{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/19568?format=json","vulnerability_id":"VCID-mssa-dgz3-w7fh","summary":"Uncontrolled resource consumption in braces\nThe NPM package `braces` fails to limit the number of characters it can handle, which could lead to Memory Exhaustion. In `lib/parse.js,` if a malicious user sends \"imbalanced braces\" as input, the parsing will enter a loop, which will cause the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.","aliases":[{"alias":"CVE-2024-4068"},{"alias":"GHSA-grv7-fg5c-xmjg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932119?format=json","purl":"pkg:deb/debian/node-braces@3.0.3%2B~3.0.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-braces@3.0.3%252B~3.0.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/995021?format=json","purl":"pkg:deb/debian/node-braces@3.0.3%2B~3.0.5-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-braces@3.0.3%252B~3.0.5-1"},{"url":"http://public2.vulnerablecode.io/api/packages/932118?format=json","purl":"pkg:deb/debian/node-braces@3.0.3%2B~3.0.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-braces@3.0.3%252B~3.0.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/60734?format=json","purl":"pkg:npm/braces@3.0.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/braces@3.0.3"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/995019?format=json","purl":"pkg:deb/debian/node-braces@3.0.2%2B~3.0.0-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mssa-dgz3-w7fh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-braces@3.0.2%252B~3.0.0-1"},{"url":"http://public2.vulnerablecode.io/api/packages/932117?format=json","purl":"pkg:deb/debian/node-braces@3.0.2%2B~3.0.0-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mssa-dgz3-w7fh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-braces@3.0.2%252B~3.0.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932115?format=json","purl":"pkg:deb/debian/node-braces@3.0.2%2B~3.0.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mssa-dgz3-w7fh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-braces@3.0.2%252B~3.0.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/995020?format=json","purl":"pkg:deb/debian/node-braces@3.0.2%2B~3.0.1-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mssa-dgz3-w7fh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-braces@3.0.2%252B~3.0.1-1"},{"url":"http://public2.vulnerablecode.io/api/packages/183071?format=json","purl":"pkg:npm/braces@0.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2386-f4qn-sbfx"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-ynup-8rhy-fbdz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/braces@0.1.0"},{"url":"http://public2.vulnerablecode.io/api/packages/183072?format=json","purl":"pkg:npm/braces@0.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2386-f4qn-sbfx"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-ynup-8rhy-fbdz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/braces@0.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/183073?format=json","purl":"pkg:npm/braces@0.1.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2386-f4qn-sbfx"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-ynup-8rhy-fbdz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/braces@0.1.2"},{"url":"http://public2.vulnerablecode.io/api/packages/183074?format=json","purl":"pkg:npm/braces@0.1.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2386-f4qn-sbfx"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-ynup-8rhy-fbdz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/braces@0.1.4"},{"url":"http://public2.vulnerablecode.io/api/packages/183075?format=json","purl":"pkg:npm/braces@0.1.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2386-f4qn-sbfx"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-ynup-8rhy-fbdz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/braces@0.1.5"},{"url":"http://public2.vulnerablecode.io/api/packages/183076?format=json","purl":"pkg:npm/braces@1.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2386-f4qn-sbfx"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-ynup-8rhy-fbdz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/braces@1.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/183077?format=json","purl":"pkg:npm/braces@1.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2386-f4qn-sbfx"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-ynup-8rhy-fbdz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/braces@1.1.0"},{"url":"http://public2.vulnerablecode.io/api/packages/183078?format=json","purl":"pkg:npm/braces@1.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2386-f4qn-sbfx"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-ynup-8rhy-fbdz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/braces@1.2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/183079?format=json","purl":"pkg:npm/braces@1.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2386-f4qn-sbfx"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-ynup-8rhy-fbdz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/braces@1.3.0"},{"url":"http://public2.vulnerablecode.io/api/packages/183080?format=json","purl":"pkg:npm/braces@1.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2386-f4qn-sbfx"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-ynup-8rhy-fbdz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/braces@1.4.0"},{"url":"http://public2.vulnerablecode.io/api/packages/183081?format=json","purl":"pkg:npm/braces@1.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2386-f4qn-sbfx"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-ynup-8rhy-fbdz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/braces@1.5.0"},{"url":"http://public2.vulnerablecode.io/api/packages/183082?format=json","purl":"pkg:npm/braces@1.5.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2386-f4qn-sbfx"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-ynup-8rhy-fbdz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/braces@1.5.1"},{"url":"http://public2.vulnerablecode.io/api/packages/183083?format=json","purl":"pkg:npm/braces@1.6.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2386-f4qn-sbfx"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-ynup-8rhy-fbdz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/braces@1.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/183084?format=json","purl":"pkg:npm/braces@1.7.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2386-f4qn-sbfx"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-ynup-8rhy-fbdz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/braces@1.7.0"},{"url":"http://public2.vulnerablecode.io/api/packages/183085?format=json","purl":"pkg:npm/braces@1.8.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2386-f4qn-sbfx"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-ynup-8rhy-fbdz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/braces@1.8.0"},{"url":"http://public2.vulnerablecode.io/api/packages/183086?format=json","purl":"pkg:npm/braces@1.8.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2386-f4qn-sbfx"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-ynup-8rhy-fbdz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/braces@1.8.1"},{"url":"http://public2.vulnerablecode.io/api/packages/183087?format=json","purl":"pkg:npm/braces@1.8.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2386-f4qn-sbfx"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-ynup-8rhy-fbdz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/braces@1.8.2"},{"url":"http://public2.vulnerablecode.io/api/packages/183088?format=json","purl":"pkg:npm/braces@1.8.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2386-f4qn-sbfx"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-ynup-8rhy-fbdz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/braces@1.8.3"},{"url":"http://public2.vulnerablecode.io/api/packages/183089?format=json","purl":"pkg:npm/braces@1.8.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2386-f4qn-sbfx"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-ynup-8rhy-fbdz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/braces@1.8.4"},{"url":"http://public2.vulnerablecode.io/api/packages/183090?format=json","purl":"pkg:npm/braces@1.8.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2386-f4qn-sbfx"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-ynup-8rhy-fbdz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/braces@1.8.5"},{"url":"http://public2.vulnerablecode.io/api/packages/183091?format=json","purl":"pkg:npm/braces@2.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2386-f4qn-sbfx"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-ynup-8rhy-fbdz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/braces@2.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/183092?format=json","purl":"pkg:npm/braces@2.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2386-f4qn-sbfx"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-ynup-8rhy-fbdz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/braces@2.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/183093?format=json","purl":"pkg:npm/braces@2.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2386-f4qn-sbfx"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-ynup-8rhy-fbdz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/braces@2.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/183094?format=json","purl":"pkg:npm/braces@2.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2386-f4qn-sbfx"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-ynup-8rhy-fbdz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/braces@2.0.3"},{"url":"http://public2.vulnerablecode.io/api/packages/183095?format=json","purl":"pkg:npm/braces@2.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2386-f4qn-sbfx"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-ynup-8rhy-fbdz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/braces@2.0.4"},{"url":"http://public2.vulnerablecode.io/api/packages/183096?format=json","purl":"pkg:npm/braces@2.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2386-f4qn-sbfx"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-ynup-8rhy-fbdz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/braces@2.1.0"},{"url":"http://public2.vulnerablecode.io/api/packages/183097?format=json","purl":"pkg:npm/braces@2.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2386-f4qn-sbfx"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-ynup-8rhy-fbdz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/braces@2.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/43179?format=json","purl":"pkg:npm/braces@2.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2386-f4qn-sbfx"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-ynup-8rhy-fbdz"},{"vulnerability":"VCID-zfmv-3d1v-qye6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/braces@2.2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/183098?format=json","purl":"pkg:npm/braces@2.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2386-f4qn-sbfx"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-ynup-8rhy-fbdz"},{"vulnerability":"VCID-zfmv-3d1v-qye6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/braces@2.2.1"},{"url":"http://public2.vulnerablecode.io/api/packages/183099?format=json","purl":"pkg:npm/braces@2.2.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2386-f4qn-sbfx"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-ynup-8rhy-fbdz"},{"vulnerability":"VCID-zfmv-3d1v-qye6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/braces@2.2.2"},{"url":"http://public2.vulnerablecode.io/api/packages/183100?format=json","purl":"pkg:npm/braces@2.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2386-f4qn-sbfx"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-ynup-8rhy-fbdz"},{"vulnerability":"VCID-zfmv-3d1v-qye6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/braces@2.3.0"},{"url":"http://public2.vulnerablecode.io/api/packages/34908?format=json","purl":"pkg:npm/braces@2.3.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mssa-dgz3-w7fh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/braces@2.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/683933?format=json","purl":"pkg:npm/braces@2.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mssa-dgz3-w7fh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/braces@2.3.2"},{"url":"http://public2.vulnerablecode.io/api/packages/683934?format=json","purl":"pkg:npm/braces@3.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mssa-dgz3-w7fh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/braces@3.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/683935?format=json","purl":"pkg:npm/braces@3.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mssa-dgz3-w7fh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/braces@3.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/683936?format=json","purl":"pkg:npm/braces@3.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mssa-dgz3-w7fh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/braces@3.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/93387?format=json","purl":"pkg:rpm/redhat/eap7-hal-console@3.3.24-1.Final_redhat_00001.1?arch=el8eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7rfx-9car-wkcs"},{"vulnerability":"VCID-ftf5-r1db-9qfq"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-rfs8-njaq-qkc8"},{"vulnerability":"VCID-wfmh-pkck-yfb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-hal-console@3.3.24-1.Final_redhat_00001.1%3Farch=el8eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93381?format=json","purl":"pkg:rpm/redhat/eap7-hal-console@3.3.24-1.Final_redhat_00001.1?arch=el7eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7rfx-9car-wkcs"},{"vulnerability":"VCID-ftf5-r1db-9qfq"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-rfs8-njaq-qkc8"},{"vulnerability":"VCID-wfmh-pkck-yfb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-hal-console@3.3.24-1.Final_redhat_00001.1%3Farch=el7eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93375?format=json","purl":"pkg:rpm/redhat/eap7-hal-console@3.3.24-1.Final_redhat_00001.1?arch=el9eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7rfx-9car-wkcs"},{"vulnerability":"VCID-ftf5-r1db-9qfq"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-rfs8-njaq-qkc8"},{"vulnerability":"VCID-wfmh-pkck-yfb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-hal-console@3.3.24-1.Final_redhat_00001.1%3Farch=el9eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93385?format=json","purl":"pkg:rpm/redhat/eap7-hibernate-validator@6.0.23-2.SP1_redhat_00001.1?arch=el8eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7rfx-9car-wkcs"},{"vulnerability":"VCID-ftf5-r1db-9qfq"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-rfs8-njaq-qkc8"},{"vulnerability":"VCID-wfmh-pkck-yfb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-hibernate-validator@6.0.23-2.SP1_redhat_00001.1%3Farch=el8eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93363?format=json","purl":"pkg:rpm/redhat/eap7-hibernate-validator@6.0.23-2.SP1_redhat_00001.1?arch=el9eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7rfx-9car-wkcs"},{"vulnerability":"VCID-ftf5-r1db-9qfq"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-rfs8-njaq-qkc8"},{"vulnerability":"VCID-wfmh-pkck-yfb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-hibernate-validator@6.0.23-2.SP1_redhat_00001.1%3Farch=el9eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93372?format=json","purl":"pkg:rpm/redhat/eap7-hibernate-validator@6.0.23-2.SP1_redhat_00001.1?arch=el7eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7rfx-9car-wkcs"},{"vulnerability":"VCID-ftf5-r1db-9qfq"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-rfs8-njaq-qkc8"},{"vulnerability":"VCID-wfmh-pkck-yfb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-hibernate-validator@6.0.23-2.SP1_redhat_00001.1%3Farch=el7eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93365?format=json","purl":"pkg:rpm/redhat/eap7-insights-java-client@1.1.3-1.redhat_00001.1?arch=el7eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7rfx-9car-wkcs"},{"vulnerability":"VCID-ftf5-r1db-9qfq"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-rfs8-njaq-qkc8"},{"vulnerability":"VCID-wfmh-pkck-yfb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-insights-java-client@1.1.3-1.redhat_00001.1%3Farch=el7eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93370?format=json","purl":"pkg:rpm/redhat/eap7-insights-java-client@1.1.3-1.redhat_00001.1?arch=el8eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7rfx-9car-wkcs"},{"vulnerability":"VCID-ftf5-r1db-9qfq"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-rfs8-njaq-qkc8"},{"vulnerability":"VCID-wfmh-pkck-yfb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-insights-java-client@1.1.3-1.redhat_00001.1%3Farch=el8eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93392?format=json","purl":"pkg:rpm/redhat/eap7-insights-java-client@1.1.3-1.redhat_00001.1?arch=el9eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7rfx-9car-wkcs"},{"vulnerability":"VCID-ftf5-r1db-9qfq"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-rfs8-njaq-qkc8"},{"vulnerability":"VCID-wfmh-pkck-yfb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-insights-java-client@1.1.3-1.redhat_00001.1%3Farch=el9eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93359?format=json","purl":"pkg:rpm/redhat/eap7-ironjacamar@1.5.18-1.Final_redhat_00001.1?arch=el7eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7rfx-9car-wkcs"},{"vulnerability":"VCID-ftf5-r1db-9qfq"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-rfs8-njaq-qkc8"},{"vulnerability":"VCID-wfmh-pkck-yfb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-ironjacamar@1.5.18-1.Final_redhat_00001.1%3Farch=el7eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93384?format=json","purl":"pkg:rpm/redhat/eap7-ironjacamar@1.5.18-1.Final_redhat_00001.1?arch=el8eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7rfx-9car-wkcs"},{"vulnerability":"VCID-ftf5-r1db-9qfq"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-rfs8-njaq-qkc8"},{"vulnerability":"VCID-wfmh-pkck-yfb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-ironjacamar@1.5.18-1.Final_redhat_00001.1%3Farch=el8eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93389?format=json","purl":"pkg:rpm/redhat/eap7-ironjacamar@1.5.18-1.Final_redhat_00001.1?arch=el9eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7rfx-9car-wkcs"},{"vulnerability":"VCID-ftf5-r1db-9qfq"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-rfs8-njaq-qkc8"},{"vulnerability":"VCID-wfmh-pkck-yfb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-ironjacamar@1.5.18-1.Final_redhat_00001.1%3Farch=el9eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93357?format=json","purl":"pkg:rpm/redhat/eap7-jboss-cert-helper@1.1.3-1.redhat_00001.1?arch=el8eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7rfx-9car-wkcs"},{"vulnerability":"VCID-ftf5-r1db-9qfq"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-rfs8-njaq-qkc8"},{"vulnerability":"VCID-wfmh-pkck-yfb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-cert-helper@1.1.3-1.redhat_00001.1%3Farch=el8eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93380?format=json","purl":"pkg:rpm/redhat/eap7-jboss-cert-helper@1.1.3-1.redhat_00001.1?arch=el7eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7rfx-9car-wkcs"},{"vulnerability":"VCID-ftf5-r1db-9qfq"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-rfs8-njaq-qkc8"},{"vulnerability":"VCID-wfmh-pkck-yfb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-cert-helper@1.1.3-1.redhat_00001.1%3Farch=el7eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93368?format=json","purl":"pkg:rpm/redhat/eap7-jboss-cert-helper@1.1.3-1.redhat_00001.1?arch=el9eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7rfx-9car-wkcs"},{"vulnerability":"VCID-ftf5-r1db-9qfq"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-rfs8-njaq-qkc8"},{"vulnerability":"VCID-wfmh-pkck-yfb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-cert-helper@1.1.3-1.redhat_00001.1%3Farch=el9eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93388?format=json","purl":"pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.55-1.Final_redhat_00001.1?arch=el9eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7rfx-9car-wkcs"},{"vulnerability":"VCID-ftf5-r1db-9qfq"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-rfs8-njaq-qkc8"},{"vulnerability":"VCID-wfmh-pkck-yfb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.55-1.Final_redhat_00001.1%3Farch=el9eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93376?format=json","purl":"pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.55-1.Final_redhat_00001.1?arch=el8eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7rfx-9car-wkcs"},{"vulnerability":"VCID-ftf5-r1db-9qfq"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-rfs8-njaq-qkc8"},{"vulnerability":"VCID-wfmh-pkck-yfb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.55-1.Final_redhat_00001.1%3Farch=el8eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93360?format=json","purl":"pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.55-1.Final_redhat_00001.1?arch=el7eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7rfx-9car-wkcs"},{"vulnerability":"VCID-ftf5-r1db-9qfq"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-rfs8-njaq-qkc8"},{"vulnerability":"VCID-wfmh-pkck-yfb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.55-1.Final_redhat_00001.1%3Farch=el7eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93377?format=json","purl":"pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-39.Final_redhat_00039.1?arch=el9eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7rfx-9car-wkcs"},{"vulnerability":"VCID-ftf5-r1db-9qfq"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-rfs8-njaq-qkc8"},{"vulnerability":"VCID-wfmh-pkck-yfb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-39.Final_redhat_00039.1%3Farch=el9eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93373?format=json","purl":"pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-39.Final_redhat_00039.1?arch=el8eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7rfx-9car-wkcs"},{"vulnerability":"VCID-ftf5-r1db-9qfq"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-rfs8-njaq-qkc8"},{"vulnerability":"VCID-wfmh-pkck-yfb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-39.Final_redhat_00039.1%3Farch=el8eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93386?format=json","purl":"pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-39.Final_redhat_00039.1?arch=el7eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7rfx-9car-wkcs"},{"vulnerability":"VCID-ftf5-r1db-9qfq"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-rfs8-njaq-qkc8"},{"vulnerability":"VCID-wfmh-pkck-yfb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-39.Final_redhat_00039.1%3Farch=el7eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93374?format=json","purl":"pkg:rpm/redhat/eap7-jbossws-cxf@5.4.12-1.Final_redhat_00001.1?arch=el9eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7rfx-9car-wkcs"},{"vulnerability":"VCID-ftf5-r1db-9qfq"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-rfs8-njaq-qkc8"},{"vulnerability":"VCID-wfmh-pkck-yfb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jbossws-cxf@5.4.12-1.Final_redhat_00001.1%3Farch=el9eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93358?format=json","purl":"pkg:rpm/redhat/eap7-jbossws-cxf@5.4.12-1.Final_redhat_00001.1?arch=el8eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7rfx-9car-wkcs"},{"vulnerability":"VCID-ftf5-r1db-9qfq"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-rfs8-njaq-qkc8"},{"vulnerability":"VCID-wfmh-pkck-yfb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jbossws-cxf@5.4.12-1.Final_redhat_00001.1%3Farch=el8eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93382?format=json","purl":"pkg:rpm/redhat/eap7-jbossws-cxf@5.4.12-1.Final_redhat_00001.1?arch=el7eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7rfx-9car-wkcs"},{"vulnerability":"VCID-ftf5-r1db-9qfq"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-rfs8-njaq-qkc8"},{"vulnerability":"VCID-wfmh-pkck-yfb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jbossws-cxf@5.4.12-1.Final_redhat_00001.1%3Farch=el7eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93367?format=json","purl":"pkg:rpm/redhat/eap7-jsoup@1.15.4-1.redhat_00003.1?arch=el8eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7rfx-9car-wkcs"},{"vulnerability":"VCID-ftf5-r1db-9qfq"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-rfs8-njaq-qkc8"},{"vulnerability":"VCID-wfmh-pkck-yfb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jsoup@1.15.4-1.redhat_00003.1%3Farch=el8eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93390?format=json","purl":"pkg:rpm/redhat/eap7-jsoup@1.15.4-1.redhat_00003.1?arch=el9eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7rfx-9car-wkcs"},{"vulnerability":"VCID-ftf5-r1db-9qfq"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-rfs8-njaq-qkc8"},{"vulnerability":"VCID-wfmh-pkck-yfb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jsoup@1.15.4-1.redhat_00003.1%3Farch=el9eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93362?format=json","purl":"pkg:rpm/redhat/eap7-jsoup@1.15.4-1.redhat_00003.1?arch=el7eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7rfx-9car-wkcs"},{"vulnerability":"VCID-ftf5-r1db-9qfq"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-rfs8-njaq-qkc8"},{"vulnerability":"VCID-wfmh-pkck-yfb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jsoup@1.15.4-1.redhat_00003.1%3Farch=el7eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93379?format=json","purl":"pkg:rpm/redhat/eap7-undertow-jastow@2.0.15-1.Final_redhat_00001.1?arch=el7eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7rfx-9car-wkcs"},{"vulnerability":"VCID-ftf5-r1db-9qfq"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-rfs8-njaq-qkc8"},{"vulnerability":"VCID-wfmh-pkck-yfb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow-jastow@2.0.15-1.Final_redhat_00001.1%3Farch=el7eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93366?format=json","purl":"pkg:rpm/redhat/eap7-undertow-jastow@2.0.15-1.Final_redhat_00001.1?arch=el8eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7rfx-9car-wkcs"},{"vulnerability":"VCID-ftf5-r1db-9qfq"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-rfs8-njaq-qkc8"},{"vulnerability":"VCID-wfmh-pkck-yfb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow-jastow@2.0.15-1.Final_redhat_00001.1%3Farch=el8eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93371?format=json","purl":"pkg:rpm/redhat/eap7-undertow-jastow@2.0.15-1.Final_redhat_00001.1?arch=el9eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7rfx-9car-wkcs"},{"vulnerability":"VCID-ftf5-r1db-9qfq"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-rfs8-njaq-qkc8"},{"vulnerability":"VCID-wfmh-pkck-yfb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow-jastow@2.0.15-1.Final_redhat_00001.1%3Farch=el9eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93361?format=json","purl":"pkg:rpm/redhat/eap7-wildfly@7.4.19-1.GA_redhat_00002.1?arch=el8eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7rfx-9car-wkcs"},{"vulnerability":"VCID-ftf5-r1db-9qfq"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-rfs8-njaq-qkc8"},{"vulnerability":"VCID-wfmh-pkck-yfb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly@7.4.19-1.GA_redhat_00002.1%3Farch=el8eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93391?format=json","purl":"pkg:rpm/redhat/eap7-wildfly@7.4.19-1.GA_redhat_00002.1?arch=el7eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7rfx-9car-wkcs"},{"vulnerability":"VCID-ftf5-r1db-9qfq"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-rfs8-njaq-qkc8"},{"vulnerability":"VCID-wfmh-pkck-yfb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly@7.4.19-1.GA_redhat_00002.1%3Farch=el7eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93383?format=json","purl":"pkg:rpm/redhat/eap7-wildfly@7.4.19-1.GA_redhat_00002.1?arch=el9eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7rfx-9car-wkcs"},{"vulnerability":"VCID-ftf5-r1db-9qfq"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-rfs8-njaq-qkc8"},{"vulnerability":"VCID-wfmh-pkck-yfb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly@7.4.19-1.GA_redhat_00002.1%3Farch=el9eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93378?format=json","purl":"pkg:rpm/redhat/eap7-xalan-j2@2.7.1-37.redhat_00015.1?arch=el9eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7rfx-9car-wkcs"},{"vulnerability":"VCID-ftf5-r1db-9qfq"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-rfs8-njaq-qkc8"},{"vulnerability":"VCID-wfmh-pkck-yfb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-xalan-j2@2.7.1-37.redhat_00015.1%3Farch=el9eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93364?format=json","purl":"pkg:rpm/redhat/eap7-xalan-j2@2.7.1-37.redhat_00015.1?arch=el8eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7rfx-9car-wkcs"},{"vulnerability":"VCID-ftf5-r1db-9qfq"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-rfs8-njaq-qkc8"},{"vulnerability":"VCID-wfmh-pkck-yfb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-xalan-j2@2.7.1-37.redhat_00015.1%3Farch=el8eap"},{"url":"http://public2.vulnerablecode.io/api/packages/93369?format=json","purl":"pkg:rpm/redhat/eap7-xalan-j2@2.7.1-37.redhat_00015.1?arch=el7eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7rfx-9car-wkcs"},{"vulnerability":"VCID-ftf5-r1db-9qfq"},{"vulnerability":"VCID-mssa-dgz3-w7fh"},{"vulnerability":"VCID-rfs8-njaq-qkc8"},{"vulnerability":"VCID-wfmh-pkck-yfb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-xalan-j2@2.7.1-37.redhat_00015.1%3Farch=el7eap"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4068.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4068.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-4068","reference_id":"","reference_type":"","scores":[{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42164","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42247","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42252","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42318","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.45017","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.44951","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.45186","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.45078","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.45004","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.44977","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.45035","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.45194","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.45226","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.45205","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.45151","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.45209","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.45242","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.45248","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.45196","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-4068"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4068","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4068"},{"reference_url":"https://devhub.checkmarx.com/cve-details/CVE-2024-4068","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://devhub.checkmarx.com/cve-details/CVE-2024-4068"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/micromatch/braces","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/micromatch/braces"},{"reference_url":"https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308"},{"reference_url":"https://github.com/micromatch/braces/commit/415d660c3002d1ab7e63dbf490c9851da80596ff","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-13T11:10:08Z/"}],"url":"https://github.com/micromatch/braces/commit/415d660c3002d1ab7e63dbf490c9851da80596ff"},{"reference_url":"https://github.com/micromatch/braces/issues/35","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-13T11:10:08Z/"}],"url":"https://github.com/micromatch/braces/issues/35"},{"reference_url":"https://github.com/micromatch/braces/pull/37","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-13T11:10:08Z/"}],"url":"https://github.com/micromatch/braces/pull/37"},{"reference_url":"https://github.com/micromatch/braces/pull/40","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-13T11:10:08Z/"}],"url":"https://github.com/micromatch/braces/pull/40"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-4068","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-4068"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071632","reference_id":"1071632","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071632"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280600","reference_id":"2280600","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280600"},{"reference_url":"https://devhub.checkmarx.com/cve-details/CVE-2024-4068/","reference_id":"CVE-2024-4068","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-13T11:10:08Z/"}],"url":"https://devhub.checkmarx.com/cve-details/CVE-2024-4068/"},{"reference_url":"https://github.com/advisories/GHSA-grv7-fg5c-xmjg","reference_id":"GHSA-grv7-fg5c-xmjg","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-grv7-fg5c-xmjg"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4464","reference_id":"RHSA-2024:4464","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4464"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6211","reference_id":"RHSA-2024:6211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6211"}],"weaknesses":[{"cwe_id":1050,"name":"Excessive Platform Resource Consumption within a Loop","description":"The product has a loop body or loop condition that contains a control element that directly or indirectly consumes platform resources, e.g. messaging, sessions, locks, or file descriptors."},{"cwe_id":400,"name":"Uncontrolled Resource Consumption","description":"The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources."}],"exploits":[],"severity_range_score":"7.0 - 8.9","exploitability":"0.5","weighted_severity":"8.0","risk_score":4.0,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mssa-dgz3-w7fh"}