Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/20632?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/20632?format=api", "vulnerability_id": "VCID-kk1t-t63f-rqg2", "summary": "Undertow HTTP server core doesn't properly validate the Host header in incoming HTTP requests\nA flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Java applications. The Undertow library fails to properly validate the Host header in incoming HTTP requests. As a result, requests containing malformed or malicious Host headers are processed without rejection, enabling attackers to poison caches, perform internal network scans, or hijack user sessions.", "aliases": [ { "alias": "CVE-2025-12543" }, { "alias": "GHSA-j382-5jj3-vw4j" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/62126?format=api", "purl": "pkg:maven/io.undertow/undertow-core@2.2.39.Final", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5585-a76n-zubf" }, { "vulnerability": "VCID-tc7q-5xss-nyfh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/io.undertow/undertow-core@2.2.39.Final" }, { "url": "http://public2.vulnerablecode.io/api/packages/62132?format=api", "purl": "pkg:maven/io.undertow/undertow-core@2.3.21.Final", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-tc7q-5xss-nyfh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/io.undertow/undertow-core@2.3.21.Final" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/62495?format=api", "purl": "pkg:maven/io.undertow/undertow-core@2.3.0.Alpha1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vrj-chs2-d3ab" }, { "vulnerability": "VCID-2cv5-9v62-kfbm" }, { "vulnerability": "VCID-5585-a76n-zubf" }, { "vulnerability": "VCID-brsa-ygcs-wudx" }, { "vulnerability": "VCID-bsd5-k44s-buhu" }, { "vulnerability": "VCID-d3ty-z2dg-vka1" }, { "vulnerability": "VCID-df16-86dz-nfc9" }, { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" }, { "vulnerability": "VCID-tc7q-5xss-nyfh" }, { "vulnerability": "VCID-whcc-r17q-gffx" }, { "vulnerability": "VCID-xftw-raz7-b7e1" }, { "vulnerability": "VCID-xme8-usmd-vqg3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/io.undertow/undertow-core@2.3.0.Alpha1" }, { "url": "http://public2.vulnerablecode.io/api/packages/62129?format=api", "purl": "pkg:maven/io.undertow/undertow-core@2.4.0.Alpha1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-tc7q-5xss-nyfh" }, { "vulnerability": "VCID-whcc-r17q-gffx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/io.undertow/undertow-core@2.4.0.Alpha1" }, { "url": "http://public2.vulnerablecode.io/api/packages/87487?format=api", "purl": "pkg:rpm/redhat/eap7-undertow@2.2.39-1.Final_redhat_00001.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow@2.2.39-1.Final_redhat_00001.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/87505?format=api", "purl": "pkg:rpm/redhat/eap7-undertow@2.2.39-1.Final_redhat_00001.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow@2.2.39-1.Final_redhat_00001.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/87486?format=api", "purl": "pkg:rpm/redhat/eap7-undertow@2.2.39-1.Final_redhat_00001.1?arch=el9eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow@2.2.39-1.Final_redhat_00001.1%3Farch=el9eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/87370?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly@7.4.24-4.GA_redhat_00002.1?arch=el9eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4rvj-nz7h-m7ek" }, { "vulnerability": "VCID-8p2e-63th-gqge" }, { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" }, { "vulnerability": "VCID-pwnn-qx48-ykae" }, { "vulnerability": "VCID-qh9g-f6d2-zkeg" }, { "vulnerability": "VCID-qqu7-yqc6-rqab" }, { "vulnerability": "VCID-wnc6-kzv8-3qen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly@7.4.24-4.GA_redhat_00002.1%3Farch=el9eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/87372?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly@7.4.24-4.GA_redhat_00002.1?arch=el7eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4rvj-nz7h-m7ek" }, { "vulnerability": "VCID-8p2e-63th-gqge" }, { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" }, { "vulnerability": "VCID-pwnn-qx48-ykae" }, { "vulnerability": "VCID-qh9g-f6d2-zkeg" }, { "vulnerability": "VCID-qqu7-yqc6-rqab" }, { "vulnerability": "VCID-wnc6-kzv8-3qen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly@7.4.24-4.GA_redhat_00002.1%3Farch=el7eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/87373?format=api", "purl": "pkg:rpm/redhat/eap7-wildfly@7.4.24-4.GA_redhat_00002.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4rvj-nz7h-m7ek" }, { "vulnerability": "VCID-8p2e-63th-gqge" }, { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" }, { "vulnerability": "VCID-pwnn-qx48-ykae" }, { "vulnerability": "VCID-qh9g-f6d2-zkeg" }, { "vulnerability": "VCID-qqu7-yqc6-rqab" }, { "vulnerability": "VCID-wnc6-kzv8-3qen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly@7.4.24-4.GA_redhat_00002.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/87492?format=api", "purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.10-1.redhat_00001.1?arch=el9eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap8-apache-cxf@4.0.10-1.redhat_00001.1%3Farch=el9eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/87469?format=api", "purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.10-1.redhat_00001.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap8-apache-cxf@4.0.10-1.redhat_00001.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/87491?format=api", "purl": "pkg:rpm/redhat/eap8-bouncycastle@1.82.0-1.redhat_00001.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" }, { "vulnerability": "VCID-qh9g-f6d2-zkeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap8-bouncycastle@1.82.0-1.redhat_00001.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/87471?format=api", "purl": "pkg:rpm/redhat/eap8-bouncycastle@1.82.0-1.redhat_00001.1?arch=el9eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" }, { "vulnerability": "VCID-qh9g-f6d2-zkeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap8-bouncycastle@1.82.0-1.redhat_00001.1%3Farch=el9eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/87502?format=api", "purl": "pkg:rpm/redhat/eap8-bouncycastle@1.83.0-1.redhat_00001.1?arch=el9eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap8-bouncycastle@1.83.0-1.redhat_00001.1%3Farch=el9eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/87482?format=api", "purl": "pkg:rpm/redhat/eap8-bouncycastle@1.83.0-1.redhat_00001.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap8-bouncycastle@1.83.0-1.redhat_00001.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/87484?format=api", "purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@801.3.0-1.GA_redhat_00001.1?arch=el9eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap8-eap-product-conf-parent@801.3.0-1.GA_redhat_00001.1%3Farch=el9eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/87503?format=api", "purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@801.3.0-1.GA_redhat_00001.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap8-eap-product-conf-parent@801.3.0-1.GA_redhat_00001.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/87478?format=api", "purl": "pkg:rpm/redhat/eap8-eventstream@1.0.1-3.redhat_00003.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap8-eventstream@1.0.1-3.redhat_00003.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/87499?format=api", "purl": "pkg:rpm/redhat/eap8-eventstream@1.0.1-3.redhat_00003.1?arch=el9eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap8-eventstream@1.0.1-3.redhat_00003.1%3Farch=el9eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/87504?format=api", "purl": "pkg:rpm/redhat/eap8-guava-libraries@33.0.0-2.jre_redhat_00003.1?arch=el9eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap8-guava-libraries@33.0.0-2.jre_redhat_00003.1%3Farch=el9eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/87485?format=api", "purl": "pkg:rpm/redhat/eap8-guava-libraries@33.0.0-2.jre_redhat_00003.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap8-guava-libraries@33.0.0-2.jre_redhat_00003.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/87483?format=api", "purl": "pkg:rpm/redhat/eap8-hibernate@6.6.36-1.Final_redhat_00001.1?arch=el9eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap8-hibernate@6.6.36-1.Final_redhat_00001.1%3Farch=el9eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/87501?format=api", "purl": "pkg:rpm/redhat/eap8-hibernate@6.6.36-1.Final_redhat_00001.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap8-hibernate@6.6.36-1.Final_redhat_00001.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/87490?format=api", "purl": "pkg:rpm/redhat/eap8-jaxb@4.0.6-1.redhat_00001.1?arch=el9eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap8-jaxb@4.0.6-1.redhat_00001.1%3Farch=el9eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/87472?format=api", "purl": "pkg:rpm/redhat/eap8-jaxb@4.0.6-1.redhat_00001.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap8-jaxb@4.0.6-1.redhat_00001.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/87498?format=api", "purl": "pkg:rpm/redhat/eap8-jboss-el-api_5.0_spec@4.0.2-1.Final_redhat_00001.1?arch=el9eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" }, { "vulnerability": "VCID-qh9g-f6d2-zkeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap8-jboss-el-api_5.0_spec@4.0.2-1.Final_redhat_00001.1%3Farch=el9eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/87475?format=api", "purl": "pkg:rpm/redhat/eap8-jboss-el-api_5.0_spec@4.0.2-1.Final_redhat_00001.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" }, { "vulnerability": "VCID-qh9g-f6d2-zkeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap8-jboss-el-api_5.0_spec@4.0.2-1.Final_redhat_00001.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/87479?format=api", "purl": "pkg:rpm/redhat/eap8-jboss-threads@2.5.0-1.redhat_00001.1?arch=el9eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap8-jboss-threads@2.5.0-1.redhat_00001.1%3Farch=el9eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/87497?format=api", "purl": "pkg:rpm/redhat/eap8-jboss-threads@2.5.0-1.redhat_00001.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap8-jboss-threads@2.5.0-1.redhat_00001.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/87500?format=api", "purl": "pkg:rpm/redhat/eap8-jcip-annotations@1.0.0-3.redhat_00009.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap8-jcip-annotations@1.0.0-3.redhat_00009.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/87481?format=api", "purl": "pkg:rpm/redhat/eap8-jcip-annotations@1.0.0-3.redhat_00009.1?arch=el9eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap8-jcip-annotations@1.0.0-3.redhat_00009.1%3Farch=el9eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/87496?format=api", "purl": "pkg:rpm/redhat/eap8-slf4j-jboss-logmanager@2.0.2-1.Final_redhat_00001.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap8-slf4j-jboss-logmanager@2.0.2-1.Final_redhat_00001.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/87480?format=api", "purl": "pkg:rpm/redhat/eap8-slf4j-jboss-logmanager@2.0.2-1.Final_redhat_00001.1?arch=el9eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap8-slf4j-jboss-logmanager@2.0.2-1.Final_redhat_00001.1%3Farch=el9eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/87488?format=api", "purl": "pkg:rpm/redhat/eap8-undertow@2.3.20-2.SP4_redhat_00001.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap8-undertow@2.3.20-2.SP4_redhat_00001.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/87468?format=api", "purl": "pkg:rpm/redhat/eap8-undertow@2.3.20-2.SP4_redhat_00001.1?arch=el9eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap8-undertow@2.3.20-2.SP4_redhat_00001.1%3Farch=el9eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/87477?format=api", "purl": "pkg:rpm/redhat/eap8-undertow@2.3.23-1.SP3_redhat_00001.1?arch=el9eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap8-undertow@2.3.23-1.SP3_redhat_00001.1%3Farch=el9eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/87474?format=api", "purl": "pkg:rpm/redhat/eap8-undertow@2.3.23-1.SP3_redhat_00001.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap8-undertow@2.3.23-1.SP3_redhat_00001.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/87489?format=api", "purl": "pkg:rpm/redhat/eap8-wildfly@8.1.3-4.GA_redhat_00006.1?arch=el9eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap8-wildfly@8.1.3-4.GA_redhat_00006.1%3Farch=el9eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/87467?format=api", "purl": "pkg:rpm/redhat/eap8-wildfly@8.1.3-4.GA_redhat_00006.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap8-wildfly@8.1.3-4.GA_redhat_00006.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/87494?format=api", "purl": "pkg:rpm/redhat/eap8-wildfly-clustering@5.0.12-1.Final_redhat_00001.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap8-wildfly-clustering@5.0.12-1.Final_redhat_00001.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/87470?format=api", "purl": "pkg:rpm/redhat/eap8-wildfly-clustering@5.0.12-1.Final_redhat_00001.1?arch=el9eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap8-wildfly-clustering@5.0.12-1.Final_redhat_00001.1%3Farch=el9eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/87473?format=api", "purl": "pkg:rpm/redhat/eap8-wildfly-elytron@2.6.6-1.Final_redhat_00001.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap8-wildfly-elytron@2.6.6-1.Final_redhat_00001.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/87493?format=api", "purl": "pkg:rpm/redhat/eap8-wildfly-elytron@2.6.6-1.Final_redhat_00001.1?arch=el9eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap8-wildfly-elytron@2.6.6-1.Final_redhat_00001.1%3Farch=el9eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/87476?format=api", "purl": "pkg:rpm/redhat/eap8-wildfly-javadocs@8.1.1-4.GA_redhat_00007.1?arch=el8eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap8-wildfly-javadocs@8.1.1-4.GA_redhat_00007.1%3Farch=el8eap" }, { "url": "http://public2.vulnerablecode.io/api/packages/87495?format=api", "purl": "pkg:rpm/redhat/eap8-wildfly-javadocs@8.1.1-4.GA_redhat_00007.1?arch=el9eap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-huxp-ctsp-fqay" }, { "vulnerability": "VCID-kk1t-t63f-rqg2" }, { "vulnerability": "VCID-ns3p-22xg-q3bz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap8-wildfly-javadocs@8.1.1-4.GA_redhat_00007.1%3Farch=el9eap" } ], "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0383", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-08T04:55:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0383" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0384", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-08T04:55:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0384" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0386", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-08T04:55:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0386" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3889", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-08T04:55:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:3889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3890", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-08T04:55:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:3890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3891", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-08T04:55:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:3891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3892", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-08T04:55:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:3892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4915", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-08T04:55:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:4915" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4916", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-08T04:55:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:4916" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4917", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-08T04:55:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:4917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4924", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-08T04:55:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:4924" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12543.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12543.json" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-12543", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-08T04:55:25Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-12543" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12543", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11777", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12346", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12441", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12408", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12298", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.1221", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14112", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14882", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14684", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14774", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14835", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14794", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14757", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14701", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14595", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14602", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15577", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15671", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15596", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15555", "published_at": "2026-05-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12543" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2408784", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-08T04:55:25Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2408784" }, { "reference_url": "https://github.com/undertow-io/undertow", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/undertow-io/undertow" }, { "reference_url": "https://github.com/undertow-io/undertow/pull/1857", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/undertow-io/undertow/pull/1857" }, { "reference_url": "https://github.com/undertow-io/undertow/pull/1860", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/undertow-io/undertow/pull/1860" }, { "reference_url": "https://github.com/undertow-io/undertow/releases/tag/2.2.39.Final", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/undertow-io/undertow/releases/tag/2.2.39.Final" }, { "reference_url": "https://github.com/undertow-io/undertow/releases/tag/2.3.21.Final", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/undertow-io/undertow/releases/tag/2.3.21.Final" }, { "reference_url": "https://issues.redhat.com/browse/UNDERTOW-2656", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://issues.redhat.com/browse/UNDERTOW-2656" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12543", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12543" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125059", "reference_id": "1125059", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125059" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:apache_camel_hawtio:4", "reference_id": "cpe:/a:redhat:apache_camel_hawtio:4", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:apache_camel_hawtio:4" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:apache_camel_spring_boot:4.14", "reference_id": "cpe:/a:redhat:apache_camel_spring_boot:4.14", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:apache_camel_spring_boot:4.14" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_grid:8", "reference_id": "cpe:/a:redhat:jboss_data_grid:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_grid:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jbosseapxp", "reference_id": "cpe:/a:redhat:jbosseapxp", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jbosseapxp" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7", "reference_id": "cpe:/a:redhat:jboss_enterprise_application_platform:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4", "reference_id": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "reference_id": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "reference_id": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8", "reference_id": "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9", "reference_id": "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform_els:7.4::el7", "reference_id": "cpe:/a:redhat:jboss_enterprise_application_platform_els:7.4::el7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform_els:7.4::el7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform_els:7.4::el8", "reference_id": "cpe:/a:redhat:jboss_enterprise_application_platform_els:7.4::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform_els:7.4::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform_els:7.4::el9", "reference_id": "cpe:/a:redhat:jboss_enterprise_application_platform_els:7.4::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform_els:7.4::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_bpms_platform:7", "reference_id": "cpe:/a:redhat:jboss_enterprise_bpms_platform:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_bpms_platform:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_fuse:7", "reference_id": "cpe:/a:redhat:jboss_fuse:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_fuse:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7", "reference_id": "cpe:/a:redhat:red_hat_single_sign_on:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://github.com/advisories/GHSA-j382-5jj3-vw4j", "reference_id": "GHSA-j382-5jj3-vw4j", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-j382-5jj3-vw4j" }, { "reference_url": "https://usn.ubuntu.com/8144-1/", "reference_id": "USN-8144-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8144-1/" } ], "weaknesses": [ { "cwe_id": 20, "name": "Improper Input Validation", "description": "The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." } ], "exploits": [], "severity_range_score": "9.0 - 10.0", "exploitability": "0.5", "weighted_severity": "9.0", "risk_score": 4.5, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kk1t-t63f-rqg2" }