7"},{"url":"http://public2.vulnerablecode.io/api/packages/99635?format=json","purl":"pkg:rpm/redhat/rh-sso7-javapackages-tools@3.4.1-5.15.6?arch=el8sso","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-em5z-nvqy-fucp"},{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-javapackages-tools@3.4.1-5.15.6%3Farch=el8sso"},{"url":"http://public2.vulnerablecode.io/api/packages/99632?format=json","purl":"pkg:rpm/redhat/rh-sso7-keycloak@18.0.0-2.redhat_00001.1?arch=el8sso","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-em5z-nvqy-fucp"},{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@18.0.0-2.redhat_00001.1%3Farch=el8sso"},{"url":"http://public2.vulnerablecode.io/api/packages/99631?format=json","purl":"pkg:rpm/redhat/rh-sso7-keycloak@18.0.0-2.redhat_00001.1?arch=el7sso","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-em5z-nvqy-fucp"},{"vulnerability":"VCID-zh9y-6uac-53c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@18.0.0-2.redhat_00001.1%3Farch=el7sso"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0839.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0839.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0839","reference_id":"","reference_type":"","scores":[{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27493","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27564","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27672","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.2773","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27773","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27798","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27791","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27849","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27892","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27886","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27845","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27777","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.2789","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27986","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27945","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00204","scoring_system":"epss","scoring_elements":"0.42279","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00204","scoring_system":"epss","scoring_elements":"0.42138","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00204","scoring_system":"epss","scoring_elements":"0.42213","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00204","scoring_system":"epss","scoring_elements":"0.42228","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00204","scoring_system":"epss","scoring_elements":"0.42144","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00204","scoring_system":"epss","scoring_elements":"0.42173","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00204","scoring_system":"epss","scoring_elements":"0.42242","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00204","scoring_system":"epss","scoring_elements":"0.42254","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0839"},{"reference_url":"http://seclists.org/fulldisclosure/2025/Apr/14","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2025/Apr/14"},{"reference_url":"https://github.com/liquibase/liquibase","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/liquibase/liquibase"},{"reference_url":"https://github.com/liquibase/liquibase/commit/33d9d925082097fb1a3d2fc8e44423d964cd9381","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/liquibase/liquibase/commit/33d9d925082097fb1a3d2fc8e44423d964cd9381"},{"reference_url":"https://huntr.dev/bounties/f1ae5779-b406-4594-a8a3-d089c68d6e70","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/f1ae5779-b406-4594-a8a3-d089c68d6e70"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2022.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2081484","reference_id":"2081484","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2081484"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0839","reference_id":"CVE-2022-0839","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0839"},{"reference_url":"https://github.com/advisories/GHSA-jvfv-hrrc-6q72","reference_id":"GHSA-jvfv-hrrc-6q72","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jvfv-hrrc-6q72"}],"weaknesses":[{"cwe_id":611,"name":"Improper Restriction of XML External Entity Reference","description":"The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."},{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."}],"exploits":[],"severity_range_score":"7.3 - 10.0","exploitability":"0.5","weighted_severity":"9.0","risk_score":4.5,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zh9y-6uac-53c6"}