{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/14385?format=json","vulnerability_id":"VCID-65c5-st4q-dff3","summary":"Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository eventsource/eventsource prior to v2.0.2.","aliases":[{"alias":"CVE-2022-1650"},{"alias":"GHSA-6h5x-7c5m-7cr7"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932216?format=json","purl":"pkg:deb/debian/node-eventsource@1.0.7-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-eventsource@1.0.7-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1057015?format=json","purl":"pkg:deb/debian/node-eventsource@1.0.7-1%2Bdeb11u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-eventsource@1.0.7-1%252Bdeb11u1"},{"url":"http://public2.vulnerablecode.io/api/packages/932215?format=json","purl":"pkg:deb/debian/node-eventsource@2.0.2%2B~1.1.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-eventsource@2.0.2%252B~1.1.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932214?format=json","purl":"pkg:deb/debian/node-eventsource@2.0.2%2B~1.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-eventsource@2.0.2%252B~1.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932217?format=json","purl":"pkg:deb/debian/node-eventsource@2.0.2%2B~1.1.10-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-eventsource@2.0.2%252B~1.1.10-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/50630?format=json","purl":"pkg:npm/eventsource@1.1.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/eventsource@1.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/50631?format=json","purl":"pkg:npm/eventsource@2.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/eventsource@2.0.2"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1057014?format=json","purl":"pkg:deb/debian/node-eventsource@0.2.1-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65c5-st4q-dff3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-eventsource@0.2.1-1"},{"url":"http://public2.vulnerablecode.io/api/packages/300227?format=json","purl":"pkg:npm/eventsource@0.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65c5-st4q-dff3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/eventsource@0.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/300228?format=json","purl":"pkg:npm/eventsource@0.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65c5-st4q-dff3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/eventsource@0.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/300229?format=json","purl":"pkg:npm/eventsource@0.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65c5-st4q-dff3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/eventsource@0.0.3"},{"url":"http://public2.vulnerablecode.io/api/packages/300230?format=json","purl":"pkg:npm/eventsource@0.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65c5-st4q-dff3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/eventsource@0.0.4"},{"url":"http://public2.vulnerablecode.io/api/packages/300231?format=json","purl":"pkg:npm/eventsource@0.0.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65c5-st4q-dff3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/eventsource@0.0.5"},{"url":"http://public2.vulnerablecode.io/api/packages/300232?format=json","purl":"pkg:npm/eventsource@0.0.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65c5-st4q-dff3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/eventsource@0.0.6"},{"url":"http://public2.vulnerablecode.io/api/packages/300233?format=json","purl":"pkg:npm/eventsource@0.0.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65c5-st4q-dff3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/eventsource@0.0.7"},{"url":"http://public2.vulnerablecode.io/api/packages/300234?format=json","purl":"pkg:npm/eventsource@0.0.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65c5-st4q-dff3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/eventsource@0.0.8"},{"url":"http://public2.vulnerablecode.io/api/packages/300235?format=json","purl":"pkg:npm/eventsource@0.0.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65c5-st4q-dff3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/eventsource@0.0.9"},{"url":"http://public2.vulnerablecode.io/api/packages/300236?format=json","purl":"pkg:npm/eventsource@0.0.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65c5-st4q-dff3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/eventsource@0.0.10"},{"url":"http://public2.vulnerablecode.io/api/packages/300237?format=json","purl":"pkg:npm/eventsource@0.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65c5-st4q-dff3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/eventsource@0.1.0"},{"url":"http://public2.vulnerablecode.io/api/packages/300238?format=json","purl":"pkg:npm/eventsource@0.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65c5-st4q-dff3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/eventsource@0.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/300239?format=json","purl":"pkg:npm/eventsource@0.1.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65c5-st4q-dff3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/eventsource@0.1.2"},{"url":"http://public2.vulnerablecode.io/api/packages/300240?format=json","purl":"pkg:npm/eventsource@0.1.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65c5-st4q-dff3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/eventsource@0.1.3"},{"url":"http://public2.vulnerablecode.io/api/packages/300241?format=json","purl":"pkg:npm/eventsource@0.1.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65c5-st4q-dff3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/eventsource@0.1.4"},{"url":"http://public2.vulnerablecode.io/api/packages/300242?format=json","purl":"pkg:npm/eventsource@0.1.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65c5-st4q-dff3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/eventsource@0.1.5"},{"url":"http://public2.vulnerablecode.io/api/packages/300243?format=json","purl":"pkg:npm/eventsource@0.1.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65c5-st4q-dff3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/eventsource@0.1.6"},{"url":"http://public2.vulnerablecode.io/api/packages/300244?format=json","purl":"pkg:npm/eventsource@0.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65c5-st4q-dff3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/eventsource@0.2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/300245?format=json","purl":"pkg:npm/eventsource@0.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65c5-st4q-dff3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/eventsource@0.2.1"},{"url":"http://public2.vulnerablecode.io/api/packages/300246?format=json","purl":"pkg:npm/eventsource@0.2.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65c5-st4q-dff3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/eventsource@0.2.2"},{"url":"http://public2.vulnerablecode.io/api/packages/300247?format=json","purl":"pkg:npm/eventsource@0.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65c5-st4q-dff3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/eventsource@0.2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/300248?format=json","purl":"pkg:npm/eventsource@1.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65c5-st4q-dff3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/eventsource@1.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/300249?format=json","purl":"pkg:npm/eventsource@1.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65c5-st4q-dff3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/eventsource@1.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/300250?format=json","purl":"pkg:npm/eventsource@1.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65c5-st4q-dff3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/eventsource@1.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/300251?format=json","purl":"pkg:npm/eventsource@1.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65c5-st4q-dff3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/eventsource@1.0.3"},{"url":"http://public2.vulnerablecode.io/api/packages/300252?format=json","purl":"pkg:npm/eventsource@1.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65c5-st4q-dff3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/eventsource@1.0.4"},{"url":"http://public2.vulnerablecode.io/api/packages/300253?format=json","purl":"pkg:npm/eventsource@1.0.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65c5-st4q-dff3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/eventsource@1.0.5"},{"url":"http://public2.vulnerablecode.io/api/packages/300254?format=json","purl":"pkg:npm/eventsource@1.0.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65c5-st4q-dff3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/eventsource@1.0.6"},{"url":"http://public2.vulnerablecode.io/api/packages/300255?format=json","purl":"pkg:npm/eventsource@1.0.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65c5-st4q-dff3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/eventsource@1.0.7"},{"url":"http://public2.vulnerablecode.io/api/packages/300256?format=json","purl":"pkg:npm/eventsource@1.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65c5-st4q-dff3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/eventsource@1.1.0"},{"url":"http://public2.vulnerablecode.io/api/packages/50628?format=json","purl":"pkg:npm/eventsource@2.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65c5-st4q-dff3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/eventsource@2.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/300257?format=json","purl":"pkg:npm/eventsource@2.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65c5-st4q-dff3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/eventsource@2.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/98038?format=json","purl":"pkg:rpm/redhat/dotnet3.1@3.1.422-1?arch=el8_6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65c5-st4q-dff3"},{"vulnerability":"VCID-rz8f-jn6b-a7fw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/dotnet3.1@3.1.422-1%3Farch=el8_6"},{"url":"http://public2.vulnerablecode.io/api/packages/98778?format=json","purl":"pkg:rpm/redhat/dotnet6.0@6.0.107-1?arch=el8_6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65c5-st4q-dff3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/dotnet6.0@6.0.107-1%3Farch=el8_6"},{"url":"http://public2.vulnerablecode.io/api/packages/98780?format=json","purl":"pkg:rpm/redhat/dotnet6.0@6.0.107-1?arch=el9_0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65c5-st4q-dff3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/dotnet6.0@6.0.107-1%3Farch=el9_0"},{"url":"http://public2.vulnerablecode.io/api/packages/98037?format=json","purl":"pkg:rpm/redhat/rh-dotnet31-dotnet@3.1.422-1?arch=el7_9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65c5-st4q-dff3"},{"vulnerability":"VCID-rz8f-jn6b-a7fw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-dotnet31-dotnet@3.1.422-1%3Farch=el7_9"},{"url":"http://public2.vulnerablecode.io/api/packages/98779?format=json","purl":"pkg:rpm/redhat/rh-dotnet60-dotnet@6.0.107-1?arch=el7_9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65c5-st4q-dff3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-dotnet60-dotnet@6.0.107-1%3Farch=el7_9"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1650.json","reference_id":"","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1650.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1650","reference_id":"","reference_type":"","scores":[{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78498","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78482","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78475","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78442","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78446","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78447","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78419","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78426","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78445","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78418","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78413","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78386","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78402","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78365","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78371","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01543","scoring_system":"epss","scoring_elements":"0.81469","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1650"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1650","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1650"},{"reference_url":"https://github.com/eventsource/eventsource","reference_id":"","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/eventsource/eventsource"},{"reference_url":"https://github.com/eventsource/eventsource/commit/10ee0c4881a6ba2fe65ec18ed195ac35889583c4","reference_id":"","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/eventsource/eventsource/commit/10ee0c4881a6ba2fe65ec18ed195ac35889583c4"},{"reference_url":"https://github.com/EventSource/eventsource/commit/f9f6416567bff62c1af2f4314be51d9870e94bc2","reference_id":"","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/EventSource/eventsource/commit/f9f6416567bff62c1af2f4314be51d9870e94bc2"},{"reference_url":"https://github.com/EventSource/eventsource/pull/273#issuecomment-1127624508","reference_id":"","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/EventSource/eventsource/pull/273#issuecomment-1127624508"},{"reference_url":"https://huntr.dev/bounties/dc9e467f-be5d-4945-867d-1044d27e9b8e","reference_id":"","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/dc9e467f-be5d-4945-867d-1044d27e9b8e"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00021.html","reference_id":"","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00021.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2085307","reference_id":"2085307","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2085307"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1650","reference_id":"CVE-2022-1650","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1650"},{"reference_url":"https://github.com/advisories/GHSA-6h5x-7c5m-7cr7","reference_id":"GHSA-6h5x-7c5m-7cr7","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6h5x-7c5m-7cr7"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5006","reference_id":"RHSA-2022:5006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5030","reference_id":"RHSA-2022:5030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6037","reference_id":"RHSA-2022:6037","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6037"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6057","reference_id":"RHSA-2022:6057","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6057"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6156","reference_id":"RHSA-2022:6156","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6156"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6429","reference_id":"RHSA-2022:6429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3642","reference_id":"RHSA-2023:3642","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3642"},{"reference_url":"https://usn.ubuntu.com/6082-1/","reference_id":"USN-6082-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6082-1/"}],"weaknesses":[{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."},{"cwe_id":212,"name":"Improper Removal of Sensitive Information Before Storage or Transfer","description":"The product stores, transfers, or shares a resource that contains sensitive information, but it does not properly remove that information before the product makes the resource available to unauthorized actors."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."},{"cwe_id":200,"name":"Exposure of Sensitive Information to an Unauthorized Actor","description":"The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information."},{"cwe_id":359,"name":"Exposure of Private Personal Information to an Unauthorized Actor","description":"The product does not properly prevent a person's private, personal information from being accessed by actors who either (1) are not explicitly authorized to access the information or (2) do not have the implicit consent of the person about whom the information is collected."}],"exploits":[],"severity_range_score":"9.0 - 10.0","exploitability":"0.5","weighted_severity":"9.0","risk_score":4.5,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-65c5-st4q-dff3"}