{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/16568?format=json","vulnerability_id":"VCID-jz3d-vvfb-jfbw","summary":"Undertow client not checking server identity presented by server certificate in https connections\nThe undertow client is not checking the server identity presented by the server certificate in https connections. This should be performed by default in https and in http/2.","aliases":[{"alias":"CVE-2022-4492"},{"alias":"GHSA-pfcc-3g6r-8rg8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/941811?format=json","purl":"pkg:deb/debian/undertow@2.3.8-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/undertow@2.3.8-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/941790?format=json","purl":"pkg:deb/debian/undertow@2.3.20-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/undertow@2.3.20-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/56062?format=json","purl":"pkg:maven/io.undertow/undertow-core@2.2.24.Final","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vrj-chs2-d3ab"},{"vulnerability":"VCID-2cv5-9v62-kfbm"},{"vulnerability":"VCID-5585-a76n-zubf"},{"vulnerability":"VCID-ns3p-22xg-q3bz"},{"vulnerability":"VCID-tc7q-5xss-nyfh"},{"vulnerability":"VCID-xme8-usmd-vqg3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/io.undertow/undertow-core@2.2.24.Final"},{"url":"http://public2.vulnerablecode.io/api/packages/56061?format=json","purl":"pkg:maven/io.undertow/undertow-core@2.3.5.Final","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vrj-chs2-d3ab"},{"vulnerability":"VCID-2cv5-9v62-kfbm"},{"vulnerability":"VCID-5585-a76n-zubf"},{"vulnerability":"VCID-ns3p-22xg-q3bz"},{"vulnerability":"VCID-tc7q-5xss-nyfh"},{"vulnerability":"VCID-xme8-usmd-vqg3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/io.undertow/undertow-core@2.3.5.Final"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/59957?format=json","purl":"pkg:maven/io.undertow/undertow-core@2.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4v1f-kt5y-w7d1"},{"vulnerability":"VCID-93ut-2de3-ckc5"},{"vulnerability":"VCID-jz3d-vvfb-jfbw"},{"vulnerability":"VCID-usz2-tufg-k7gz"},{"vulnerability":"VCID-xftw-raz7-b7e1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/io.undertow/undertow-core@2.3.0"},{"url":"http://public2.vulnerablecode.io/api/packages/93738?format=json","purl":"pkg:rpm/redhat/eap7-glassfish-el@3.0.1-4.b08_redhat_00005.1.ep7?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5585-a76n-zubf"},{"vulnerability":"VCID-62gn-nwup-8uat"},{"vulnerability":"VCID-6ssa-j1q1-c3cs"},{"vulnerability":"VCID-8p4t-8f51-h3dc"},{"vulnerability":"VCID-9p6a-t8zz-jkfd"},{"vulnerability":"VCID-9v3p-qkzz-ukgg"},{"vulnerability":"VCID-beaj-uk9m-17be"},{"vulnerability":"VCID-gkzd-prsr-gqc8"},{"vulnerability":"VCID-jz3d-vvfb-jfbw"},{"vulnerability":"VCID-mapy-1mup-wfgx"},{"vulnerability":"VCID-v6ek-y7cn-kycd"},{"vulnerability":"VCID-vdv3-7dwp-suab"},{"vulnerability":"VCID-xyc4-63ra-mfh2"},{"vulnerability":"VCID-ysp6-t713-ffgr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-glassfish-el@3.0.1-4.b08_redhat_00005.1.ep7%3Farch=el7"},{"url":"http://public2.vulnerablecode.io/api/packages/93741?format=json","purl":"pkg:rpm/redhat/eap7-hibernate@5.1.17-3.Final_redhat_00004.1.ep7?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5585-a76n-zubf"},{"vulnerability":"VCID-62gn-nwup-8uat"},{"vulnerability":"VCID-6ssa-j1q1-c3cs"},{"vulnerability":"VCID-8p4t-8f51-h3dc"},{"vulnerability":"VCID-9p6a-t8zz-jkfd"},{"vulnerability":"VCID-9v3p-qkzz-ukgg"},{"vulnerability":"VCID-beaj-uk9m-17be"},{"vulnerability":"VCID-gkzd-prsr-gqc8"},{"vulnerability":"VCID-jz3d-vvfb-jfbw"},{"vulnerability":"VCID-mapy-1mup-wfgx"},{"vulnerability":"VCID-v6ek-y7cn-kycd"},{"vulnerability":"VCID-vdv3-7dwp-suab"},{"vulnerability":"VCID-xyc4-63ra-mfh2"},{"vulnerability":"VCID-ysp6-t713-ffgr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-hibernate@5.1.17-3.Final_redhat_00004.1.ep7%3Farch=el7"},{"url":"http://public2.vulnerablecode.io/api/packages/93562?format=json","purl":"pkg:rpm/redhat/eap7-jackson-annotations@2.10.4-3.redhat_00006.1?arch=el7eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vrj-chs2-d3ab"},{"vulnerability":"VCID-469b-j213-6ufk"},{"vulnerability":"VCID-5585-a76n-zubf"},{"vulnerability":"VCID-62gn-nwup-8uat"},{"vulnerability":"VCID-6ssa-j1q1-c3cs"},{"vulnerability":"VCID-7yc7-e35f-8uhj"},{"vulnerability":"VCID-8p4t-8f51-h3dc"},{"vulnerability":"VCID-93ut-2de3-ckc5"},{"vulnerability":"VCID-9p6a-t8zz-jkfd"},{"vulnerability":"VCID-jz3d-vvfb-jfbw"},{"vulnerability":"VCID-usz2-tufg-k7gz"},{"vulnerability":"VCID-v6ek-y7cn-kycd"},{"vulnerability":"VCID-xftw-raz7-b7e1"},{"vulnerability":"VCID-xyc4-63ra-mfh2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-annotations@2.10.4-3.redhat_00006.1%3Farch=el7eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93569?format=json","purl":"pkg:rpm/redhat/eap7-jackson-core@2.10.4-3.redhat_00006.1?arch=el7eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vrj-chs2-d3ab"},{"vulnerability":"VCID-469b-j213-6ufk"},{"vulnerability":"VCID-5585-a76n-zubf"},{"vulnerability":"VCID-62gn-nwup-8uat"},{"vulnerability":"VCID-6ssa-j1q1-c3cs"},{"vulnerability":"VCID-7yc7-e35f-8uhj"},{"vulnerability":"VCID-8p4t-8f51-h3dc"},{"vulnerability":"VCID-93ut-2de3-ckc5"},{"vulnerability":"VCID-9p6a-t8zz-jkfd"},{"vulnerability":"VCID-jz3d-vvfb-jfbw"},{"vulnerability":"VCID-usz2-tufg-k7gz"},{"vulnerability":"VCID-v6ek-y7cn-kycd"},{"vulnerability":"VCID-xftw-raz7-b7e1"},{"vulnerability":"VCID-xyc4-63ra-mfh2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-core@2.10.4-3.redhat_00006.1%3Farch=el7eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93730?format=json","purl":"pkg:rpm/redhat/eap7-jackson-databind@2.8.11.6-3.SP1_redhat_00003.1.ep7?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5585-a76n-zubf"},{"vulnerability":"VCID-62gn-nwup-8uat"},{"vulnerability":"VCID-6ssa-j1q1-c3cs"},{"vulnerability":"VCID-8p4t-8f51-h3dc"},{"vulnerability":"VCID-9p6a-t8zz-jkfd"},{"vulnerability":"VCID-9v3p-qkzz-ukgg"},{"vulnerability":"VCID-beaj-uk9m-17be"},{"vulnerability":"VCID-gkzd-prsr-gqc8"},{"vulnerability":"VCID-jz3d-vvfb-jfbw"},{"vulnerability":"VCID-mapy-1mup-wfgx"},{"vulnerability":"VCID-v6ek-y7cn-kycd"},{"vulnerability":"VCID-vdv3-7dwp-suab"},{"vulnerability":"VCID-xyc4-63ra-mfh2"},{"vulnerability":"VCID-ysp6-t713-ffgr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-databind@2.8.11.6-3.SP1_redhat_00003.1.ep7%3Farch=el7"},{"url":"http://public2.vulnerablecode.io/api/packages/93575?format=json","purl":"pkg:rpm/redhat/eap7-jackson-databind@2.10.4-5.redhat_00006.1?arch=el7eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vrj-chs2-d3ab"},{"vulnerability":"VCID-469b-j213-6ufk"},{"vulnerability":"VCID-5585-a76n-zubf"},{"vulnerability":"VCID-62gn-nwup-8uat"},{"vulnerability":"VCID-6ssa-j1q1-c3cs"},{"vulnerability":"VCID-7yc7-e35f-8uhj"},{"vulnerability":"VCID-8p4t-8f51-h3dc"},{"vulnerability":"VCID-93ut-2de3-ckc5"},{"vulnerability":"VCID-9p6a-t8zz-jkfd"},{"vulnerability":"VCID-jz3d-vvfb-jfbw"},{"vulnerability":"VCID-usz2-tufg-k7gz"},{"vulnerability":"VCID-v6ek-y7cn-kycd"},{"vulnerability":"VCID-xftw-raz7-b7e1"},{"vulnerability":"VCID-xyc4-63ra-mfh2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-databind@2.10.4-5.redhat_00006.1%3Farch=el7eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93581?format=json","purl":"pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.10.4-3.redhat_00006.1?arch=el7eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vrj-chs2-d3ab"},{"vulnerability":"VCID-469b-j213-6ufk"},{"vulnerability":"VCID-5585-a76n-zubf"},{"vulnerability":"VCID-62gn-nwup-8uat"},{"vulnerability":"VCID-6ssa-j1q1-c3cs"},{"vulnerability":"VCID-7yc7-e35f-8uhj"},{"vulnerability":"VCID-8p4t-8f51-h3dc"},{"vulnerability":"VCID-93ut-2de3-ckc5"},{"vulnerability":"VCID-9p6a-t8zz-jkfd"},{"vulnerability":"VCID-jz3d-vvfb-jfbw"},{"vulnerability":"VCID-usz2-tufg-k7gz"},{"vulnerability":"VCID-v6ek-y7cn-kycd"},{"vulnerability":"VCID-xftw-raz7-b7e1"},{"vulnerability":"VCID-xyc4-63ra-mfh2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.10.4-3.redhat_00006.1%3Farch=el7eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93576?format=json","purl":"pkg:rpm/redhat/eap7-jackson-modules-base@2.10.4-5.redhat_00006.1?arch=el7eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vrj-chs2-d3ab"},{"vulnerability":"VCID-469b-j213-6ufk"},{"vulnerability":"VCID-5585-a76n-zubf"},{"vulnerability":"VCID-62gn-nwup-8uat"},{"vulnerability":"VCID-6ssa-j1q1-c3cs"},{"vulnerability":"VCID-7yc7-e35f-8uhj"},{"vulnerability":"VCID-8p4t-8f51-h3dc"},{"vulnerability":"VCID-93ut-2de3-ckc5"},{"vulnerability":"VCID-9p6a-t8zz-jkfd"},{"vulnerability":"VCID-jz3d-vvfb-jfbw"},{"vulnerability":"VCID-usz2-tufg-k7gz"},{"vulnerability":"VCID-v6ek-y7cn-kycd"},{"vulnerability":"VCID-xftw-raz7-b7e1"},{"vulnerability":"VCID-xyc4-63ra-mfh2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-modules-base@2.10.4-5.redhat_00006.1%3Farch=el7eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93571?format=json","purl":"pkg:rpm/redhat/eap7-jackson-modules-java8@2.10.4-2.redhat_00006.1?arch=el7eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vrj-chs2-d3ab"},{"vulnerability":"VCID-469b-j213-6ufk"},{"vulnerability":"VCID-5585-a76n-zubf"},{"vulnerability":"VCID-62gn-nwup-8uat"},{"vulnerability":"VCID-6ssa-j1q1-c3cs"},{"vulnerability":"VCID-7yc7-e35f-8uhj"},{"vulnerability":"VCID-8p4t-8f51-h3dc"},{"vulnerability":"VCID-93ut-2de3-ckc5"},{"vulnerability":"VCID-9p6a-t8zz-jkfd"},{"vulnerability":"VCID-jz3d-vvfb-jfbw"},{"vulnerability":"VCID-usz2-tufg-k7gz"},{"vulnerability":"VCID-v6ek-y7cn-kycd"},{"vulnerability":"VCID-xftw-raz7-b7e1"},{"vulnerability":"VCID-xyc4-63ra-mfh2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-modules-java8@2.10.4-2.redhat_00006.1%3Farch=el7eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93747?format=json","purl":"pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.12-1.Final_redhat_00002.1.ep7?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5585-a76n-zubf"},{"vulnerability":"VCID-62gn-nwup-8uat"},{"vulnerability":"VCID-6ssa-j1q1-c3cs"},{"vulnerability":"VCID-8p4t-8f51-h3dc"},{"vulnerability":"VCID-9p6a-t8zz-jkfd"},{"vulnerability":"VCID-9v3p-qkzz-ukgg"},{"vulnerability":"VCID-beaj-uk9m-17be"},{"vulnerability":"VCID-gkzd-prsr-gqc8"},{"vulnerability":"VCID-jz3d-vvfb-jfbw"},{"vulnerability":"VCID-mapy-1mup-wfgx"},{"vulnerability":"VCID-v6ek-y7cn-kycd"},{"vulnerability":"VCID-vdv3-7dwp-suab"},{"vulnerability":"VCID-xyc4-63ra-mfh2"},{"vulnerability":"VCID-ysp6-t713-ffgr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.12-1.Final_redhat_00002.1.ep7%3Farch=el7"},{"url":"http://public2.vulnerablecode.io/api/packages/93563?format=json","purl":"pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-16.Final_redhat_00017.1?arch=el7eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vrj-chs2-d3ab"},{"vulnerability":"VCID-469b-j213-6ufk"},{"vulnerability":"VCID-5585-a76n-zubf"},{"vulnerability":"VCID-62gn-nwup-8uat"},{"vulnerability":"VCID-6ssa-j1q1-c3cs"},{"vulnerability":"VCID-7yc7-e35f-8uhj"},{"vulnerability":"VCID-8p4t-8f51-h3dc"},{"vulnerability":"VCID-93ut-2de3-ckc5"},{"vulnerability":"VCID-9p6a-t8zz-jkfd"},{"vulnerability":"VCID-jz3d-vvfb-jfbw"},{"vulnerability":"VCID-usz2-tufg-k7gz"},{"vulnerability":"VCID-v6ek-y7cn-kycd"},{"vulnerability":"VCID-xftw-raz7-b7e1"},{"vulnerability":"VCID-xyc4-63ra-mfh2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-16.Final_redhat_00017.1%3Farch=el7eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93727?format=json","purl":"pkg:rpm/redhat/eap7-netty@4.1.63-2.Final_redhat_00003.1.ep7?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5585-a76n-zubf"},{"vulnerability":"VCID-62gn-nwup-8uat"},{"vulnerability":"VCID-6ssa-j1q1-c3cs"},{"vulnerability":"VCID-8p4t-8f51-h3dc"},{"vulnerability":"VCID-9p6a-t8zz-jkfd"},{"vulnerability":"VCID-9v3p-qkzz-ukgg"},{"vulnerability":"VCID-beaj-uk9m-17be"},{"vulnerability":"VCID-gkzd-prsr-gqc8"},{"vulnerability":"VCID-jz3d-vvfb-jfbw"},{"vulnerability":"VCID-mapy-1mup-wfgx"},{"vulnerability":"VCID-v6ek-y7cn-kycd"},{"vulnerability":"VCID-vdv3-7dwp-suab"},{"vulnerability":"VCID-xyc4-63ra-mfh2"},{"vulnerability":"VCID-ysp6-t713-ffgr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-netty@4.1.63-2.Final_redhat_00003.1.ep7%3Farch=el7"},{"url":"http://public2.vulnerablecode.io/api/packages/93570?format=json","purl":"pkg:rpm/redhat/eap7-netty@4.1.63-5.Final_redhat_00003.1?arch=el7eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vrj-chs2-d3ab"},{"vulnerability":"VCID-469b-j213-6ufk"},{"vulnerability":"VCID-5585-a76n-zubf"},{"vulnerability":"VCID-62gn-nwup-8uat"},{"vulnerability":"VCID-6ssa-j1q1-c3cs"},{"vulnerability":"VCID-7yc7-e35f-8uhj"},{"vulnerability":"VCID-8p4t-8f51-h3dc"},{"vulnerability":"VCID-93ut-2de3-ckc5"},{"vulnerability":"VCID-9p6a-t8zz-jkfd"},{"vulnerability":"VCID-jz3d-vvfb-jfbw"},{"vulnerability":"VCID-usz2-tufg-k7gz"},{"vulnerability":"VCID-v6ek-y7cn-kycd"},{"vulnerability":"VCID-xftw-raz7-b7e1"},{"vulnerability":"VCID-xyc4-63ra-mfh2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-netty@4.1.63-5.Final_redhat_00003.1%3Farch=el7eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93756?format=json","purl":"pkg:rpm/redhat/eap7-undertow@1.4.18-16.SP14_redhat_00001.1.ep7?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5585-a76n-zubf"},{"vulnerability":"VCID-62gn-nwup-8uat"},{"vulnerability":"VCID-6ssa-j1q1-c3cs"},{"vulnerability":"VCID-8p4t-8f51-h3dc"},{"vulnerability":"VCID-9p6a-t8zz-jkfd"},{"vulnerability":"VCID-9v3p-qkzz-ukgg"},{"vulnerability":"VCID-beaj-uk9m-17be"},{"vulnerability":"VCID-gkzd-prsr-gqc8"},{"vulnerability":"VCID-jz3d-vvfb-jfbw"},{"vulnerability":"VCID-mapy-1mup-wfgx"},{"vulnerability":"VCID-v6ek-y7cn-kycd"},{"vulnerability":"VCID-vdv3-7dwp-suab"},{"vulnerability":"VCID-xyc4-63ra-mfh2"},{"vulnerability":"VCID-ysp6-t713-ffgr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow@1.4.18-16.SP14_redhat_00001.1.ep7%3Farch=el7"},{"url":"http://public2.vulnerablecode.io/api/packages/93567?format=json","purl":"pkg:rpm/redhat/eap7-undertow@2.0.41-4.SP5_redhat_00001.1?arch=el7eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vrj-chs2-d3ab"},{"vulnerability":"VCID-469b-j213-6ufk"},{"vulnerability":"VCID-5585-a76n-zubf"},{"vulnerability":"VCID-62gn-nwup-8uat"},{"vulnerability":"VCID-6ssa-j1q1-c3cs"},{"vulnerability":"VCID-7yc7-e35f-8uhj"},{"vulnerability":"VCID-8p4t-8f51-h3dc"},{"vulnerability":"VCID-93ut-2de3-ckc5"},{"vulnerability":"VCID-9p6a-t8zz-jkfd"},{"vulnerability":"VCID-jz3d-vvfb-jfbw"},{"vulnerability":"VCID-usz2-tufg-k7gz"},{"vulnerability":"VCID-v6ek-y7cn-kycd"},{"vulnerability":"VCID-xftw-raz7-b7e1"},{"vulnerability":"VCID-xyc4-63ra-mfh2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow@2.0.41-4.SP5_redhat_00001.1%3Farch=el7eap"},{"url":"http://public2.vulnerablecode.io/api/packages/96951?format=json","purl":"pkg:rpm/redhat/eap7-undertow@2.2.23-1.SP2_redhat_00001.1?arch=el8eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4s4f-emvn-9bhh"},{"vulnerability":"VCID-jz3d-vvfb-jfbw"},{"vulnerability":"VCID-knw5-d2nn-vyhq"},{"vulnerability":"VCID-usz2-tufg-k7gz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow@2.2.23-1.SP2_redhat_00001.1%3Farch=el8eap"},{"url":"http://public2.vulnerablecode.io/api/packages/96952?format=json","purl":"pkg:rpm/redhat/eap7-undertow@2.2.23-1.SP2_redhat_00001.1?arch=el7eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4s4f-emvn-9bhh"},{"vulnerability":"VCID-jz3d-vvfb-jfbw"},{"vulnerability":"VCID-knw5-d2nn-vyhq"},{"vulnerability":"VCID-usz2-tufg-k7gz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow@2.2.23-1.SP2_redhat_00001.1%3Farch=el7eap"},{"url":"http://public2.vulnerablecode.io/api/packages/96947?format=json","purl":"pkg:rpm/redhat/eap7-undertow@2.2.23-1.SP2_redhat_00001.1?arch=el9eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4s4f-emvn-9bhh"},{"vulnerability":"VCID-jz3d-vvfb-jfbw"},{"vulnerability":"VCID-knw5-d2nn-vyhq"},{"vulnerability":"VCID-usz2-tufg-k7gz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow@2.2.23-1.SP2_redhat_00001.1%3Farch=el9eap"},{"url":"http://public2.vulnerablecode.io/api/packages/96954?format=json","purl":"pkg:rpm/redhat/eap7-undertow-jastow@2.0.14-1.Final_redhat_00001.1?arch=el9eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4s4f-emvn-9bhh"},{"vulnerability":"VCID-jz3d-vvfb-jfbw"},{"vulnerability":"VCID-knw5-d2nn-vyhq"},{"vulnerability":"VCID-usz2-tufg-k7gz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow-jastow@2.0.14-1.Final_redhat_00001.1%3Farch=el9eap"},{"url":"http://public2.vulnerablecode.io/api/packages/96953?format=json","purl":"pkg:rpm/redhat/eap7-undertow-jastow@2.0.14-1.Final_redhat_00001.1?arch=el7eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4s4f-emvn-9bhh"},{"vulnerability":"VCID-jz3d-vvfb-jfbw"},{"vulnerability":"VCID-knw5-d2nn-vyhq"},{"vulnerability":"VCID-usz2-tufg-k7gz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow-jastow@2.0.14-1.Final_redhat_00001.1%3Farch=el7eap"},{"url":"http://public2.vulnerablecode.io/api/packages/96948?format=json","purl":"pkg:rpm/redhat/eap7-undertow-jastow@2.0.14-1.Final_redhat_00001.1?arch=el8eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4s4f-emvn-9bhh"},{"vulnerability":"VCID-jz3d-vvfb-jfbw"},{"vulnerability":"VCID-knw5-d2nn-vyhq"},{"vulnerability":"VCID-usz2-tufg-k7gz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow-jastow@2.0.14-1.Final_redhat_00001.1%3Farch=el8eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93722?format=json","purl":"pkg:rpm/redhat/eap7-wildfly@7.1.11-4.GA_redhat_00002.1.ep7?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5585-a76n-zubf"},{"vulnerability":"VCID-62gn-nwup-8uat"},{"vulnerability":"VCID-6ssa-j1q1-c3cs"},{"vulnerability":"VCID-8p4t-8f51-h3dc"},{"vulnerability":"VCID-9p6a-t8zz-jkfd"},{"vulnerability":"VCID-9v3p-qkzz-ukgg"},{"vulnerability":"VCID-beaj-uk9m-17be"},{"vulnerability":"VCID-gkzd-prsr-gqc8"},{"vulnerability":"VCID-jz3d-vvfb-jfbw"},{"vulnerability":"VCID-mapy-1mup-wfgx"},{"vulnerability":"VCID-v6ek-y7cn-kycd"},{"vulnerability":"VCID-vdv3-7dwp-suab"},{"vulnerability":"VCID-xyc4-63ra-mfh2"},{"vulnerability":"VCID-ysp6-t713-ffgr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly@7.1.11-4.GA_redhat_00002.1.ep7%3Farch=el7"},{"url":"http://public2.vulnerablecode.io/api/packages/93560?format=json","purl":"pkg:rpm/redhat/eap7-wildfly@7.3.14-3.GA_redhat_00002.1?arch=el7eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vrj-chs2-d3ab"},{"vulnerability":"VCID-469b-j213-6ufk"},{"vulnerability":"VCID-5585-a76n-zubf"},{"vulnerability":"VCID-62gn-nwup-8uat"},{"vulnerability":"VCID-6ssa-j1q1-c3cs"},{"vulnerability":"VCID-7yc7-e35f-8uhj"},{"vulnerability":"VCID-8p4t-8f51-h3dc"},{"vulnerability":"VCID-93ut-2de3-ckc5"},{"vulnerability":"VCID-9p6a-t8zz-jkfd"},{"vulnerability":"VCID-jz3d-vvfb-jfbw"},{"vulnerability":"VCID-usz2-tufg-k7gz"},{"vulnerability":"VCID-v6ek-y7cn-kycd"},{"vulnerability":"VCID-xftw-raz7-b7e1"},{"vulnerability":"VCID-xyc4-63ra-mfh2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly@7.3.14-3.GA_redhat_00002.1%3Farch=el7eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93720?format=json","purl":"pkg:rpm/redhat/eap7-wildfly-elytron@1.1.14-1.Final_redhat_00001.1.ep7?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5585-a76n-zubf"},{"vulnerability":"VCID-62gn-nwup-8uat"},{"vulnerability":"VCID-6ssa-j1q1-c3cs"},{"vulnerability":"VCID-8p4t-8f51-h3dc"},{"vulnerability":"VCID-9p6a-t8zz-jkfd"},{"vulnerability":"VCID-9v3p-qkzz-ukgg"},{"vulnerability":"VCID-beaj-uk9m-17be"},{"vulnerability":"VCID-gkzd-prsr-gqc8"},{"vulnerability":"VCID-jz3d-vvfb-jfbw"},{"vulnerability":"VCID-mapy-1mup-wfgx"},{"vulnerability":"VCID-v6ek-y7cn-kycd"},{"vulnerability":"VCID-vdv3-7dwp-suab"},{"vulnerability":"VCID-xyc4-63ra-mfh2"},{"vulnerability":"VCID-ysp6-t713-ffgr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-elytron@1.1.14-1.Final_redhat_00001.1.ep7%3Farch=el7"},{"url":"http://public2.vulnerablecode.io/api/packages/93564?format=json","purl":"pkg:rpm/redhat/eap7-wildfly-elytron@1.10.17-1.Final_redhat_00001.1?arch=el7eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vrj-chs2-d3ab"},{"vulnerability":"VCID-469b-j213-6ufk"},{"vulnerability":"VCID-5585-a76n-zubf"},{"vulnerability":"VCID-62gn-nwup-8uat"},{"vulnerability":"VCID-6ssa-j1q1-c3cs"},{"vulnerability":"VCID-7yc7-e35f-8uhj"},{"vulnerability":"VCID-8p4t-8f51-h3dc"},{"vulnerability":"VCID-93ut-2de3-ckc5"},{"vulnerability":"VCID-9p6a-t8zz-jkfd"},{"vulnerability":"VCID-jz3d-vvfb-jfbw"},{"vulnerability":"VCID-usz2-tufg-k7gz"},{"vulnerability":"VCID-v6ek-y7cn-kycd"},{"vulnerability":"VCID-xftw-raz7-b7e1"},{"vulnerability":"VCID-xyc4-63ra-mfh2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-elytron@1.10.17-1.Final_redhat_00001.1%3Farch=el7eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93718?format=json","purl":"pkg:rpm/redhat/eap7-wildfly-http-client@1.0.21-1.Final_redhat_00001.1.ep7?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5585-a76n-zubf"},{"vulnerability":"VCID-62gn-nwup-8uat"},{"vulnerability":"VCID-6ssa-j1q1-c3cs"},{"vulnerability":"VCID-8p4t-8f51-h3dc"},{"vulnerability":"VCID-9p6a-t8zz-jkfd"},{"vulnerability":"VCID-9v3p-qkzz-ukgg"},{"vulnerability":"VCID-beaj-uk9m-17be"},{"vulnerability":"VCID-gkzd-prsr-gqc8"},{"vulnerability":"VCID-jz3d-vvfb-jfbw"},{"vulnerability":"VCID-mapy-1mup-wfgx"},{"vulnerability":"VCID-v6ek-y7cn-kycd"},{"vulnerability":"VCID-vdv3-7dwp-suab"},{"vulnerability":"VCID-xyc4-63ra-mfh2"},{"vulnerability":"VCID-ysp6-t713-ffgr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-http-client@1.0.21-1.Final_redhat_00001.1.ep7%3Farch=el7"},{"url":"http://public2.vulnerablecode.io/api/packages/93746?format=json","purl":"pkg:rpm/redhat/eap7-wildfly-naming-client@1.0.13-1.Final_redhat_00001.1.ep7?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5585-a76n-zubf"},{"vulnerability":"VCID-62gn-nwup-8uat"},{"vulnerability":"VCID-6ssa-j1q1-c3cs"},{"vulnerability":"VCID-8p4t-8f51-h3dc"},{"vulnerability":"VCID-9p6a-t8zz-jkfd"},{"vulnerability":"VCID-9v3p-qkzz-ukgg"},{"vulnerability":"VCID-beaj-uk9m-17be"},{"vulnerability":"VCID-gkzd-prsr-gqc8"},{"vulnerability":"VCID-jz3d-vvfb-jfbw"},{"vulnerability":"VCID-mapy-1mup-wfgx"},{"vulnerability":"VCID-v6ek-y7cn-kycd"},{"vulnerability":"VCID-vdv3-7dwp-suab"},{"vulnerability":"VCID-xyc4-63ra-mfh2"},{"vulnerability":"VCID-ysp6-t713-ffgr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-naming-client@1.0.13-1.Final_redhat_00001.1.ep7%3Farch=el7"},{"url":"http://public2.vulnerablecode.io/api/packages/93731?format=json","purl":"pkg:rpm/redhat/eap7-wildfly-openssl@1.0.12-1.Final_redhat_00001.1.ep7?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5585-a76n-zubf"},{"vulnerability":"VCID-62gn-nwup-8uat"},{"vulnerability":"VCID-6ssa-j1q1-c3cs"},{"vulnerability":"VCID-8p4t-8f51-h3dc"},{"vulnerability":"VCID-9p6a-t8zz-jkfd"},{"vulnerability":"VCID-9v3p-qkzz-ukgg"},{"vulnerability":"VCID-beaj-uk9m-17be"},{"vulnerability":"VCID-gkzd-prsr-gqc8"},{"vulnerability":"VCID-jz3d-vvfb-jfbw"},{"vulnerability":"VCID-mapy-1mup-wfgx"},{"vulnerability":"VCID-v6ek-y7cn-kycd"},{"vulnerability":"VCID-vdv3-7dwp-suab"},{"vulnerability":"VCID-xyc4-63ra-mfh2"},{"vulnerability":"VCID-ysp6-t713-ffgr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-openssl@1.0.12-1.Final_redhat_00001.1.ep7%3Farch=el7"},{"url":"http://public2.vulnerablecode.io/api/packages/93729?format=json","purl":"pkg:rpm/redhat/eap7-wildfly-openssl-linux@1.0.12-6.Final_redhat_00001.1.ep7?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5585-a76n-zubf"},{"vulnerability":"VCID-62gn-nwup-8uat"},{"vulnerability":"VCID-6ssa-j1q1-c3cs"},{"vulnerability":"VCID-8p4t-8f51-h3dc"},{"vulnerability":"VCID-9p6a-t8zz-jkfd"},{"vulnerability":"VCID-9v3p-qkzz-ukgg"},{"vulnerability":"VCID-beaj-uk9m-17be"},{"vulnerability":"VCID-gkzd-prsr-gqc8"},{"vulnerability":"VCID-jz3d-vvfb-jfbw"},{"vulnerability":"VCID-mapy-1mup-wfgx"},{"vulnerability":"VCID-v6ek-y7cn-kycd"},{"vulnerability":"VCID-vdv3-7dwp-suab"},{"vulnerability":"VCID-xyc4-63ra-mfh2"},{"vulnerability":"VCID-ysp6-t713-ffgr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-openssl-linux@1.0.12-6.Final_redhat_00001.1.ep7%3Farch=el7"},{"url":"http://public2.vulnerablecode.io/api/packages/97152?format=json","purl":"pkg:rpm/redhat/rh-sso7-keycloak@18.0.7-1.redhat_00001.1?arch=el9sso","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4e5q-x177-uyat"},{"vulnerability":"VCID-4s4f-emvn-9bhh"},{"vulnerability":"VCID-etyq-9yys-tkdf"},{"vulnerability":"VCID-fb8u-g65k-hffs"},{"vulnerability":"VCID-jz3d-vvfb-jfbw"},{"vulnerability":"VCID-qruf-r6dc-3ugj"},{"vulnerability":"VCID-sqsn-ygsg-yfdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@18.0.7-1.redhat_00001.1%3Farch=el9sso"},{"url":"http://public2.vulnerablecode.io/api/packages/97150?format=json","purl":"pkg:rpm/redhat/rh-sso7-keycloak@18.0.7-1.redhat_00001.1?arch=el7sso","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4e5q-x177-uyat"},{"vulnerability":"VCID-4s4f-emvn-9bhh"},{"vulnerability":"VCID-etyq-9yys-tkdf"},{"vulnerability":"VCID-fb8u-g65k-hffs"},{"vulnerability":"VCID-jz3d-vvfb-jfbw"},{"vulnerability":"VCID-qruf-r6dc-3ugj"},{"vulnerability":"VCID-sqsn-ygsg-yfdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@18.0.7-1.redhat_00001.1%3Farch=el7sso"},{"url":"http://public2.vulnerablecode.io/api/packages/97151?format=json","purl":"pkg:rpm/redhat/rh-sso7-keycloak@18.0.7-1.redhat_00001.1?arch=el8sso","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4e5q-x177-uyat"},{"vulnerability":"VCID-4s4f-emvn-9bhh"},{"vulnerability":"VCID-etyq-9yys-tkdf"},{"vulnerability":"VCID-fb8u-g65k-hffs"},{"vulnerability":"VCID-jz3d-vvfb-jfbw"},{"vulnerability":"VCID-qruf-r6dc-3ugj"},{"vulnerability":"VCID-sqsn-ygsg-yfdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@18.0.7-1.redhat_00001.1%3Farch=el8sso"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4492.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4492.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-4492","reference_id":"","reference_type":"","scores":[{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.35789","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.3572","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.35837","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.35924","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.35956","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36188","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.3624","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36256","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36213","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36237","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36274","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36269","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36251","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36201","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36333","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.35809","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.35742","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.35811","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36366","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-4492"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2153260","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-12T14:33:53Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2153260"},{"reference_url":"https://github.com/undertow-io/undertow/blob/master/core/src/main/java/io/undertow/security/impl/ClientCertAuthenticationMechanism.java","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/undertow-io/undertow/blob/master/core/src/main/java/io/undertow/security/impl/ClientCertAuthenticationMechanism.java"},{"reference_url":"https://github.com/undertow-io/undertow/pull/1447","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/undertow-io/undertow/pull/1447"},{"reference_url":"https://github.com/undertow-io/undertow/pull/1447/commits/e5071e52b72529a14d3ec436ae7102cea5d918c4","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/undertow-io/undertow/pull/1447/commits/e5071e52b72529a14d3ec436ae7102cea5d918c4"},{"reference_url":"https://github.com/undertow-io/undertow/pull/1457","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/undertow-io/undertow/pull/1457"},{"reference_url":"https://github.com/undertow-io/undertow/pull/1457/commits/a4d3b167126a803cc4f7fb740dd9a6ecabf59342","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/undertow-io/undertow/pull/1457/commits/a4d3b167126a803cc4f7fb740dd9a6ecabf59342"},{"reference_url":"https://issues.redhat.com/browse/MTA-93","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://issues.redhat.com/browse/MTA-93"},{"reference_url":"https://issues.redhat.com/browse/UNDERTOW-2212","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://issues.redhat.com/browse/UNDERTOW-2212"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230324-0002","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20230324-0002"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032087","reference_id":"1032087","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032087"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2022-4492","reference_id":"CVE-2022-4492","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-12T14:33:53Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2022-4492"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-4492","reference_id":"CVE-2022-4492","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-4492"},{"reference_url":"https://github.com/advisories/GHSA-pfcc-3g6r-8rg8","reference_id":"GHSA-pfcc-3g6r-8rg8","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-pfcc-3g6r-8rg8"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230324-0002/","reference_id":"ntap-20230324-0002","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-12T14:33:53Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230324-0002/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2100","reference_id":"RHSA-2023:2100","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2705","reference_id":"RHSA-2023:2705","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2705"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2706","reference_id":"RHSA-2023:2706","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2706"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2707","reference_id":"RHSA-2023:2707","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2707"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2710","reference_id":"RHSA-2023:2710","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2710"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2713","reference_id":"RHSA-2023:2713","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2713"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3813","reference_id":"RHSA-2023:3813","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3813"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4627","reference_id":"RHSA-2023:4627","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4627"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4983","reference_id":"RHSA-2023:4983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4983"}],"weaknesses":[{"cwe_id":918,"name":"Server-Side Request Forgery (SSRF)","description":"The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."},{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."},{"cwe_id":550,"name":"Server-generated Error Message Containing Sensitive Information","description":"Certain conditions, such as network failure, will cause a server error message to be displayed."}],"exploits":[],"severity_range_score":"7.5 - 10.0","exploitability":"0.5","weighted_severity":"9.0","risk_score":4.5,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jz3d-vvfb-jfbw"}