Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/33495?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33495?format=api", "vulnerability_id": "VCID-2t1b-135u-euem", "summary": "XStream can be used for Remote Code Execution\n### Impact\nThe vulnerability may allow a remote attacker to run arbitrary shell commands only by manipulating the processed input stream.\n\n### Patches\nIf you rely on XStream's default blacklist of the [Security Framework](https://x-stream.github.io/security.html#framework), you will have to use at least version 1.4.14.\n\n### Workarounds\nNo user is affected, who followed the recommendation to setup XStream's Security Framework with a whitelist! Anyone relying on XStream's default blacklist can immediately switch to a whilelist for the allowed types to avoid the vulnerability.\n\nUsers of XStream 1.4.13 or below who still want to use XStream default blacklist can use a workaround depending on their version in use.\n\nUsers of XStream 1.4.13 can simply add two lines to XStream's setup code:\n```Java\nxstream.denyTypes(new String[]{ \"javax.imageio.ImageIO$ContainsFilter\" });\nxstream.denyTypes(new Class[]{ java.lang.ProcessBuilder.class });\n```\nUsers of XStream 1.4.12 to 1.4.7 who want to use XStream with a black list will have to setup such a list from scratch and deny at least the following types: _javax.imageio.ImageIO$ContainsFilter_, _java.beans.EventHandler_, _java.lang.ProcessBuilder_, _java.lang.Void_ and _void_.\n```Java\nxstream.denyTypes(new String[]{ \"javax.imageio.ImageIO$ContainsFilter\" });\nxstream.denyTypes(new Class[]{ java.lang.ProcessBuilder.class, java.beans.EventHandler.class, java.lang.ProcessBuilder.class, java.lang.Void.class, void.class });\n```\nUsers of XStream 1.4.6 or below can register an own converter to prevent the unmarshalling of the currently know critical types of the Java runtime. It is in fact an updated version of the workaround for CVE-2013-7285:\n```Java\nxstream.registerConverter(new Converter() {\n public boolean canConvert(Class type) {\n return type != null && (type == java.beans.EventHandler.class || type == java.lang.ProcessBuilder.class || type == java.lang.Void.class || void.class || type.getName().equals(\"javax.imageio.ImageIO$ContainsFilter\") || Proxy.isProxy(type));\n }\n\n public Object unmarshal(HierarchicalStreamReader reader, UnmarshallingContext context) {\n throw new ConversionException(\"Unsupported type due to security reasons.\");\n }\n\n public void marshal(Object source, HierarchicalStreamWriter writer, MarshallingContext context) {\n throw new ConversionException(\"Unsupported type due to security reasons.\");\n }\n}, XStream.PRIORITY_LOW);\n```\n\n### Credits\nChen L found and reported the issue to XStream and provided the required information to reproduce it. He was supported by Zhihong Tian and Hui Lu, both from Guangzhou University.\n\n### References\nSee full information about the nature of the vulnerability and the steps to reproduce it in XStream's documentation for [CVE-2020-26217](https://x-stream.github.io/CVE-2020-26217.html).\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [XStream](https://github.com/x-stream/xstream/issues)\n* Contact us at [XStream Google Group](https://groups.google.com/group/xstream-user)", "aliases": [ { "alias": "CVE-2020-26217" }, { "alias": "GHSA-mw36-7c6c-q4q2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037864?format=api", "purl": "pkg:deb/debian/libxstream-java@1.4.11.1-1%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12bx-r37t-3ygm" }, { "vulnerability": "VCID-2t1b-135u-euem" }, { "vulnerability": "VCID-6mz4-fu3s-vycx" }, { "vulnerability": "VCID-7ma6-2uv1-sbef" }, { "vulnerability": "VCID-8gha-n6ke-nucu" }, { "vulnerability": "VCID-9442-1vwr-5fbt" }, { "vulnerability": "VCID-c5tu-31kw-mfcf" }, { "vulnerability": "VCID-dxpe-qmxq-ykax" }, { "vulnerability": "VCID-eeye-wfxf-x7cc" }, { "vulnerability": "VCID-f779-wcjk-kfc1" }, { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-hsja-ryzy-7bbx" }, { "vulnerability": "VCID-na6t-mkxt-3qbw" }, { "vulnerability": "VCID-npjx-vkrd-9bae" }, { "vulnerability": "VCID-nrf7-heu6-vfdc" }, { "vulnerability": "VCID-qh44-75jb-wbhf" }, { "vulnerability": "VCID-qvbb-jhkk-2udw" }, { "vulnerability": "VCID-qwp5-wae9-cffb" }, { "vulnerability": "VCID-re5g-6kjz-q7e8" }, { "vulnerability": "VCID-rfc1-r1gr-wffp" }, { "vulnerability": "VCID-sqb5-brnu-vfbk" }, { "vulnerability": "VCID-u5yy-xx6z-dfh6" }, { "vulnerability": "VCID-v7za-zjfx-mqek" }, { "vulnerability": "VCID-vn1d-9uf5-gbce" }, { "vulnerability": "VCID-vpxs-6wcf-ckh9" }, { "vulnerability": "VCID-wehr-d623-akaj" }, { "vulnerability": "VCID-xdpy-sx55-b3ac" }, { "vulnerability": "VCID-xsr8-3cke-33ck" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" }, { "vulnerability": "VCID-yuwe-6pp1-bke2" }, { "vulnerability": "VCID-zm9c-xw64-5qcc" }, { "vulnerability": "VCID-zmh2-t17w-wue1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxstream-java@1.4.11.1-1%252Bdeb10u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/929321?format=api", "purl": "pkg:deb/debian/libxstream-java@1.4.14-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxstream-java@1.4.14-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049293?format=api", "purl": "pkg:deb/debian/libxstream-java@1.4.15-3%2Bdeb11u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxstream-java@1.4.15-3%252Bdeb11u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/929316?format=api", "purl": "pkg:deb/debian/libxstream-java@1.4.15-3%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxstream-java@1.4.15-3%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/929314?format=api", "purl": "pkg:deb/debian/libxstream-java@1.4.20-1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxstream-java@1.4.20-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/929317?format=api", "purl": "pkg:deb/debian/libxstream-java@1.4.21-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxstream-java@1.4.21-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/73278?format=api", "purl": "pkg:maven/com.thoughtworks.xstream/xstream@1.4.14-java7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12bx-r37t-3ygm" }, { "vulnerability": "VCID-6mz4-fu3s-vycx" }, { "vulnerability": "VCID-7ma6-2uv1-sbef" }, { "vulnerability": "VCID-8gha-n6ke-nucu" }, { "vulnerability": "VCID-9442-1vwr-5fbt" }, { "vulnerability": "VCID-c5tu-31kw-mfcf" }, { "vulnerability": "VCID-dxpe-qmxq-ykax" }, { "vulnerability": "VCID-eeye-wfxf-x7cc" }, { "vulnerability": "VCID-exrn-u19r-wfd8" }, { "vulnerability": "VCID-f779-wcjk-kfc1" }, { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-hqzr-vc5w-9ff5" }, { "vulnerability": "VCID-hsja-ryzy-7bbx" }, { "vulnerability": "VCID-mfub-hwcq-pqbt" }, { "vulnerability": "VCID-na6t-mkxt-3qbw" }, { "vulnerability": "VCID-npjx-vkrd-9bae" }, { "vulnerability": "VCID-nrf7-heu6-vfdc" }, { "vulnerability": "VCID-qh44-75jb-wbhf" }, { "vulnerability": "VCID-qvbb-jhkk-2udw" }, { "vulnerability": "VCID-qwp5-wae9-cffb" }, { "vulnerability": "VCID-re5g-6kjz-q7e8" }, { "vulnerability": "VCID-rfc1-r1gr-wffp" }, { "vulnerability": "VCID-sqb5-brnu-vfbk" }, { "vulnerability": "VCID-u5yy-xx6z-dfh6" }, { "vulnerability": "VCID-v7za-zjfx-mqek" }, { "vulnerability": "VCID-vn1d-9uf5-gbce" }, { "vulnerability": "VCID-vpxs-6wcf-ckh9" }, { "vulnerability": "VCID-wehr-d623-akaj" }, { "vulnerability": "VCID-xdpy-sx55-b3ac" }, { "vulnerability": "VCID-xsr8-3cke-33ck" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" }, { "vulnerability": "VCID-yuwe-6pp1-bke2" }, { "vulnerability": "VCID-zm9c-xw64-5qcc" }, { "vulnerability": "VCID-zmh2-t17w-wue1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.thoughtworks.xstream/xstream@1.4.14-java7" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035876?format=api", "purl": "pkg:deb/debian/libxstream-java@1.3-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12bx-r37t-3ygm" }, { "vulnerability": "VCID-2t1b-135u-euem" }, { "vulnerability": "VCID-6mz4-fu3s-vycx" }, { "vulnerability": "VCID-7ma6-2uv1-sbef" }, { "vulnerability": "VCID-8gha-n6ke-nucu" }, { "vulnerability": "VCID-9442-1vwr-5fbt" }, { "vulnerability": "VCID-bdv1-cuyk-sqc1" }, { "vulnerability": "VCID-c5tu-31kw-mfcf" }, { "vulnerability": "VCID-dxpe-qmxq-ykax" }, { "vulnerability": "VCID-eeye-wfxf-x7cc" }, { "vulnerability": "VCID-f779-wcjk-kfc1" }, { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-hsja-ryzy-7bbx" }, { "vulnerability": "VCID-na6t-mkxt-3qbw" }, { "vulnerability": "VCID-nn7p-d7hz-53d5" }, { "vulnerability": "VCID-npjx-vkrd-9bae" }, { "vulnerability": "VCID-nrf7-heu6-vfdc" }, { "vulnerability": "VCID-qh44-75jb-wbhf" }, { "vulnerability": "VCID-qvbb-jhkk-2udw" }, { "vulnerability": "VCID-qwp5-wae9-cffb" }, { "vulnerability": "VCID-re5g-6kjz-q7e8" }, { "vulnerability": "VCID-rfc1-r1gr-wffp" }, { "vulnerability": "VCID-sqb5-brnu-vfbk" }, { "vulnerability": "VCID-u5yy-xx6z-dfh6" }, { "vulnerability": "VCID-v7za-zjfx-mqek" }, { "vulnerability": "VCID-vn1d-9uf5-gbce" }, { "vulnerability": "VCID-vpxs-6wcf-ckh9" }, { "vulnerability": "VCID-wehr-d623-akaj" }, { "vulnerability": "VCID-xdpy-sx55-b3ac" }, { "vulnerability": "VCID-xsr8-3cke-33ck" }, { "vulnerability": "VCID-y8ub-2kad-kqbs" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" }, { "vulnerability": "VCID-yuwe-6pp1-bke2" }, { "vulnerability": "VCID-zm9c-xw64-5qcc" }, { "vulnerability": "VCID-zmh2-t17w-wue1" }, { "vulnerability": "VCID-znut-tkpq-b7cu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxstream-java@1.3-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035877?format=api", "purl": "pkg:deb/debian/libxstream-java@1.3.1-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12bx-r37t-3ygm" }, { "vulnerability": "VCID-2t1b-135u-euem" }, { "vulnerability": "VCID-6mz4-fu3s-vycx" }, { "vulnerability": "VCID-7ma6-2uv1-sbef" }, { "vulnerability": "VCID-8gha-n6ke-nucu" }, { "vulnerability": "VCID-9442-1vwr-5fbt" }, { "vulnerability": "VCID-bdv1-cuyk-sqc1" }, { "vulnerability": "VCID-c5tu-31kw-mfcf" }, { "vulnerability": "VCID-dxpe-qmxq-ykax" }, { "vulnerability": "VCID-eeye-wfxf-x7cc" }, { "vulnerability": "VCID-f779-wcjk-kfc1" }, { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-hsja-ryzy-7bbx" }, { "vulnerability": "VCID-na6t-mkxt-3qbw" }, { "vulnerability": "VCID-nn7p-d7hz-53d5" }, { "vulnerability": "VCID-npjx-vkrd-9bae" }, { "vulnerability": "VCID-nrf7-heu6-vfdc" }, { "vulnerability": "VCID-qh44-75jb-wbhf" }, { "vulnerability": "VCID-qvbb-jhkk-2udw" }, { "vulnerability": "VCID-qwp5-wae9-cffb" }, { "vulnerability": "VCID-re5g-6kjz-q7e8" }, { "vulnerability": "VCID-rfc1-r1gr-wffp" }, { "vulnerability": "VCID-sqb5-brnu-vfbk" }, { "vulnerability": "VCID-u5yy-xx6z-dfh6" }, { "vulnerability": "VCID-v7za-zjfx-mqek" }, { "vulnerability": "VCID-vn1d-9uf5-gbce" }, { "vulnerability": "VCID-vpxs-6wcf-ckh9" }, { "vulnerability": "VCID-wehr-d623-akaj" }, { "vulnerability": "VCID-xdpy-sx55-b3ac" }, { "vulnerability": "VCID-xsr8-3cke-33ck" }, { "vulnerability": "VCID-y8ub-2kad-kqbs" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" }, { "vulnerability": "VCID-yuwe-6pp1-bke2" }, { "vulnerability": "VCID-zm9c-xw64-5qcc" }, { "vulnerability": "VCID-zmh2-t17w-wue1" }, { "vulnerability": "VCID-znut-tkpq-b7cu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxstream-java@1.3.1-6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035878?format=api", "purl": "pkg:deb/debian/libxstream-java@1.4.2-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12bx-r37t-3ygm" }, { "vulnerability": "VCID-2t1b-135u-euem" }, { "vulnerability": "VCID-6mz4-fu3s-vycx" }, { "vulnerability": "VCID-7ma6-2uv1-sbef" }, { "vulnerability": "VCID-8gha-n6ke-nucu" }, { "vulnerability": "VCID-9442-1vwr-5fbt" }, { "vulnerability": "VCID-bdv1-cuyk-sqc1" }, { "vulnerability": "VCID-c5tu-31kw-mfcf" }, { "vulnerability": "VCID-dxpe-qmxq-ykax" }, { "vulnerability": "VCID-eeye-wfxf-x7cc" }, { "vulnerability": "VCID-f779-wcjk-kfc1" }, { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-hsja-ryzy-7bbx" }, { "vulnerability": "VCID-na6t-mkxt-3qbw" }, { "vulnerability": "VCID-nn7p-d7hz-53d5" }, { "vulnerability": "VCID-npjx-vkrd-9bae" }, { "vulnerability": "VCID-nrf7-heu6-vfdc" }, { "vulnerability": "VCID-qh44-75jb-wbhf" }, { "vulnerability": "VCID-qvbb-jhkk-2udw" }, { "vulnerability": "VCID-qwp5-wae9-cffb" }, { "vulnerability": "VCID-re5g-6kjz-q7e8" }, { "vulnerability": "VCID-rfc1-r1gr-wffp" }, { "vulnerability": "VCID-sqb5-brnu-vfbk" }, { "vulnerability": "VCID-u5yy-xx6z-dfh6" }, { "vulnerability": "VCID-v7za-zjfx-mqek" }, { "vulnerability": "VCID-vn1d-9uf5-gbce" }, { "vulnerability": "VCID-vpxs-6wcf-ckh9" }, { "vulnerability": "VCID-wehr-d623-akaj" }, { "vulnerability": "VCID-xdpy-sx55-b3ac" }, { "vulnerability": "VCID-xsr8-3cke-33ck" }, { "vulnerability": "VCID-y8ub-2kad-kqbs" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" }, { "vulnerability": "VCID-yuwe-6pp1-bke2" }, { "vulnerability": "VCID-zm9c-xw64-5qcc" }, { "vulnerability": "VCID-zmh2-t17w-wue1" }, { "vulnerability": "VCID-znut-tkpq-b7cu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxstream-java@1.4.2-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035879?format=api", "purl": "pkg:deb/debian/libxstream-java@1.4.7-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12bx-r37t-3ygm" }, { "vulnerability": "VCID-2t1b-135u-euem" }, { "vulnerability": "VCID-6mz4-fu3s-vycx" }, { "vulnerability": "VCID-7ma6-2uv1-sbef" }, { "vulnerability": "VCID-8gha-n6ke-nucu" }, { "vulnerability": "VCID-9442-1vwr-5fbt" }, { "vulnerability": "VCID-bdv1-cuyk-sqc1" }, { "vulnerability": "VCID-c5tu-31kw-mfcf" }, { "vulnerability": "VCID-dxpe-qmxq-ykax" }, { "vulnerability": "VCID-eeye-wfxf-x7cc" }, { "vulnerability": "VCID-f779-wcjk-kfc1" }, { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-hsja-ryzy-7bbx" }, { "vulnerability": "VCID-na6t-mkxt-3qbw" }, { "vulnerability": "VCID-nn7p-d7hz-53d5" }, { "vulnerability": "VCID-npjx-vkrd-9bae" }, { "vulnerability": "VCID-nrf7-heu6-vfdc" }, { "vulnerability": "VCID-qh44-75jb-wbhf" }, { "vulnerability": "VCID-qvbb-jhkk-2udw" }, { "vulnerability": "VCID-qwp5-wae9-cffb" }, { "vulnerability": "VCID-re5g-6kjz-q7e8" }, { "vulnerability": "VCID-rfc1-r1gr-wffp" }, { "vulnerability": "VCID-sqb5-brnu-vfbk" }, { "vulnerability": "VCID-u5yy-xx6z-dfh6" }, { "vulnerability": "VCID-v7za-zjfx-mqek" }, { "vulnerability": "VCID-vn1d-9uf5-gbce" }, { "vulnerability": "VCID-vpxs-6wcf-ckh9" }, { "vulnerability": "VCID-wehr-d623-akaj" }, { "vulnerability": "VCID-xdpy-sx55-b3ac" }, { "vulnerability": "VCID-xsr8-3cke-33ck" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" }, { "vulnerability": "VCID-yuwe-6pp1-bke2" }, { "vulnerability": "VCID-zm9c-xw64-5qcc" }, { "vulnerability": "VCID-zmh2-t17w-wue1" }, { "vulnerability": "VCID-znut-tkpq-b7cu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxstream-java@1.4.7-2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035880?format=api", "purl": "pkg:deb/debian/libxstream-java@1.4.7-2%2Bdeb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12bx-r37t-3ygm" }, { "vulnerability": "VCID-2t1b-135u-euem" }, { "vulnerability": "VCID-6mz4-fu3s-vycx" }, { "vulnerability": "VCID-7ma6-2uv1-sbef" }, { "vulnerability": "VCID-8gha-n6ke-nucu" }, { "vulnerability": "VCID-9442-1vwr-5fbt" }, { "vulnerability": "VCID-bdv1-cuyk-sqc1" }, { "vulnerability": "VCID-c5tu-31kw-mfcf" }, { "vulnerability": "VCID-dxpe-qmxq-ykax" }, { "vulnerability": "VCID-eeye-wfxf-x7cc" }, { "vulnerability": "VCID-f779-wcjk-kfc1" }, { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-hsja-ryzy-7bbx" }, { "vulnerability": "VCID-na6t-mkxt-3qbw" }, { "vulnerability": "VCID-nn7p-d7hz-53d5" }, { "vulnerability": "VCID-npjx-vkrd-9bae" }, { "vulnerability": "VCID-nrf7-heu6-vfdc" }, { "vulnerability": "VCID-qh44-75jb-wbhf" }, { "vulnerability": "VCID-qvbb-jhkk-2udw" }, { "vulnerability": "VCID-qwp5-wae9-cffb" }, { "vulnerability": "VCID-re5g-6kjz-q7e8" }, { "vulnerability": "VCID-rfc1-r1gr-wffp" }, { "vulnerability": "VCID-sqb5-brnu-vfbk" }, { "vulnerability": "VCID-u5yy-xx6z-dfh6" }, { "vulnerability": "VCID-v7za-zjfx-mqek" }, { "vulnerability": "VCID-vn1d-9uf5-gbce" }, { "vulnerability": "VCID-vpxs-6wcf-ckh9" }, { "vulnerability": "VCID-wehr-d623-akaj" }, { "vulnerability": "VCID-xdpy-sx55-b3ac" }, { "vulnerability": "VCID-xsr8-3cke-33ck" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" }, { "vulnerability": "VCID-yuwe-6pp1-bke2" }, { "vulnerability": "VCID-zm9c-xw64-5qcc" }, { "vulnerability": "VCID-zmh2-t17w-wue1" }, { "vulnerability": "VCID-znut-tkpq-b7cu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxstream-java@1.4.7-2%252Bdeb8u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037863?format=api", "purl": "pkg:deb/debian/libxstream-java@1.4.9-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12bx-r37t-3ygm" }, { "vulnerability": "VCID-2t1b-135u-euem" }, { "vulnerability": "VCID-6mz4-fu3s-vycx" }, { "vulnerability": "VCID-7ma6-2uv1-sbef" }, { "vulnerability": "VCID-8gha-n6ke-nucu" }, { "vulnerability": "VCID-9442-1vwr-5fbt" }, { "vulnerability": "VCID-bdv1-cuyk-sqc1" }, { "vulnerability": "VCID-c5tu-31kw-mfcf" }, { "vulnerability": "VCID-dxpe-qmxq-ykax" }, { "vulnerability": "VCID-eeye-wfxf-x7cc" }, { "vulnerability": "VCID-f779-wcjk-kfc1" }, { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-hsja-ryzy-7bbx" }, { "vulnerability": "VCID-na6t-mkxt-3qbw" }, { "vulnerability": "VCID-npjx-vkrd-9bae" }, { "vulnerability": "VCID-nrf7-heu6-vfdc" }, { "vulnerability": "VCID-qh44-75jb-wbhf" }, { "vulnerability": "VCID-qvbb-jhkk-2udw" }, { "vulnerability": "VCID-qwp5-wae9-cffb" }, { "vulnerability": "VCID-re5g-6kjz-q7e8" }, { "vulnerability": "VCID-rfc1-r1gr-wffp" }, { "vulnerability": "VCID-sqb5-brnu-vfbk" }, { "vulnerability": "VCID-u5yy-xx6z-dfh6" }, { "vulnerability": "VCID-v7za-zjfx-mqek" }, { "vulnerability": "VCID-vn1d-9uf5-gbce" }, { "vulnerability": "VCID-vpxs-6wcf-ckh9" }, { "vulnerability": "VCID-wehr-d623-akaj" }, { "vulnerability": "VCID-xdpy-sx55-b3ac" }, { "vulnerability": "VCID-xsr8-3cke-33ck" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" }, { "vulnerability": "VCID-yuwe-6pp1-bke2" }, { "vulnerability": "VCID-zm9c-xw64-5qcc" }, { "vulnerability": "VCID-zmh2-t17w-wue1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxstream-java@1.4.9-2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037864?format=api", "purl": "pkg:deb/debian/libxstream-java@1.4.11.1-1%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12bx-r37t-3ygm" }, { "vulnerability": "VCID-2t1b-135u-euem" }, { "vulnerability": "VCID-6mz4-fu3s-vycx" }, { "vulnerability": "VCID-7ma6-2uv1-sbef" }, { "vulnerability": "VCID-8gha-n6ke-nucu" }, { "vulnerability": "VCID-9442-1vwr-5fbt" }, { "vulnerability": "VCID-c5tu-31kw-mfcf" }, { "vulnerability": "VCID-dxpe-qmxq-ykax" }, { "vulnerability": "VCID-eeye-wfxf-x7cc" }, { "vulnerability": "VCID-f779-wcjk-kfc1" }, { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-hsja-ryzy-7bbx" }, { "vulnerability": "VCID-na6t-mkxt-3qbw" }, { "vulnerability": "VCID-npjx-vkrd-9bae" }, { "vulnerability": "VCID-nrf7-heu6-vfdc" }, { "vulnerability": "VCID-qh44-75jb-wbhf" }, { "vulnerability": "VCID-qvbb-jhkk-2udw" }, { "vulnerability": "VCID-qwp5-wae9-cffb" }, { "vulnerability": "VCID-re5g-6kjz-q7e8" }, { "vulnerability": "VCID-rfc1-r1gr-wffp" }, { "vulnerability": "VCID-sqb5-brnu-vfbk" }, { "vulnerability": "VCID-u5yy-xx6z-dfh6" }, { "vulnerability": "VCID-v7za-zjfx-mqek" }, { "vulnerability": "VCID-vn1d-9uf5-gbce" }, { "vulnerability": "VCID-vpxs-6wcf-ckh9" }, { "vulnerability": "VCID-wehr-d623-akaj" }, { "vulnerability": "VCID-xdpy-sx55-b3ac" }, { "vulnerability": "VCID-xsr8-3cke-33ck" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" }, { "vulnerability": "VCID-yuwe-6pp1-bke2" }, { "vulnerability": "VCID-zm9c-xw64-5qcc" }, { "vulnerability": "VCID-zmh2-t17w-wue1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxstream-java@1.4.11.1-1%252Bdeb10u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/186496?format=api", "purl": "pkg:maven/com.thoughtworks.xstream/xstream@1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12bx-r37t-3ygm" }, { "vulnerability": "VCID-2t1b-135u-euem" }, { "vulnerability": "VCID-6mz4-fu3s-vycx" }, { "vulnerability": "VCID-7ma6-2uv1-sbef" }, { "vulnerability": "VCID-8gha-n6ke-nucu" }, { "vulnerability": "VCID-9442-1vwr-5fbt" }, { "vulnerability": "VCID-c5tu-31kw-mfcf" }, { "vulnerability": "VCID-dxpe-qmxq-ykax" }, { "vulnerability": "VCID-eeye-wfxf-x7cc" }, { "vulnerability": "VCID-exrn-u19r-wfd8" }, { "vulnerability": "VCID-f779-wcjk-kfc1" }, { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-hqzr-vc5w-9ff5" }, { "vulnerability": "VCID-hsja-ryzy-7bbx" }, { "vulnerability": "VCID-mfub-hwcq-pqbt" }, { "vulnerability": "VCID-na6t-mkxt-3qbw" }, { "vulnerability": "VCID-nn7p-d7hz-53d5" }, { "vulnerability": "VCID-npjx-vkrd-9bae" }, { "vulnerability": "VCID-nrf7-heu6-vfdc" }, { "vulnerability": "VCID-qh44-75jb-wbhf" }, { "vulnerability": "VCID-qvbb-jhkk-2udw" }, { "vulnerability": "VCID-qwp5-wae9-cffb" }, { "vulnerability": "VCID-re5g-6kjz-q7e8" }, { "vulnerability": "VCID-rfc1-r1gr-wffp" }, { "vulnerability": "VCID-sqb5-brnu-vfbk" }, { "vulnerability": "VCID-u5yy-xx6z-dfh6" }, { "vulnerability": "VCID-v7za-zjfx-mqek" }, { "vulnerability": "VCID-vn1d-9uf5-gbce" }, { "vulnerability": "VCID-vpxs-6wcf-ckh9" }, { "vulnerability": "VCID-wehr-d623-akaj" }, { "vulnerability": "VCID-xdpy-sx55-b3ac" }, { "vulnerability": "VCID-xsr8-3cke-33ck" }, { "vulnerability": "VCID-y8ub-2kad-kqbs" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" }, { "vulnerability": "VCID-yuwe-6pp1-bke2" }, { "vulnerability": "VCID-zm9c-xw64-5qcc" }, { "vulnerability": "VCID-zmh2-t17w-wue1" }, { "vulnerability": "VCID-znut-tkpq-b7cu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.thoughtworks.xstream/xstream@1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/186497?format=api", "purl": "pkg:maven/com.thoughtworks.xstream/xstream@1.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12bx-r37t-3ygm" }, { "vulnerability": "VCID-2t1b-135u-euem" }, { "vulnerability": "VCID-6mz4-fu3s-vycx" }, { "vulnerability": "VCID-7ma6-2uv1-sbef" }, { "vulnerability": "VCID-8gha-n6ke-nucu" }, { "vulnerability": "VCID-9442-1vwr-5fbt" }, { "vulnerability": "VCID-c5tu-31kw-mfcf" }, { "vulnerability": "VCID-dxpe-qmxq-ykax" }, { "vulnerability": "VCID-eeye-wfxf-x7cc" }, { "vulnerability": "VCID-exrn-u19r-wfd8" }, { "vulnerability": "VCID-f779-wcjk-kfc1" }, { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-hqzr-vc5w-9ff5" }, { "vulnerability": "VCID-hsja-ryzy-7bbx" }, { "vulnerability": "VCID-mfub-hwcq-pqbt" }, { "vulnerability": "VCID-na6t-mkxt-3qbw" }, { "vulnerability": "VCID-nn7p-d7hz-53d5" }, { "vulnerability": "VCID-npjx-vkrd-9bae" }, { "vulnerability": "VCID-nrf7-heu6-vfdc" }, { "vulnerability": "VCID-qh44-75jb-wbhf" }, { "vulnerability": "VCID-qvbb-jhkk-2udw" }, { "vulnerability": "VCID-qwp5-wae9-cffb" }, { "vulnerability": "VCID-re5g-6kjz-q7e8" }, { "vulnerability": "VCID-rfc1-r1gr-wffp" }, { "vulnerability": "VCID-sqb5-brnu-vfbk" }, { "vulnerability": "VCID-u5yy-xx6z-dfh6" }, { "vulnerability": "VCID-v7za-zjfx-mqek" }, { "vulnerability": "VCID-vn1d-9uf5-gbce" }, { "vulnerability": "VCID-vpxs-6wcf-ckh9" }, { "vulnerability": "VCID-wehr-d623-akaj" }, { "vulnerability": "VCID-xdpy-sx55-b3ac" }, { "vulnerability": "VCID-xsr8-3cke-33ck" }, { "vulnerability": "VCID-y8ub-2kad-kqbs" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" }, { "vulnerability": "VCID-yuwe-6pp1-bke2" }, { "vulnerability": "VCID-zm9c-xw64-5qcc" }, { "vulnerability": "VCID-zmh2-t17w-wue1" }, { "vulnerability": "VCID-znut-tkpq-b7cu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.thoughtworks.xstream/xstream@1.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/186498?format=api", "purl": "pkg:maven/com.thoughtworks.xstream/xstream@1.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12bx-r37t-3ygm" }, { "vulnerability": "VCID-2t1b-135u-euem" }, { "vulnerability": "VCID-6mz4-fu3s-vycx" }, { "vulnerability": "VCID-7ma6-2uv1-sbef" }, { "vulnerability": "VCID-8gha-n6ke-nucu" }, { "vulnerability": "VCID-9442-1vwr-5fbt" }, { "vulnerability": "VCID-c5tu-31kw-mfcf" }, { "vulnerability": "VCID-dxpe-qmxq-ykax" }, { "vulnerability": "VCID-eeye-wfxf-x7cc" }, { "vulnerability": "VCID-exrn-u19r-wfd8" }, { "vulnerability": "VCID-f779-wcjk-kfc1" }, { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-hqzr-vc5w-9ff5" }, { "vulnerability": "VCID-hsja-ryzy-7bbx" }, { "vulnerability": "VCID-mfub-hwcq-pqbt" }, { "vulnerability": "VCID-na6t-mkxt-3qbw" }, { "vulnerability": "VCID-nn7p-d7hz-53d5" }, { "vulnerability": "VCID-npjx-vkrd-9bae" }, { "vulnerability": "VCID-nrf7-heu6-vfdc" }, { "vulnerability": "VCID-qh44-75jb-wbhf" }, { "vulnerability": "VCID-qvbb-jhkk-2udw" }, { "vulnerability": "VCID-qwp5-wae9-cffb" }, { "vulnerability": "VCID-re5g-6kjz-q7e8" }, { "vulnerability": "VCID-rfc1-r1gr-wffp" }, { "vulnerability": "VCID-sqb5-brnu-vfbk" }, { "vulnerability": "VCID-u5yy-xx6z-dfh6" }, { "vulnerability": "VCID-v7za-zjfx-mqek" }, { "vulnerability": "VCID-vn1d-9uf5-gbce" }, { "vulnerability": "VCID-vpxs-6wcf-ckh9" }, { "vulnerability": "VCID-wehr-d623-akaj" }, { "vulnerability": "VCID-xdpy-sx55-b3ac" }, { "vulnerability": "VCID-xsr8-3cke-33ck" }, { "vulnerability": "VCID-y8ub-2kad-kqbs" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" }, { "vulnerability": "VCID-yuwe-6pp1-bke2" }, { "vulnerability": "VCID-zm9c-xw64-5qcc" }, { "vulnerability": "VCID-zmh2-t17w-wue1" }, { "vulnerability": "VCID-znut-tkpq-b7cu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.thoughtworks.xstream/xstream@1.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/186499?format=api", "purl": "pkg:maven/com.thoughtworks.xstream/xstream@1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12bx-r37t-3ygm" }, { "vulnerability": "VCID-2t1b-135u-euem" }, { "vulnerability": "VCID-6mz4-fu3s-vycx" }, { "vulnerability": "VCID-7ma6-2uv1-sbef" }, { "vulnerability": "VCID-8gha-n6ke-nucu" }, { "vulnerability": "VCID-9442-1vwr-5fbt" }, { "vulnerability": "VCID-c5tu-31kw-mfcf" }, { "vulnerability": "VCID-dxpe-qmxq-ykax" }, { "vulnerability": "VCID-eeye-wfxf-x7cc" }, { "vulnerability": "VCID-exrn-u19r-wfd8" }, { "vulnerability": "VCID-f779-wcjk-kfc1" }, { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-hqzr-vc5w-9ff5" }, { "vulnerability": "VCID-hsja-ryzy-7bbx" }, { "vulnerability": "VCID-mfub-hwcq-pqbt" }, { "vulnerability": "VCID-na6t-mkxt-3qbw" }, { "vulnerability": "VCID-nn7p-d7hz-53d5" }, { "vulnerability": "VCID-npjx-vkrd-9bae" }, { "vulnerability": "VCID-nrf7-heu6-vfdc" }, { "vulnerability": "VCID-qh44-75jb-wbhf" }, { "vulnerability": "VCID-qvbb-jhkk-2udw" }, { "vulnerability": "VCID-qwp5-wae9-cffb" }, { "vulnerability": "VCID-re5g-6kjz-q7e8" }, { "vulnerability": "VCID-rfc1-r1gr-wffp" }, { "vulnerability": "VCID-sqb5-brnu-vfbk" }, { "vulnerability": "VCID-u5yy-xx6z-dfh6" }, { "vulnerability": "VCID-v7za-zjfx-mqek" }, { "vulnerability": "VCID-vn1d-9uf5-gbce" }, { "vulnerability": "VCID-vpxs-6wcf-ckh9" }, { "vulnerability": "VCID-wehr-d623-akaj" }, { "vulnerability": "VCID-xdpy-sx55-b3ac" }, { "vulnerability": "VCID-xsr8-3cke-33ck" }, { "vulnerability": "VCID-y8ub-2kad-kqbs" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" }, { "vulnerability": "VCID-yuwe-6pp1-bke2" }, { "vulnerability": "VCID-zm9c-xw64-5qcc" }, { "vulnerability": "VCID-zmh2-t17w-wue1" }, { "vulnerability": "VCID-znut-tkpq-b7cu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.thoughtworks.xstream/xstream@1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/186500?format=api", "purl": "pkg:maven/com.thoughtworks.xstream/xstream@1.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12bx-r37t-3ygm" }, { "vulnerability": "VCID-2t1b-135u-euem" }, { "vulnerability": "VCID-6mz4-fu3s-vycx" }, { "vulnerability": "VCID-7ma6-2uv1-sbef" }, { "vulnerability": "VCID-8gha-n6ke-nucu" }, { "vulnerability": "VCID-9442-1vwr-5fbt" }, { "vulnerability": "VCID-c5tu-31kw-mfcf" }, { "vulnerability": "VCID-dxpe-qmxq-ykax" }, { "vulnerability": "VCID-eeye-wfxf-x7cc" }, { "vulnerability": "VCID-exrn-u19r-wfd8" }, { "vulnerability": "VCID-f779-wcjk-kfc1" }, { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-hqzr-vc5w-9ff5" }, { "vulnerability": "VCID-hsja-ryzy-7bbx" }, { "vulnerability": "VCID-mfub-hwcq-pqbt" }, { "vulnerability": "VCID-na6t-mkxt-3qbw" }, { "vulnerability": "VCID-nn7p-d7hz-53d5" }, { "vulnerability": "VCID-npjx-vkrd-9bae" }, { "vulnerability": "VCID-nrf7-heu6-vfdc" }, { "vulnerability": "VCID-qh44-75jb-wbhf" }, { "vulnerability": "VCID-qvbb-jhkk-2udw" }, { "vulnerability": "VCID-qwp5-wae9-cffb" }, { "vulnerability": "VCID-re5g-6kjz-q7e8" }, { "vulnerability": "VCID-rfc1-r1gr-wffp" }, { "vulnerability": "VCID-sqb5-brnu-vfbk" }, { "vulnerability": "VCID-u5yy-xx6z-dfh6" }, { "vulnerability": "VCID-v7za-zjfx-mqek" }, { "vulnerability": "VCID-vn1d-9uf5-gbce" }, { "vulnerability": "VCID-vpxs-6wcf-ckh9" }, { "vulnerability": "VCID-wehr-d623-akaj" }, { "vulnerability": "VCID-xdpy-sx55-b3ac" }, { "vulnerability": "VCID-xsr8-3cke-33ck" }, { "vulnerability": "VCID-y8ub-2kad-kqbs" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" }, { "vulnerability": "VCID-yuwe-6pp1-bke2" }, { "vulnerability": "VCID-zm9c-xw64-5qcc" }, { "vulnerability": "VCID-zmh2-t17w-wue1" }, { "vulnerability": "VCID-znut-tkpq-b7cu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.thoughtworks.xstream/xstream@1.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/186501?format=api", "purl": "pkg:maven/com.thoughtworks.xstream/xstream@1.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12bx-r37t-3ygm" }, { "vulnerability": "VCID-2t1b-135u-euem" }, { "vulnerability": "VCID-6mz4-fu3s-vycx" }, { "vulnerability": "VCID-7ma6-2uv1-sbef" }, { "vulnerability": "VCID-8gha-n6ke-nucu" }, { "vulnerability": "VCID-9442-1vwr-5fbt" }, { "vulnerability": "VCID-c5tu-31kw-mfcf" }, { "vulnerability": "VCID-dxpe-qmxq-ykax" }, { "vulnerability": "VCID-eeye-wfxf-x7cc" }, { "vulnerability": "VCID-exrn-u19r-wfd8" }, { "vulnerability": "VCID-f779-wcjk-kfc1" }, { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-hqzr-vc5w-9ff5" }, { "vulnerability": "VCID-hsja-ryzy-7bbx" }, { "vulnerability": "VCID-mfub-hwcq-pqbt" }, { "vulnerability": "VCID-na6t-mkxt-3qbw" }, { "vulnerability": "VCID-nn7p-d7hz-53d5" }, { "vulnerability": "VCID-npjx-vkrd-9bae" }, { "vulnerability": "VCID-nrf7-heu6-vfdc" }, { "vulnerability": "VCID-qh44-75jb-wbhf" }, { "vulnerability": "VCID-qvbb-jhkk-2udw" }, { "vulnerability": "VCID-qwp5-wae9-cffb" }, { "vulnerability": "VCID-re5g-6kjz-q7e8" }, { "vulnerability": "VCID-rfc1-r1gr-wffp" }, { "vulnerability": "VCID-sqb5-brnu-vfbk" }, { "vulnerability": "VCID-u5yy-xx6z-dfh6" }, { "vulnerability": "VCID-v7za-zjfx-mqek" }, { "vulnerability": "VCID-vn1d-9uf5-gbce" }, { "vulnerability": "VCID-vpxs-6wcf-ckh9" }, { "vulnerability": "VCID-wehr-d623-akaj" }, { "vulnerability": "VCID-xdpy-sx55-b3ac" }, { "vulnerability": "VCID-xsr8-3cke-33ck" }, { "vulnerability": "VCID-y8ub-2kad-kqbs" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" }, { "vulnerability": "VCID-yuwe-6pp1-bke2" }, { "vulnerability": "VCID-zm9c-xw64-5qcc" }, { "vulnerability": "VCID-zmh2-t17w-wue1" }, { "vulnerability": "VCID-znut-tkpq-b7cu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.thoughtworks.xstream/xstream@1.1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/186502?format=api", "purl": "pkg:maven/com.thoughtworks.xstream/xstream@1.1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12bx-r37t-3ygm" }, { "vulnerability": "VCID-2t1b-135u-euem" }, { "vulnerability": "VCID-6mz4-fu3s-vycx" }, { "vulnerability": "VCID-7ma6-2uv1-sbef" }, { "vulnerability": "VCID-8gha-n6ke-nucu" }, { "vulnerability": "VCID-9442-1vwr-5fbt" }, { "vulnerability": "VCID-c5tu-31kw-mfcf" }, { "vulnerability": "VCID-dxpe-qmxq-ykax" }, { "vulnerability": "VCID-eeye-wfxf-x7cc" }, { "vulnerability": "VCID-exrn-u19r-wfd8" }, { "vulnerability": "VCID-f779-wcjk-kfc1" }, { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-hqzr-vc5w-9ff5" }, { "vulnerability": "VCID-hsja-ryzy-7bbx" }, { "vulnerability": "VCID-mfub-hwcq-pqbt" }, { "vulnerability": "VCID-na6t-mkxt-3qbw" }, { "vulnerability": "VCID-nn7p-d7hz-53d5" }, { "vulnerability": "VCID-npjx-vkrd-9bae" }, { "vulnerability": "VCID-nrf7-heu6-vfdc" }, { "vulnerability": "VCID-qh44-75jb-wbhf" }, { "vulnerability": "VCID-qvbb-jhkk-2udw" }, { "vulnerability": "VCID-qwp5-wae9-cffb" }, { "vulnerability": "VCID-re5g-6kjz-q7e8" }, { "vulnerability": "VCID-rfc1-r1gr-wffp" }, { "vulnerability": "VCID-sqb5-brnu-vfbk" }, { "vulnerability": "VCID-u5yy-xx6z-dfh6" }, { "vulnerability": "VCID-v7za-zjfx-mqek" }, { "vulnerability": "VCID-vn1d-9uf5-gbce" }, { "vulnerability": "VCID-vpxs-6wcf-ckh9" }, { "vulnerability": "VCID-wehr-d623-akaj" }, { "vulnerability": "VCID-xdpy-sx55-b3ac" }, { "vulnerability": "VCID-xsr8-3cke-33ck" }, { "vulnerability": "VCID-y8ub-2kad-kqbs" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" }, { "vulnerability": "VCID-yuwe-6pp1-bke2" }, { "vulnerability": "VCID-zm9c-xw64-5qcc" }, { "vulnerability": "VCID-zmh2-t17w-wue1" }, { "vulnerability": "VCID-znut-tkpq-b7cu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.thoughtworks.xstream/xstream@1.1.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/186503?format=api", "purl": "pkg:maven/com.thoughtworks.xstream/xstream@1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12bx-r37t-3ygm" }, { "vulnerability": "VCID-2t1b-135u-euem" }, { "vulnerability": "VCID-6mz4-fu3s-vycx" }, { "vulnerability": "VCID-7ma6-2uv1-sbef" }, { "vulnerability": "VCID-8gha-n6ke-nucu" }, { "vulnerability": "VCID-9442-1vwr-5fbt" }, { "vulnerability": "VCID-c5tu-31kw-mfcf" }, { "vulnerability": "VCID-dxpe-qmxq-ykax" }, { "vulnerability": "VCID-eeye-wfxf-x7cc" }, { "vulnerability": "VCID-exrn-u19r-wfd8" }, { "vulnerability": "VCID-f779-wcjk-kfc1" }, { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-hqzr-vc5w-9ff5" }, { "vulnerability": "VCID-hsja-ryzy-7bbx" }, { "vulnerability": "VCID-mfub-hwcq-pqbt" }, { "vulnerability": "VCID-na6t-mkxt-3qbw" }, { "vulnerability": "VCID-nn7p-d7hz-53d5" }, { "vulnerability": "VCID-npjx-vkrd-9bae" }, { "vulnerability": "VCID-nrf7-heu6-vfdc" }, { "vulnerability": "VCID-qh44-75jb-wbhf" }, { "vulnerability": "VCID-qvbb-jhkk-2udw" }, { "vulnerability": "VCID-qwp5-wae9-cffb" }, { "vulnerability": "VCID-re5g-6kjz-q7e8" }, { "vulnerability": "VCID-rfc1-r1gr-wffp" }, { "vulnerability": "VCID-sqb5-brnu-vfbk" }, { "vulnerability": "VCID-u5yy-xx6z-dfh6" }, { "vulnerability": "VCID-v7za-zjfx-mqek" }, { "vulnerability": "VCID-vn1d-9uf5-gbce" }, { "vulnerability": "VCID-vpxs-6wcf-ckh9" }, { "vulnerability": "VCID-wehr-d623-akaj" }, { "vulnerability": "VCID-xdpy-sx55-b3ac" }, { "vulnerability": "VCID-xsr8-3cke-33ck" }, { "vulnerability": "VCID-y8ub-2kad-kqbs" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" }, { "vulnerability": "VCID-yuwe-6pp1-bke2" }, { "vulnerability": "VCID-zm9c-xw64-5qcc" }, { "vulnerability": "VCID-zmh2-t17w-wue1" }, { "vulnerability": "VCID-znut-tkpq-b7cu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.thoughtworks.xstream/xstream@1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/186504?format=api", "purl": "pkg:maven/com.thoughtworks.xstream/xstream@1.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12bx-r37t-3ygm" }, { "vulnerability": "VCID-2t1b-135u-euem" }, { "vulnerability": "VCID-6mz4-fu3s-vycx" }, { "vulnerability": "VCID-7ma6-2uv1-sbef" }, { "vulnerability": "VCID-8gha-n6ke-nucu" }, { "vulnerability": "VCID-9442-1vwr-5fbt" }, { "vulnerability": "VCID-c5tu-31kw-mfcf" }, { "vulnerability": "VCID-dxpe-qmxq-ykax" }, { "vulnerability": "VCID-eeye-wfxf-x7cc" }, { "vulnerability": "VCID-exrn-u19r-wfd8" }, { "vulnerability": "VCID-f779-wcjk-kfc1" }, { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-hqzr-vc5w-9ff5" }, { "vulnerability": "VCID-hsja-ryzy-7bbx" }, { "vulnerability": "VCID-mfub-hwcq-pqbt" }, { "vulnerability": "VCID-na6t-mkxt-3qbw" }, { "vulnerability": "VCID-nn7p-d7hz-53d5" }, { "vulnerability": "VCID-npjx-vkrd-9bae" }, { "vulnerability": "VCID-nrf7-heu6-vfdc" }, { "vulnerability": "VCID-qh44-75jb-wbhf" }, { "vulnerability": "VCID-qvbb-jhkk-2udw" }, { "vulnerability": "VCID-qwp5-wae9-cffb" }, { "vulnerability": "VCID-re5g-6kjz-q7e8" }, { "vulnerability": "VCID-rfc1-r1gr-wffp" }, { "vulnerability": "VCID-sqb5-brnu-vfbk" }, { "vulnerability": "VCID-u5yy-xx6z-dfh6" }, { "vulnerability": "VCID-v7za-zjfx-mqek" }, { "vulnerability": "VCID-vn1d-9uf5-gbce" }, { "vulnerability": "VCID-vpxs-6wcf-ckh9" }, { "vulnerability": "VCID-wehr-d623-akaj" }, { "vulnerability": "VCID-xdpy-sx55-b3ac" }, { "vulnerability": "VCID-xsr8-3cke-33ck" }, { "vulnerability": "VCID-y8ub-2kad-kqbs" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" }, { "vulnerability": "VCID-yuwe-6pp1-bke2" }, { "vulnerability": "VCID-zm9c-xw64-5qcc" }, { "vulnerability": "VCID-zmh2-t17w-wue1" }, { "vulnerability": "VCID-znut-tkpq-b7cu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.thoughtworks.xstream/xstream@1.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/186505?format=api", "purl": "pkg:maven/com.thoughtworks.xstream/xstream@1.2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12bx-r37t-3ygm" }, { "vulnerability": "VCID-2t1b-135u-euem" }, { "vulnerability": "VCID-6mz4-fu3s-vycx" }, { "vulnerability": "VCID-7ma6-2uv1-sbef" }, { "vulnerability": "VCID-8gha-n6ke-nucu" }, { "vulnerability": "VCID-9442-1vwr-5fbt" }, { "vulnerability": "VCID-c5tu-31kw-mfcf" }, { "vulnerability": "VCID-dxpe-qmxq-ykax" }, { "vulnerability": "VCID-eeye-wfxf-x7cc" }, { "vulnerability": "VCID-exrn-u19r-wfd8" }, { "vulnerability": "VCID-f779-wcjk-kfc1" }, { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-hqzr-vc5w-9ff5" }, { "vulnerability": "VCID-hsja-ryzy-7bbx" }, { "vulnerability": "VCID-mfub-hwcq-pqbt" }, { "vulnerability": "VCID-na6t-mkxt-3qbw" }, { "vulnerability": "VCID-nn7p-d7hz-53d5" }, { "vulnerability": "VCID-npjx-vkrd-9bae" }, { "vulnerability": "VCID-nrf7-heu6-vfdc" }, { "vulnerability": "VCID-qh44-75jb-wbhf" }, { "vulnerability": "VCID-qvbb-jhkk-2udw" }, { "vulnerability": "VCID-qwp5-wae9-cffb" }, { "vulnerability": "VCID-re5g-6kjz-q7e8" }, { "vulnerability": "VCID-rfc1-r1gr-wffp" }, { "vulnerability": "VCID-sqb5-brnu-vfbk" }, { "vulnerability": "VCID-u5yy-xx6z-dfh6" }, { "vulnerability": "VCID-v7za-zjfx-mqek" }, { "vulnerability": "VCID-vn1d-9uf5-gbce" }, { "vulnerability": "VCID-vpxs-6wcf-ckh9" }, { "vulnerability": "VCID-wehr-d623-akaj" }, { "vulnerability": "VCID-xdpy-sx55-b3ac" }, { "vulnerability": "VCID-xsr8-3cke-33ck" }, { "vulnerability": "VCID-y8ub-2kad-kqbs" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" }, { "vulnerability": "VCID-yuwe-6pp1-bke2" }, { "vulnerability": "VCID-zm9c-xw64-5qcc" }, { "vulnerability": "VCID-zmh2-t17w-wue1" }, { "vulnerability": "VCID-znut-tkpq-b7cu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.thoughtworks.xstream/xstream@1.2.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/186506?format=api", "purl": "pkg:maven/com.thoughtworks.xstream/xstream@1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12bx-r37t-3ygm" }, { "vulnerability": "VCID-2t1b-135u-euem" }, { "vulnerability": "VCID-6mz4-fu3s-vycx" }, { "vulnerability": "VCID-7ma6-2uv1-sbef" }, { "vulnerability": "VCID-8gha-n6ke-nucu" }, { "vulnerability": "VCID-9442-1vwr-5fbt" }, { "vulnerability": "VCID-c5tu-31kw-mfcf" }, { "vulnerability": "VCID-dxpe-qmxq-ykax" }, { "vulnerability": "VCID-eeye-wfxf-x7cc" }, { "vulnerability": "VCID-exrn-u19r-wfd8" }, { "vulnerability": "VCID-f779-wcjk-kfc1" }, { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-hqzr-vc5w-9ff5" }, { "vulnerability": "VCID-hsja-ryzy-7bbx" }, { "vulnerability": "VCID-mfub-hwcq-pqbt" }, { "vulnerability": "VCID-na6t-mkxt-3qbw" }, { "vulnerability": "VCID-nn7p-d7hz-53d5" }, { "vulnerability": "VCID-npjx-vkrd-9bae" }, { "vulnerability": "VCID-nrf7-heu6-vfdc" }, { "vulnerability": "VCID-qh44-75jb-wbhf" }, { "vulnerability": "VCID-qvbb-jhkk-2udw" }, { "vulnerability": "VCID-qwp5-wae9-cffb" }, { "vulnerability": "VCID-re5g-6kjz-q7e8" }, { "vulnerability": "VCID-rfc1-r1gr-wffp" }, { "vulnerability": "VCID-sqb5-brnu-vfbk" }, { "vulnerability": "VCID-u5yy-xx6z-dfh6" }, { "vulnerability": "VCID-v7za-zjfx-mqek" }, { "vulnerability": "VCID-vn1d-9uf5-gbce" }, { "vulnerability": "VCID-vpxs-6wcf-ckh9" }, { "vulnerability": "VCID-wehr-d623-akaj" }, { "vulnerability": "VCID-xdpy-sx55-b3ac" }, { "vulnerability": "VCID-xsr8-3cke-33ck" }, { "vulnerability": "VCID-y8ub-2kad-kqbs" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" }, { "vulnerability": "VCID-yuwe-6pp1-bke2" }, { "vulnerability": "VCID-zm9c-xw64-5qcc" }, { "vulnerability": "VCID-zmh2-t17w-wue1" }, { "vulnerability": "VCID-znut-tkpq-b7cu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.thoughtworks.xstream/xstream@1.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/186507?format=api", "purl": "pkg:maven/com.thoughtworks.xstream/xstream@1.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12bx-r37t-3ygm" }, { "vulnerability": "VCID-2t1b-135u-euem" }, { "vulnerability": "VCID-6mz4-fu3s-vycx" }, { "vulnerability": "VCID-7ma6-2uv1-sbef" }, { "vulnerability": "VCID-8gha-n6ke-nucu" }, { "vulnerability": "VCID-9442-1vwr-5fbt" }, { "vulnerability": "VCID-c5tu-31kw-mfcf" }, { "vulnerability": "VCID-dxpe-qmxq-ykax" }, { "vulnerability": "VCID-eeye-wfxf-x7cc" }, { "vulnerability": "VCID-exrn-u19r-wfd8" }, { "vulnerability": "VCID-f779-wcjk-kfc1" }, { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-hqzr-vc5w-9ff5" }, { "vulnerability": "VCID-hsja-ryzy-7bbx" }, { "vulnerability": "VCID-mfub-hwcq-pqbt" }, { "vulnerability": "VCID-na6t-mkxt-3qbw" }, { "vulnerability": "VCID-nn7p-d7hz-53d5" }, { "vulnerability": "VCID-npjx-vkrd-9bae" }, { "vulnerability": "VCID-nrf7-heu6-vfdc" }, { "vulnerability": "VCID-qh44-75jb-wbhf" }, { "vulnerability": "VCID-qvbb-jhkk-2udw" }, { "vulnerability": "VCID-qwp5-wae9-cffb" }, { "vulnerability": "VCID-re5g-6kjz-q7e8" }, { "vulnerability": "VCID-rfc1-r1gr-wffp" }, { "vulnerability": "VCID-sqb5-brnu-vfbk" }, { "vulnerability": "VCID-u5yy-xx6z-dfh6" }, { "vulnerability": "VCID-v7za-zjfx-mqek" }, { "vulnerability": "VCID-vn1d-9uf5-gbce" }, { "vulnerability": "VCID-vpxs-6wcf-ckh9" }, { "vulnerability": "VCID-wehr-d623-akaj" }, { "vulnerability": "VCID-xdpy-sx55-b3ac" }, { "vulnerability": "VCID-xsr8-3cke-33ck" }, { "vulnerability": "VCID-y8ub-2kad-kqbs" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" }, { "vulnerability": "VCID-yuwe-6pp1-bke2" }, { "vulnerability": "VCID-zm9c-xw64-5qcc" }, { "vulnerability": "VCID-zmh2-t17w-wue1" }, { "vulnerability": "VCID-znut-tkpq-b7cu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.thoughtworks.xstream/xstream@1.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/186508?format=api", "purl": "pkg:maven/com.thoughtworks.xstream/xstream@1.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12bx-r37t-3ygm" }, { "vulnerability": "VCID-2t1b-135u-euem" }, { "vulnerability": "VCID-6mz4-fu3s-vycx" }, { "vulnerability": "VCID-7ma6-2uv1-sbef" }, { "vulnerability": "VCID-8gha-n6ke-nucu" }, { "vulnerability": "VCID-9442-1vwr-5fbt" }, { "vulnerability": "VCID-c5tu-31kw-mfcf" }, { "vulnerability": "VCID-dxpe-qmxq-ykax" }, { "vulnerability": "VCID-eeye-wfxf-x7cc" }, { "vulnerability": "VCID-exrn-u19r-wfd8" }, { "vulnerability": "VCID-f779-wcjk-kfc1" }, { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-hqzr-vc5w-9ff5" }, { "vulnerability": "VCID-hsja-ryzy-7bbx" }, { "vulnerability": "VCID-mfub-hwcq-pqbt" }, { "vulnerability": "VCID-na6t-mkxt-3qbw" }, { "vulnerability": "VCID-nn7p-d7hz-53d5" }, { "vulnerability": "VCID-npjx-vkrd-9bae" }, { "vulnerability": "VCID-nrf7-heu6-vfdc" }, { "vulnerability": "VCID-qh44-75jb-wbhf" }, { "vulnerability": "VCID-qvbb-jhkk-2udw" }, { "vulnerability": "VCID-qwp5-wae9-cffb" }, { "vulnerability": "VCID-re5g-6kjz-q7e8" }, { "vulnerability": "VCID-rfc1-r1gr-wffp" }, { "vulnerability": "VCID-sqb5-brnu-vfbk" }, { "vulnerability": "VCID-u5yy-xx6z-dfh6" }, { "vulnerability": "VCID-v7za-zjfx-mqek" }, { "vulnerability": "VCID-vn1d-9uf5-gbce" }, { "vulnerability": "VCID-vpxs-6wcf-ckh9" }, { "vulnerability": "VCID-wehr-d623-akaj" }, { "vulnerability": "VCID-xdpy-sx55-b3ac" }, { "vulnerability": "VCID-xsr8-3cke-33ck" }, { "vulnerability": "VCID-y8ub-2kad-kqbs" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" }, { "vulnerability": "VCID-yuwe-6pp1-bke2" }, { "vulnerability": "VCID-zm9c-xw64-5qcc" }, { "vulnerability": "VCID-zmh2-t17w-wue1" }, { "vulnerability": "VCID-znut-tkpq-b7cu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.thoughtworks.xstream/xstream@1.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/186509?format=api", "purl": "pkg:maven/com.thoughtworks.xstream/xstream@1.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12bx-r37t-3ygm" }, { "vulnerability": "VCID-2t1b-135u-euem" }, { "vulnerability": "VCID-6mz4-fu3s-vycx" }, { "vulnerability": "VCID-7ma6-2uv1-sbef" }, { "vulnerability": "VCID-8gha-n6ke-nucu" }, { "vulnerability": "VCID-9442-1vwr-5fbt" }, { "vulnerability": "VCID-c5tu-31kw-mfcf" }, { "vulnerability": "VCID-dxpe-qmxq-ykax" }, { "vulnerability": "VCID-eeye-wfxf-x7cc" }, { "vulnerability": "VCID-exrn-u19r-wfd8" }, { "vulnerability": "VCID-f779-wcjk-kfc1" }, { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-hqzr-vc5w-9ff5" }, { "vulnerability": "VCID-hsja-ryzy-7bbx" }, { "vulnerability": "VCID-mfub-hwcq-pqbt" }, { "vulnerability": "VCID-na6t-mkxt-3qbw" }, { "vulnerability": "VCID-nn7p-d7hz-53d5" }, { "vulnerability": "VCID-npjx-vkrd-9bae" }, { "vulnerability": "VCID-nrf7-heu6-vfdc" }, { "vulnerability": "VCID-qh44-75jb-wbhf" }, { "vulnerability": "VCID-qvbb-jhkk-2udw" }, { "vulnerability": "VCID-qwp5-wae9-cffb" }, { "vulnerability": "VCID-re5g-6kjz-q7e8" }, { "vulnerability": "VCID-rfc1-r1gr-wffp" }, { "vulnerability": "VCID-sqb5-brnu-vfbk" }, { "vulnerability": "VCID-u5yy-xx6z-dfh6" }, { "vulnerability": "VCID-v7za-zjfx-mqek" }, { "vulnerability": "VCID-vn1d-9uf5-gbce" }, { "vulnerability": "VCID-vpxs-6wcf-ckh9" }, { "vulnerability": "VCID-wehr-d623-akaj" }, { "vulnerability": "VCID-xdpy-sx55-b3ac" }, { "vulnerability": "VCID-xsr8-3cke-33ck" }, { "vulnerability": "VCID-y8ub-2kad-kqbs" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" }, { "vulnerability": "VCID-yuwe-6pp1-bke2" }, { "vulnerability": "VCID-zm9c-xw64-5qcc" }, { "vulnerability": "VCID-zmh2-t17w-wue1" }, { "vulnerability": "VCID-znut-tkpq-b7cu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.thoughtworks.xstream/xstream@1.4.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/186510?format=api", "purl": "pkg:maven/com.thoughtworks.xstream/xstream@1.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12bx-r37t-3ygm" }, { "vulnerability": "VCID-2t1b-135u-euem" }, { "vulnerability": "VCID-6mz4-fu3s-vycx" }, { "vulnerability": "VCID-7ma6-2uv1-sbef" }, { "vulnerability": "VCID-8gha-n6ke-nucu" }, { "vulnerability": "VCID-9442-1vwr-5fbt" }, { "vulnerability": "VCID-c5tu-31kw-mfcf" }, { "vulnerability": "VCID-dxpe-qmxq-ykax" }, { "vulnerability": "VCID-eeye-wfxf-x7cc" }, { "vulnerability": "VCID-exrn-u19r-wfd8" }, { "vulnerability": "VCID-f779-wcjk-kfc1" }, { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-hqzr-vc5w-9ff5" }, { "vulnerability": "VCID-hsja-ryzy-7bbx" }, { "vulnerability": "VCID-mfub-hwcq-pqbt" }, { "vulnerability": "VCID-na6t-mkxt-3qbw" }, { "vulnerability": "VCID-nn7p-d7hz-53d5" }, { "vulnerability": "VCID-npjx-vkrd-9bae" }, { "vulnerability": "VCID-nrf7-heu6-vfdc" }, { "vulnerability": "VCID-qh44-75jb-wbhf" }, { "vulnerability": "VCID-qvbb-jhkk-2udw" }, { "vulnerability": "VCID-qwp5-wae9-cffb" }, { "vulnerability": "VCID-re5g-6kjz-q7e8" }, { "vulnerability": "VCID-rfc1-r1gr-wffp" }, { "vulnerability": "VCID-sqb5-brnu-vfbk" }, { "vulnerability": "VCID-u5yy-xx6z-dfh6" }, { "vulnerability": "VCID-v7za-zjfx-mqek" }, { "vulnerability": "VCID-vn1d-9uf5-gbce" }, { "vulnerability": "VCID-vpxs-6wcf-ckh9" }, { "vulnerability": "VCID-wehr-d623-akaj" }, { "vulnerability": "VCID-xdpy-sx55-b3ac" }, { "vulnerability": "VCID-xsr8-3cke-33ck" }, { "vulnerability": "VCID-y8ub-2kad-kqbs" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" }, { "vulnerability": "VCID-yuwe-6pp1-bke2" }, { "vulnerability": "VCID-zm9c-xw64-5qcc" }, { "vulnerability": "VCID-zmh2-t17w-wue1" }, { "vulnerability": "VCID-znut-tkpq-b7cu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.thoughtworks.xstream/xstream@1.4.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/186511?format=api", "purl": "pkg:maven/com.thoughtworks.xstream/xstream@1.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12bx-r37t-3ygm" }, { "vulnerability": "VCID-2t1b-135u-euem" }, { "vulnerability": "VCID-6mz4-fu3s-vycx" }, { "vulnerability": "VCID-7ma6-2uv1-sbef" }, { "vulnerability": "VCID-8gha-n6ke-nucu" }, { "vulnerability": "VCID-9442-1vwr-5fbt" }, { "vulnerability": "VCID-c5tu-31kw-mfcf" }, { "vulnerability": "VCID-dxpe-qmxq-ykax" }, { "vulnerability": "VCID-eeye-wfxf-x7cc" }, { "vulnerability": "VCID-exrn-u19r-wfd8" }, { "vulnerability": "VCID-f779-wcjk-kfc1" }, { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-hqzr-vc5w-9ff5" }, { "vulnerability": "VCID-hsja-ryzy-7bbx" }, { "vulnerability": "VCID-mfub-hwcq-pqbt" }, { "vulnerability": "VCID-na6t-mkxt-3qbw" }, { "vulnerability": "VCID-nn7p-d7hz-53d5" }, { "vulnerability": "VCID-npjx-vkrd-9bae" }, { "vulnerability": "VCID-nrf7-heu6-vfdc" }, { "vulnerability": "VCID-qh44-75jb-wbhf" }, { "vulnerability": "VCID-qvbb-jhkk-2udw" }, { "vulnerability": "VCID-qwp5-wae9-cffb" }, { "vulnerability": "VCID-re5g-6kjz-q7e8" }, { "vulnerability": "VCID-rfc1-r1gr-wffp" }, { "vulnerability": "VCID-sqb5-brnu-vfbk" }, { "vulnerability": "VCID-u5yy-xx6z-dfh6" }, { "vulnerability": "VCID-v7za-zjfx-mqek" }, { "vulnerability": "VCID-vn1d-9uf5-gbce" }, { "vulnerability": "VCID-vpxs-6wcf-ckh9" }, { "vulnerability": "VCID-wehr-d623-akaj" }, { "vulnerability": "VCID-xdpy-sx55-b3ac" }, { "vulnerability": "VCID-xsr8-3cke-33ck" }, { "vulnerability": "VCID-y8ub-2kad-kqbs" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" }, { "vulnerability": "VCID-yuwe-6pp1-bke2" }, { "vulnerability": "VCID-zm9c-xw64-5qcc" }, { "vulnerability": "VCID-zmh2-t17w-wue1" }, { "vulnerability": "VCID-znut-tkpq-b7cu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.thoughtworks.xstream/xstream@1.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/186512?format=api", "purl": "pkg:maven/com.thoughtworks.xstream/xstream@1.4.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12bx-r37t-3ygm" }, { "vulnerability": "VCID-2t1b-135u-euem" }, { "vulnerability": "VCID-6mz4-fu3s-vycx" }, { "vulnerability": "VCID-7ma6-2uv1-sbef" }, { "vulnerability": "VCID-8gha-n6ke-nucu" }, { "vulnerability": "VCID-9442-1vwr-5fbt" }, { "vulnerability": "VCID-c5tu-31kw-mfcf" }, { "vulnerability": "VCID-dxpe-qmxq-ykax" }, { "vulnerability": "VCID-eeye-wfxf-x7cc" }, { "vulnerability": "VCID-exrn-u19r-wfd8" }, { "vulnerability": "VCID-f779-wcjk-kfc1" }, { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-hqzr-vc5w-9ff5" }, { "vulnerability": "VCID-hsja-ryzy-7bbx" }, { "vulnerability": "VCID-mfub-hwcq-pqbt" }, { "vulnerability": "VCID-na6t-mkxt-3qbw" }, { "vulnerability": "VCID-nn7p-d7hz-53d5" }, { "vulnerability": "VCID-npjx-vkrd-9bae" }, { "vulnerability": "VCID-nrf7-heu6-vfdc" }, { "vulnerability": "VCID-qh44-75jb-wbhf" }, { "vulnerability": "VCID-qvbb-jhkk-2udw" }, { "vulnerability": "VCID-qwp5-wae9-cffb" }, { "vulnerability": "VCID-re5g-6kjz-q7e8" }, { "vulnerability": "VCID-rfc1-r1gr-wffp" }, { "vulnerability": "VCID-sqb5-brnu-vfbk" }, { "vulnerability": "VCID-u5yy-xx6z-dfh6" }, { "vulnerability": "VCID-v7za-zjfx-mqek" }, { "vulnerability": "VCID-vn1d-9uf5-gbce" }, { "vulnerability": "VCID-vpxs-6wcf-ckh9" }, { "vulnerability": "VCID-wehr-d623-akaj" }, { "vulnerability": "VCID-xdpy-sx55-b3ac" }, { "vulnerability": "VCID-xsr8-3cke-33ck" }, { "vulnerability": "VCID-y8ub-2kad-kqbs" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" }, { "vulnerability": "VCID-yuwe-6pp1-bke2" }, { "vulnerability": "VCID-zm9c-xw64-5qcc" }, { "vulnerability": "VCID-zmh2-t17w-wue1" }, { "vulnerability": "VCID-znut-tkpq-b7cu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.thoughtworks.xstream/xstream@1.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/186513?format=api", "purl": "pkg:maven/com.thoughtworks.xstream/xstream@1.4.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12bx-r37t-3ygm" }, { "vulnerability": "VCID-2t1b-135u-euem" }, { "vulnerability": "VCID-6mz4-fu3s-vycx" }, { "vulnerability": "VCID-7ma6-2uv1-sbef" }, { "vulnerability": "VCID-8gha-n6ke-nucu" }, { "vulnerability": "VCID-9442-1vwr-5fbt" }, { "vulnerability": "VCID-c5tu-31kw-mfcf" }, { "vulnerability": "VCID-dxpe-qmxq-ykax" }, { "vulnerability": "VCID-eeye-wfxf-x7cc" }, { "vulnerability": "VCID-exrn-u19r-wfd8" }, { "vulnerability": "VCID-f779-wcjk-kfc1" }, { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-hqzr-vc5w-9ff5" }, { "vulnerability": "VCID-hsja-ryzy-7bbx" }, { "vulnerability": "VCID-mfub-hwcq-pqbt" }, { "vulnerability": "VCID-na6t-mkxt-3qbw" }, { "vulnerability": "VCID-nn7p-d7hz-53d5" }, { "vulnerability": "VCID-npjx-vkrd-9bae" }, { "vulnerability": "VCID-nrf7-heu6-vfdc" }, { "vulnerability": "VCID-qh44-75jb-wbhf" }, { "vulnerability": "VCID-qvbb-jhkk-2udw" }, { "vulnerability": "VCID-qwp5-wae9-cffb" }, { "vulnerability": "VCID-re5g-6kjz-q7e8" }, { "vulnerability": "VCID-rfc1-r1gr-wffp" }, { "vulnerability": "VCID-sqb5-brnu-vfbk" }, { "vulnerability": "VCID-u5yy-xx6z-dfh6" }, { "vulnerability": "VCID-v7za-zjfx-mqek" }, { "vulnerability": "VCID-vn1d-9uf5-gbce" }, { "vulnerability": "VCID-vpxs-6wcf-ckh9" }, { "vulnerability": "VCID-wehr-d623-akaj" }, { "vulnerability": "VCID-xdpy-sx55-b3ac" }, { "vulnerability": "VCID-xsr8-3cke-33ck" }, { "vulnerability": "VCID-y8ub-2kad-kqbs" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" }, { "vulnerability": "VCID-yuwe-6pp1-bke2" }, { "vulnerability": "VCID-zm9c-xw64-5qcc" }, { "vulnerability": "VCID-zmh2-t17w-wue1" }, { "vulnerability": "VCID-znut-tkpq-b7cu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.thoughtworks.xstream/xstream@1.4.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/36465?format=api", "purl": "pkg:maven/com.thoughtworks.xstream/xstream@1.4.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12bx-r37t-3ygm" }, { "vulnerability": "VCID-2t1b-135u-euem" }, { "vulnerability": "VCID-6mz4-fu3s-vycx" }, { "vulnerability": "VCID-7ma6-2uv1-sbef" }, { "vulnerability": "VCID-8gha-n6ke-nucu" }, { "vulnerability": "VCID-9442-1vwr-5fbt" }, { "vulnerability": "VCID-c5tu-31kw-mfcf" }, { "vulnerability": "VCID-dxpe-qmxq-ykax" }, { "vulnerability": "VCID-eeye-wfxf-x7cc" }, { "vulnerability": "VCID-exrn-u19r-wfd8" }, { "vulnerability": "VCID-f779-wcjk-kfc1" }, { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-hqzr-vc5w-9ff5" }, { "vulnerability": "VCID-hsja-ryzy-7bbx" }, { "vulnerability": "VCID-mfub-hwcq-pqbt" }, { "vulnerability": "VCID-na6t-mkxt-3qbw" }, { "vulnerability": "VCID-nn7p-d7hz-53d5" }, { "vulnerability": "VCID-npjx-vkrd-9bae" }, { "vulnerability": "VCID-nrf7-heu6-vfdc" }, { "vulnerability": "VCID-qh44-75jb-wbhf" }, { "vulnerability": "VCID-qvbb-jhkk-2udw" }, { "vulnerability": "VCID-qwp5-wae9-cffb" }, { "vulnerability": "VCID-re5g-6kjz-q7e8" }, { "vulnerability": "VCID-rfc1-r1gr-wffp" }, { "vulnerability": "VCID-sqb5-brnu-vfbk" }, { "vulnerability": "VCID-u5yy-xx6z-dfh6" }, { "vulnerability": "VCID-v7za-zjfx-mqek" }, { "vulnerability": "VCID-vn1d-9uf5-gbce" }, { "vulnerability": "VCID-vpxs-6wcf-ckh9" }, { "vulnerability": "VCID-wehr-d623-akaj" }, { "vulnerability": "VCID-xdpy-sx55-b3ac" }, { "vulnerability": "VCID-xsr8-3cke-33ck" }, { "vulnerability": "VCID-y8ub-2kad-kqbs" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" }, { "vulnerability": "VCID-yuwe-6pp1-bke2" }, { "vulnerability": "VCID-zm9c-xw64-5qcc" }, { "vulnerability": "VCID-zmh2-t17w-wue1" }, { "vulnerability": "VCID-znut-tkpq-b7cu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.thoughtworks.xstream/xstream@1.4.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/36466?format=api", "purl": "pkg:maven/com.thoughtworks.xstream/xstream@1.4.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12bx-r37t-3ygm" }, { "vulnerability": "VCID-2t1b-135u-euem" }, { "vulnerability": "VCID-6mz4-fu3s-vycx" }, { "vulnerability": "VCID-7ma6-2uv1-sbef" }, { "vulnerability": "VCID-8gha-n6ke-nucu" }, { "vulnerability": "VCID-9442-1vwr-5fbt" }, { "vulnerability": "VCID-c5tu-31kw-mfcf" }, { "vulnerability": "VCID-dxpe-qmxq-ykax" }, { "vulnerability": "VCID-eeye-wfxf-x7cc" }, { "vulnerability": "VCID-exrn-u19r-wfd8" }, { "vulnerability": "VCID-f779-wcjk-kfc1" }, { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-hqzr-vc5w-9ff5" }, { "vulnerability": "VCID-hsja-ryzy-7bbx" }, { "vulnerability": "VCID-mfub-hwcq-pqbt" }, { "vulnerability": "VCID-na6t-mkxt-3qbw" }, { "vulnerability": "VCID-nn7p-d7hz-53d5" }, { "vulnerability": "VCID-npjx-vkrd-9bae" }, { "vulnerability": "VCID-nrf7-heu6-vfdc" }, { "vulnerability": "VCID-qh44-75jb-wbhf" }, { "vulnerability": "VCID-qvbb-jhkk-2udw" }, { "vulnerability": "VCID-qwp5-wae9-cffb" }, { "vulnerability": "VCID-re5g-6kjz-q7e8" }, { "vulnerability": "VCID-rfc1-r1gr-wffp" }, { "vulnerability": "VCID-sqb5-brnu-vfbk" }, { "vulnerability": "VCID-u5yy-xx6z-dfh6" }, { "vulnerability": "VCID-v7za-zjfx-mqek" }, { "vulnerability": "VCID-vn1d-9uf5-gbce" }, { "vulnerability": "VCID-vpxs-6wcf-ckh9" }, { "vulnerability": "VCID-wehr-d623-akaj" }, { "vulnerability": "VCID-xdpy-sx55-b3ac" }, { "vulnerability": "VCID-xsr8-3cke-33ck" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" }, { "vulnerability": "VCID-yuwe-6pp1-bke2" }, { "vulnerability": "VCID-zm9c-xw64-5qcc" }, { "vulnerability": "VCID-zmh2-t17w-wue1" }, { "vulnerability": "VCID-znut-tkpq-b7cu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.thoughtworks.xstream/xstream@1.4.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/208812?format=api", "purl": "pkg:maven/com.thoughtworks.xstream/xstream@1.4.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12bx-r37t-3ygm" }, { "vulnerability": "VCID-2t1b-135u-euem" }, { "vulnerability": "VCID-6mz4-fu3s-vycx" }, { "vulnerability": "VCID-7ma6-2uv1-sbef" }, { "vulnerability": "VCID-8gha-n6ke-nucu" }, { "vulnerability": "VCID-9442-1vwr-5fbt" }, { "vulnerability": "VCID-c5tu-31kw-mfcf" }, { "vulnerability": "VCID-dxpe-qmxq-ykax" }, { "vulnerability": "VCID-eeye-wfxf-x7cc" }, { "vulnerability": "VCID-exrn-u19r-wfd8" }, { "vulnerability": "VCID-f779-wcjk-kfc1" }, { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-hqzr-vc5w-9ff5" }, { "vulnerability": "VCID-hsja-ryzy-7bbx" }, { "vulnerability": "VCID-mfub-hwcq-pqbt" }, { "vulnerability": "VCID-na6t-mkxt-3qbw" }, { "vulnerability": "VCID-nn7p-d7hz-53d5" }, { "vulnerability": "VCID-npjx-vkrd-9bae" }, { "vulnerability": "VCID-nrf7-heu6-vfdc" }, { "vulnerability": "VCID-qh44-75jb-wbhf" }, { "vulnerability": "VCID-qvbb-jhkk-2udw" }, { "vulnerability": "VCID-qwp5-wae9-cffb" }, { "vulnerability": "VCID-re5g-6kjz-q7e8" }, { "vulnerability": "VCID-rfc1-r1gr-wffp" }, { "vulnerability": "VCID-sqb5-brnu-vfbk" }, { "vulnerability": "VCID-u5yy-xx6z-dfh6" }, { "vulnerability": "VCID-v7za-zjfx-mqek" }, { "vulnerability": "VCID-vn1d-9uf5-gbce" }, { "vulnerability": "VCID-vpxs-6wcf-ckh9" }, { "vulnerability": "VCID-wehr-d623-akaj" }, { "vulnerability": "VCID-xdpy-sx55-b3ac" }, { "vulnerability": "VCID-xsr8-3cke-33ck" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" }, { "vulnerability": "VCID-yuwe-6pp1-bke2" }, { "vulnerability": "VCID-zm9c-xw64-5qcc" }, { "vulnerability": "VCID-zmh2-t17w-wue1" }, { "vulnerability": "VCID-znut-tkpq-b7cu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.thoughtworks.xstream/xstream@1.4.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/73407?format=api", "purl": "pkg:maven/com.thoughtworks.xstream/xstream@1.4.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12bx-r37t-3ygm" }, { "vulnerability": "VCID-2t1b-135u-euem" }, { "vulnerability": "VCID-6mz4-fu3s-vycx" }, { "vulnerability": "VCID-7ma6-2uv1-sbef" }, { "vulnerability": "VCID-8gha-n6ke-nucu" }, { "vulnerability": "VCID-9442-1vwr-5fbt" }, { "vulnerability": "VCID-c5tu-31kw-mfcf" }, { "vulnerability": "VCID-dxpe-qmxq-ykax" }, { "vulnerability": "VCID-eeye-wfxf-x7cc" }, { "vulnerability": "VCID-exrn-u19r-wfd8" }, { "vulnerability": "VCID-f779-wcjk-kfc1" }, { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-hqzr-vc5w-9ff5" }, { "vulnerability": "VCID-hsja-ryzy-7bbx" }, { "vulnerability": "VCID-mfub-hwcq-pqbt" }, { "vulnerability": "VCID-na6t-mkxt-3qbw" }, { "vulnerability": "VCID-nn7p-d7hz-53d5" }, { "vulnerability": "VCID-npjx-vkrd-9bae" }, { "vulnerability": "VCID-nrf7-heu6-vfdc" }, { "vulnerability": "VCID-qh44-75jb-wbhf" }, { "vulnerability": "VCID-qvbb-jhkk-2udw" }, { "vulnerability": "VCID-qwp5-wae9-cffb" }, { "vulnerability": "VCID-re5g-6kjz-q7e8" }, { "vulnerability": "VCID-rfc1-r1gr-wffp" }, { "vulnerability": "VCID-sqb5-brnu-vfbk" }, { "vulnerability": "VCID-u5yy-xx6z-dfh6" }, { "vulnerability": "VCID-v7za-zjfx-mqek" }, { "vulnerability": "VCID-vn1d-9uf5-gbce" }, { "vulnerability": "VCID-vpxs-6wcf-ckh9" }, { "vulnerability": "VCID-wehr-d623-akaj" }, { "vulnerability": "VCID-xdpy-sx55-b3ac" }, { "vulnerability": "VCID-xsr8-3cke-33ck" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" }, { "vulnerability": "VCID-yuwe-6pp1-bke2" }, { "vulnerability": "VCID-zm9c-xw64-5qcc" }, { "vulnerability": "VCID-zmh2-t17w-wue1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.thoughtworks.xstream/xstream@1.4.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/73378?format=api", "purl": "pkg:maven/com.thoughtworks.xstream/xstream@1.4.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12bx-r37t-3ygm" }, { "vulnerability": "VCID-2t1b-135u-euem" }, { "vulnerability": "VCID-6mz4-fu3s-vycx" }, { "vulnerability": "VCID-7ma6-2uv1-sbef" }, { "vulnerability": "VCID-8gha-n6ke-nucu" }, { "vulnerability": "VCID-9442-1vwr-5fbt" }, { "vulnerability": "VCID-bdv1-cuyk-sqc1" }, { "vulnerability": "VCID-c5tu-31kw-mfcf" }, { "vulnerability": "VCID-dxpe-qmxq-ykax" }, { "vulnerability": "VCID-eeye-wfxf-x7cc" }, { "vulnerability": "VCID-exrn-u19r-wfd8" }, { "vulnerability": "VCID-f779-wcjk-kfc1" }, { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-hqzr-vc5w-9ff5" }, { "vulnerability": "VCID-hsja-ryzy-7bbx" }, { "vulnerability": "VCID-mfub-hwcq-pqbt" }, { "vulnerability": "VCID-na6t-mkxt-3qbw" }, { "vulnerability": "VCID-npjx-vkrd-9bae" }, { "vulnerability": "VCID-nrf7-heu6-vfdc" }, { "vulnerability": "VCID-qh44-75jb-wbhf" }, { "vulnerability": "VCID-qvbb-jhkk-2udw" }, { "vulnerability": "VCID-qwp5-wae9-cffb" }, { "vulnerability": "VCID-re5g-6kjz-q7e8" }, { "vulnerability": "VCID-rfc1-r1gr-wffp" }, { "vulnerability": "VCID-sqb5-brnu-vfbk" }, { "vulnerability": "VCID-u5yy-xx6z-dfh6" }, { "vulnerability": "VCID-v7za-zjfx-mqek" }, { "vulnerability": "VCID-vn1d-9uf5-gbce" }, { "vulnerability": "VCID-vpxs-6wcf-ckh9" }, { "vulnerability": "VCID-wehr-d623-akaj" }, { "vulnerability": "VCID-xdpy-sx55-b3ac" }, { "vulnerability": "VCID-xsr8-3cke-33ck" }, { "vulnerability": "VCID-y8ub-2kad-kqbs" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" }, { "vulnerability": "VCID-yuwe-6pp1-bke2" }, { "vulnerability": "VCID-zm9c-xw64-5qcc" }, { "vulnerability": "VCID-zmh2-t17w-wue1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.thoughtworks.xstream/xstream@1.4.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/221739?format=api", "purl": "pkg:maven/com.thoughtworks.xstream/xstream@1.4.10-java7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12bx-r37t-3ygm" }, { "vulnerability": "VCID-2t1b-135u-euem" }, { "vulnerability": "VCID-6mz4-fu3s-vycx" }, { "vulnerability": "VCID-7ma6-2uv1-sbef" }, { "vulnerability": "VCID-8gha-n6ke-nucu" }, { "vulnerability": "VCID-9442-1vwr-5fbt" }, { "vulnerability": "VCID-c5tu-31kw-mfcf" }, { "vulnerability": "VCID-dxpe-qmxq-ykax" }, { "vulnerability": "VCID-eeye-wfxf-x7cc" }, { "vulnerability": "VCID-exrn-u19r-wfd8" }, { "vulnerability": "VCID-f779-wcjk-kfc1" }, { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-hqzr-vc5w-9ff5" }, { "vulnerability": "VCID-hsja-ryzy-7bbx" }, { "vulnerability": "VCID-mfub-hwcq-pqbt" }, { "vulnerability": "VCID-na6t-mkxt-3qbw" }, { "vulnerability": "VCID-npjx-vkrd-9bae" }, { "vulnerability": "VCID-nrf7-heu6-vfdc" }, { "vulnerability": "VCID-qh44-75jb-wbhf" }, { "vulnerability": "VCID-qvbb-jhkk-2udw" }, { "vulnerability": "VCID-qwp5-wae9-cffb" }, { "vulnerability": "VCID-re5g-6kjz-q7e8" }, { "vulnerability": "VCID-rfc1-r1gr-wffp" }, { "vulnerability": "VCID-sqb5-brnu-vfbk" }, { "vulnerability": "VCID-u5yy-xx6z-dfh6" }, { "vulnerability": "VCID-v7za-zjfx-mqek" }, { "vulnerability": "VCID-vn1d-9uf5-gbce" }, { "vulnerability": "VCID-vpxs-6wcf-ckh9" }, { "vulnerability": "VCID-wehr-d623-akaj" }, { "vulnerability": "VCID-xdpy-sx55-b3ac" }, { "vulnerability": "VCID-xsr8-3cke-33ck" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" }, { "vulnerability": "VCID-yuwe-6pp1-bke2" }, { "vulnerability": "VCID-zm9c-xw64-5qcc" }, { "vulnerability": "VCID-zmh2-t17w-wue1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.thoughtworks.xstream/xstream@1.4.10-java7" }, { "url": "http://public2.vulnerablecode.io/api/packages/79176?format=api", "purl": "pkg:maven/com.thoughtworks.xstream/xstream@1.4.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12bx-r37t-3ygm" }, { "vulnerability": "VCID-2t1b-135u-euem" }, { "vulnerability": "VCID-6mz4-fu3s-vycx" }, { "vulnerability": "VCID-7ma6-2uv1-sbef" }, { "vulnerability": "VCID-8gha-n6ke-nucu" }, { "vulnerability": "VCID-9442-1vwr-5fbt" }, { "vulnerability": "VCID-c5tu-31kw-mfcf" }, { "vulnerability": "VCID-dxpe-qmxq-ykax" }, { "vulnerability": "VCID-eeye-wfxf-x7cc" }, { "vulnerability": "VCID-exrn-u19r-wfd8" }, { "vulnerability": "VCID-f779-wcjk-kfc1" }, { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-hqzr-vc5w-9ff5" }, { "vulnerability": "VCID-hsja-ryzy-7bbx" }, { "vulnerability": "VCID-mfub-hwcq-pqbt" }, { "vulnerability": "VCID-na6t-mkxt-3qbw" }, { "vulnerability": "VCID-npjx-vkrd-9bae" }, { "vulnerability": "VCID-nrf7-heu6-vfdc" }, { "vulnerability": "VCID-qh44-75jb-wbhf" }, { "vulnerability": "VCID-qvbb-jhkk-2udw" }, { "vulnerability": "VCID-qwp5-wae9-cffb" }, { "vulnerability": "VCID-re5g-6kjz-q7e8" }, { "vulnerability": "VCID-rfc1-r1gr-wffp" }, { "vulnerability": "VCID-sqb5-brnu-vfbk" }, { "vulnerability": "VCID-u5yy-xx6z-dfh6" }, { "vulnerability": "VCID-v7za-zjfx-mqek" }, { "vulnerability": "VCID-vn1d-9uf5-gbce" }, { "vulnerability": "VCID-vpxs-6wcf-ckh9" }, { "vulnerability": "VCID-wehr-d623-akaj" }, { "vulnerability": "VCID-xdpy-sx55-b3ac" }, { "vulnerability": "VCID-xsr8-3cke-33ck" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" }, { "vulnerability": "VCID-yuwe-6pp1-bke2" }, { "vulnerability": "VCID-zm9c-xw64-5qcc" }, { "vulnerability": "VCID-zmh2-t17w-wue1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.thoughtworks.xstream/xstream@1.4.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/221740?format=api", "purl": "pkg:maven/com.thoughtworks.xstream/xstream@1.4.11-java7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12bx-r37t-3ygm" }, { "vulnerability": "VCID-2t1b-135u-euem" }, { "vulnerability": "VCID-6mz4-fu3s-vycx" }, { "vulnerability": "VCID-7ma6-2uv1-sbef" }, { "vulnerability": "VCID-8gha-n6ke-nucu" }, { "vulnerability": "VCID-9442-1vwr-5fbt" }, { "vulnerability": "VCID-c5tu-31kw-mfcf" }, { "vulnerability": "VCID-dxpe-qmxq-ykax" }, { "vulnerability": "VCID-eeye-wfxf-x7cc" }, { "vulnerability": "VCID-exrn-u19r-wfd8" }, { "vulnerability": "VCID-f779-wcjk-kfc1" }, { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-hqzr-vc5w-9ff5" }, { "vulnerability": "VCID-hsja-ryzy-7bbx" }, { "vulnerability": "VCID-mfub-hwcq-pqbt" }, { "vulnerability": "VCID-na6t-mkxt-3qbw" }, { "vulnerability": "VCID-npjx-vkrd-9bae" }, { "vulnerability": "VCID-nrf7-heu6-vfdc" }, { "vulnerability": "VCID-qh44-75jb-wbhf" }, { "vulnerability": "VCID-qvbb-jhkk-2udw" }, { "vulnerability": "VCID-qwp5-wae9-cffb" }, { "vulnerability": "VCID-re5g-6kjz-q7e8" }, { "vulnerability": "VCID-rfc1-r1gr-wffp" }, { "vulnerability": "VCID-sqb5-brnu-vfbk" }, { "vulnerability": "VCID-u5yy-xx6z-dfh6" }, { "vulnerability": "VCID-v7za-zjfx-mqek" }, { "vulnerability": "VCID-vn1d-9uf5-gbce" }, { "vulnerability": "VCID-vpxs-6wcf-ckh9" }, { "vulnerability": "VCID-wehr-d623-akaj" }, { "vulnerability": "VCID-xdpy-sx55-b3ac" }, { "vulnerability": "VCID-xsr8-3cke-33ck" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" }, { "vulnerability": "VCID-yuwe-6pp1-bke2" }, { "vulnerability": "VCID-zm9c-xw64-5qcc" }, { "vulnerability": "VCID-zmh2-t17w-wue1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.thoughtworks.xstream/xstream@1.4.11-java7" }, { "url": "http://public2.vulnerablecode.io/api/packages/221741?format=api", "purl": "pkg:maven/com.thoughtworks.xstream/xstream@1.4.11.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12bx-r37t-3ygm" }, { "vulnerability": "VCID-2t1b-135u-euem" }, { "vulnerability": "VCID-6mz4-fu3s-vycx" }, { "vulnerability": "VCID-7ma6-2uv1-sbef" }, { "vulnerability": "VCID-8gha-n6ke-nucu" }, { "vulnerability": "VCID-9442-1vwr-5fbt" }, { "vulnerability": "VCID-c5tu-31kw-mfcf" }, { "vulnerability": "VCID-dxpe-qmxq-ykax" }, { "vulnerability": "VCID-eeye-wfxf-x7cc" }, { "vulnerability": "VCID-exrn-u19r-wfd8" }, { "vulnerability": "VCID-f779-wcjk-kfc1" }, { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-hqzr-vc5w-9ff5" }, { "vulnerability": "VCID-hsja-ryzy-7bbx" }, { "vulnerability": "VCID-mfub-hwcq-pqbt" }, { "vulnerability": "VCID-na6t-mkxt-3qbw" }, { "vulnerability": "VCID-npjx-vkrd-9bae" }, { "vulnerability": "VCID-nrf7-heu6-vfdc" }, { "vulnerability": "VCID-qh44-75jb-wbhf" }, { "vulnerability": "VCID-qvbb-jhkk-2udw" }, { "vulnerability": "VCID-qwp5-wae9-cffb" }, { "vulnerability": "VCID-re5g-6kjz-q7e8" }, { "vulnerability": "VCID-rfc1-r1gr-wffp" }, { "vulnerability": "VCID-sqb5-brnu-vfbk" }, { "vulnerability": "VCID-u5yy-xx6z-dfh6" }, { "vulnerability": "VCID-v7za-zjfx-mqek" }, { "vulnerability": "VCID-vn1d-9uf5-gbce" }, { "vulnerability": "VCID-vpxs-6wcf-ckh9" }, { "vulnerability": "VCID-wehr-d623-akaj" }, { "vulnerability": "VCID-xdpy-sx55-b3ac" }, { "vulnerability": "VCID-xsr8-3cke-33ck" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" }, { "vulnerability": "VCID-yuwe-6pp1-bke2" }, { "vulnerability": "VCID-zm9c-xw64-5qcc" }, { "vulnerability": "VCID-zmh2-t17w-wue1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.thoughtworks.xstream/xstream@1.4.11.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/221742?format=api", "purl": "pkg:maven/com.thoughtworks.xstream/xstream@1.4.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12bx-r37t-3ygm" }, { "vulnerability": "VCID-2t1b-135u-euem" }, { "vulnerability": "VCID-6mz4-fu3s-vycx" }, { "vulnerability": "VCID-7ma6-2uv1-sbef" }, { "vulnerability": "VCID-8gha-n6ke-nucu" }, { "vulnerability": "VCID-9442-1vwr-5fbt" }, { "vulnerability": "VCID-c5tu-31kw-mfcf" }, { "vulnerability": "VCID-dxpe-qmxq-ykax" }, { "vulnerability": "VCID-eeye-wfxf-x7cc" }, { "vulnerability": "VCID-exrn-u19r-wfd8" }, { "vulnerability": "VCID-f779-wcjk-kfc1" }, { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-hqzr-vc5w-9ff5" }, { "vulnerability": "VCID-hsja-ryzy-7bbx" }, { "vulnerability": "VCID-mfub-hwcq-pqbt" }, { "vulnerability": "VCID-na6t-mkxt-3qbw" }, { "vulnerability": "VCID-npjx-vkrd-9bae" }, { "vulnerability": "VCID-nrf7-heu6-vfdc" }, { "vulnerability": "VCID-qh44-75jb-wbhf" }, { "vulnerability": "VCID-qvbb-jhkk-2udw" }, { "vulnerability": "VCID-qwp5-wae9-cffb" }, { "vulnerability": "VCID-re5g-6kjz-q7e8" }, { "vulnerability": "VCID-rfc1-r1gr-wffp" }, { "vulnerability": "VCID-sqb5-brnu-vfbk" }, { "vulnerability": "VCID-u5yy-xx6z-dfh6" }, { "vulnerability": "VCID-v7za-zjfx-mqek" }, { "vulnerability": "VCID-vn1d-9uf5-gbce" }, { "vulnerability": "VCID-vpxs-6wcf-ckh9" }, { "vulnerability": "VCID-wehr-d623-akaj" }, { "vulnerability": "VCID-xdpy-sx55-b3ac" }, { "vulnerability": "VCID-xsr8-3cke-33ck" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" }, { "vulnerability": "VCID-yuwe-6pp1-bke2" }, { "vulnerability": "VCID-zm9c-xw64-5qcc" }, { "vulnerability": "VCID-zmh2-t17w-wue1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.thoughtworks.xstream/xstream@1.4.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/221743?format=api", "purl": "pkg:maven/com.thoughtworks.xstream/xstream@1.4.12-java7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12bx-r37t-3ygm" }, { "vulnerability": "VCID-2t1b-135u-euem" }, { "vulnerability": "VCID-6mz4-fu3s-vycx" }, { "vulnerability": "VCID-7ma6-2uv1-sbef" }, { "vulnerability": "VCID-8gha-n6ke-nucu" }, { "vulnerability": "VCID-9442-1vwr-5fbt" }, { "vulnerability": "VCID-c5tu-31kw-mfcf" }, { "vulnerability": "VCID-dxpe-qmxq-ykax" }, { "vulnerability": "VCID-eeye-wfxf-x7cc" }, { "vulnerability": "VCID-exrn-u19r-wfd8" }, { "vulnerability": "VCID-f779-wcjk-kfc1" }, { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-hqzr-vc5w-9ff5" }, { "vulnerability": "VCID-hsja-ryzy-7bbx" }, { "vulnerability": "VCID-mfub-hwcq-pqbt" }, { "vulnerability": "VCID-na6t-mkxt-3qbw" }, { "vulnerability": "VCID-npjx-vkrd-9bae" }, { "vulnerability": "VCID-nrf7-heu6-vfdc" }, { "vulnerability": "VCID-qh44-75jb-wbhf" }, { "vulnerability": "VCID-qvbb-jhkk-2udw" }, { "vulnerability": "VCID-qwp5-wae9-cffb" }, { "vulnerability": "VCID-re5g-6kjz-q7e8" }, { "vulnerability": "VCID-rfc1-r1gr-wffp" }, { "vulnerability": "VCID-sqb5-brnu-vfbk" }, { "vulnerability": "VCID-u5yy-xx6z-dfh6" }, { "vulnerability": "VCID-v7za-zjfx-mqek" }, { "vulnerability": "VCID-vn1d-9uf5-gbce" }, { "vulnerability": "VCID-vpxs-6wcf-ckh9" }, { "vulnerability": "VCID-wehr-d623-akaj" }, { "vulnerability": "VCID-xdpy-sx55-b3ac" }, { "vulnerability": "VCID-xsr8-3cke-33ck" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" }, { "vulnerability": "VCID-yuwe-6pp1-bke2" }, { "vulnerability": "VCID-zm9c-xw64-5qcc" }, { "vulnerability": "VCID-zmh2-t17w-wue1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.thoughtworks.xstream/xstream@1.4.12-java7" }, { "url": "http://public2.vulnerablecode.io/api/packages/221744?format=api", "purl": "pkg:maven/com.thoughtworks.xstream/xstream@1.4.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12bx-r37t-3ygm" }, { "vulnerability": "VCID-2t1b-135u-euem" }, { "vulnerability": "VCID-6mz4-fu3s-vycx" }, { "vulnerability": "VCID-7ma6-2uv1-sbef" }, { "vulnerability": "VCID-8gha-n6ke-nucu" }, { "vulnerability": "VCID-9442-1vwr-5fbt" }, { "vulnerability": "VCID-c5tu-31kw-mfcf" }, { "vulnerability": "VCID-dxpe-qmxq-ykax" }, { "vulnerability": "VCID-eeye-wfxf-x7cc" }, { "vulnerability": "VCID-exrn-u19r-wfd8" }, { "vulnerability": "VCID-f779-wcjk-kfc1" }, { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-hqzr-vc5w-9ff5" }, { "vulnerability": "VCID-hsja-ryzy-7bbx" }, { "vulnerability": "VCID-mfub-hwcq-pqbt" }, { "vulnerability": "VCID-na6t-mkxt-3qbw" }, { "vulnerability": "VCID-npjx-vkrd-9bae" }, { "vulnerability": "VCID-nrf7-heu6-vfdc" }, { "vulnerability": "VCID-qh44-75jb-wbhf" }, { "vulnerability": "VCID-qvbb-jhkk-2udw" }, { "vulnerability": "VCID-qwp5-wae9-cffb" }, { "vulnerability": "VCID-re5g-6kjz-q7e8" }, { "vulnerability": "VCID-rfc1-r1gr-wffp" }, { "vulnerability": "VCID-sqb5-brnu-vfbk" }, { "vulnerability": "VCID-u5yy-xx6z-dfh6" }, { "vulnerability": "VCID-v7za-zjfx-mqek" }, { "vulnerability": "VCID-vn1d-9uf5-gbce" }, { "vulnerability": "VCID-vpxs-6wcf-ckh9" }, { "vulnerability": "VCID-wehr-d623-akaj" }, { "vulnerability": "VCID-xdpy-sx55-b3ac" }, { "vulnerability": "VCID-xsr8-3cke-33ck" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" }, { "vulnerability": "VCID-yuwe-6pp1-bke2" }, { "vulnerability": "VCID-zm9c-xw64-5qcc" }, { "vulnerability": "VCID-zmh2-t17w-wue1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.thoughtworks.xstream/xstream@1.4.13" }, { "url": "http://public2.vulnerablecode.io/api/packages/221745?format=api", "purl": "pkg:maven/com.thoughtworks.xstream/xstream@1.4.13-java7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12bx-r37t-3ygm" }, { "vulnerability": "VCID-2t1b-135u-euem" }, { "vulnerability": "VCID-6mz4-fu3s-vycx" }, { "vulnerability": "VCID-7ma6-2uv1-sbef" }, { "vulnerability": "VCID-8gha-n6ke-nucu" }, { "vulnerability": "VCID-9442-1vwr-5fbt" }, { "vulnerability": "VCID-c5tu-31kw-mfcf" }, { "vulnerability": "VCID-dxpe-qmxq-ykax" }, { "vulnerability": "VCID-eeye-wfxf-x7cc" }, { "vulnerability": "VCID-exrn-u19r-wfd8" }, { "vulnerability": "VCID-f779-wcjk-kfc1" }, { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-hqzr-vc5w-9ff5" }, { "vulnerability": "VCID-hsja-ryzy-7bbx" }, { "vulnerability": "VCID-mfub-hwcq-pqbt" }, { "vulnerability": "VCID-na6t-mkxt-3qbw" }, { "vulnerability": "VCID-npjx-vkrd-9bae" }, { "vulnerability": "VCID-nrf7-heu6-vfdc" }, { "vulnerability": "VCID-qh44-75jb-wbhf" }, { "vulnerability": "VCID-qvbb-jhkk-2udw" }, { "vulnerability": "VCID-qwp5-wae9-cffb" }, { "vulnerability": "VCID-re5g-6kjz-q7e8" }, { "vulnerability": "VCID-rfc1-r1gr-wffp" }, { "vulnerability": "VCID-sqb5-brnu-vfbk" }, { "vulnerability": "VCID-u5yy-xx6z-dfh6" }, { "vulnerability": "VCID-v7za-zjfx-mqek" }, { "vulnerability": "VCID-vn1d-9uf5-gbce" }, { "vulnerability": "VCID-vpxs-6wcf-ckh9" }, { "vulnerability": "VCID-wehr-d623-akaj" }, { "vulnerability": "VCID-xdpy-sx55-b3ac" }, { "vulnerability": "VCID-xsr8-3cke-33ck" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" }, { "vulnerability": "VCID-yuwe-6pp1-bke2" }, { "vulnerability": "VCID-zm9c-xw64-5qcc" }, { "vulnerability": "VCID-zmh2-t17w-wue1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.thoughtworks.xstream/xstream@1.4.13-java7" }, { "url": "http://public2.vulnerablecode.io/api/packages/221746?format=api", "purl": "pkg:maven/com.thoughtworks.xstream/xstream@1.4.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12bx-r37t-3ygm" }, { "vulnerability": "VCID-2t1b-135u-euem" }, { "vulnerability": "VCID-6mz4-fu3s-vycx" }, { "vulnerability": "VCID-7ma6-2uv1-sbef" }, { "vulnerability": "VCID-8gha-n6ke-nucu" }, { "vulnerability": "VCID-9442-1vwr-5fbt" }, { "vulnerability": "VCID-c5tu-31kw-mfcf" }, { "vulnerability": "VCID-dxpe-qmxq-ykax" }, { "vulnerability": "VCID-eeye-wfxf-x7cc" }, { "vulnerability": "VCID-exrn-u19r-wfd8" }, { "vulnerability": "VCID-f779-wcjk-kfc1" }, { "vulnerability": "VCID-fcg2-x3s5-wudk" }, { "vulnerability": "VCID-hqzr-vc5w-9ff5" }, { "vulnerability": "VCID-hsja-ryzy-7bbx" }, { "vulnerability": "VCID-mfub-hwcq-pqbt" }, { "vulnerability": "VCID-na6t-mkxt-3qbw" }, { "vulnerability": "VCID-npjx-vkrd-9bae" }, { "vulnerability": "VCID-nrf7-heu6-vfdc" }, { "vulnerability": "VCID-qh44-75jb-wbhf" }, { "vulnerability": "VCID-qvbb-jhkk-2udw" }, { "vulnerability": "VCID-qwp5-wae9-cffb" }, { "vulnerability": "VCID-re5g-6kjz-q7e8" }, { "vulnerability": "VCID-rfc1-r1gr-wffp" }, { "vulnerability": "VCID-sqb5-brnu-vfbk" }, { "vulnerability": "VCID-u5yy-xx6z-dfh6" }, { "vulnerability": "VCID-v7za-zjfx-mqek" }, { "vulnerability": "VCID-vn1d-9uf5-gbce" }, { "vulnerability": "VCID-vpxs-6wcf-ckh9" }, { "vulnerability": "VCID-wehr-d623-akaj" }, { "vulnerability": "VCID-xdpy-sx55-b3ac" }, { "vulnerability": "VCID-xsr8-3cke-33ck" }, { "vulnerability": "VCID-yb4j-92y9-nfb5" }, { "vulnerability": "VCID-yuwe-6pp1-bke2" }, { "vulnerability": "VCID-zm9c-xw64-5qcc" }, { "vulnerability": "VCID-zmh2-t17w-wue1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.thoughtworks.xstream/xstream@1.4.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/101359?format=api", "purl": "pkg:rpm/redhat/xstream@1.3.1-12?arch=el7_9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2t1b-135u-euem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/xstream@1.3.1-12%3Farch=el7_9" } ], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26217.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26217.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-26217", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.93008", "scoring_system": "epss", "scoring_elements": "0.99782", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.93008", "scoring_system": "epss", "scoring_elements": "0.99785", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.93008", "scoring_system": "epss", "scoring_elements": "0.99784", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.93008", "scoring_system": "epss", "scoring_elements": "0.99783", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.93008", "scoring_system": "epss", "scoring_elements": "0.99781", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.93171", "scoring_system": "epss", "scoring_elements": "0.99803", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.93171", "scoring_system": "epss", "scoring_elements": "0.99802", "published_at": "2026-05-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-26217" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26217" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/x-stream/xstream", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/x-stream/xstream" }, { "reference_url": "https://github.com/x-stream/xstream/commit/0fec095d534126931c99fd38e9c6d41f5c685c1a", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/x-stream/xstream/commit/0fec095d534126931c99fd38e9c6d41f5c685c1a" }, { "reference_url": "https://github.com/x-stream/xstream/security/advisories/GHSA-mw36-7c6c-q4q2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/x-stream/xstream/security/advisories/GHSA-mw36-7c6c-q4q2" }, { "reference_url": "https://lists.apache.org/thread.html/r2de526726e7f4db4a7cb91b7355070779f51a84fd985c6529c2f4e9e@%3Cissues.activemq.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r2de526726e7f4db4a7cb91b7355070779f51a84fd985c6529c2f4e9e@%3Cissues.activemq.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r7c9fc255edc0b9cd9567093d131f6d33fde4c662aaf912460ef630e9@%3Ccommits.camel.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r7c9fc255edc0b9cd9567093d131f6d33fde4c662aaf912460ef630e9@%3Ccommits.camel.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r826a006fda71cc96fc87b6eca4b5d195f19a292ad36cea501682c38c@%3Cissues.activemq.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r826a006fda71cc96fc87b6eca4b5d195f19a292ad36cea501682c38c@%3Cissues.activemq.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/redde3609b89b2a4ff18b536a06ef9a77deb93d47fda8ed28086fa8c3@%3Cissues.activemq.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/redde3609b89b2a4ff18b536a06ef9a77deb93d47fda8ed28086fa8c3@%3Cissues.activemq.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00001.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26217", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26217" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210409-0004", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20210409-0004" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4811", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2020/dsa-4811" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuApr2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "reference_url": "https://www.oracle.com//security-alerts/cpujul2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "reference_url": "https://x-stream.github.io/CVE-2020-26217.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://x-stream.github.io/CVE-2020-26217.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898907", "reference_id": "1898907", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898907" }, { "reference_url": "https://github.com/advisories/GHSA-mw36-7c6c-q4q2", "reference_id": "GHSA-mw36-7c6c-q4q2", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mw36-7c6c-q4q2" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0105", "reference_id": "RHSA-2021:0105", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0105" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0106", "reference_id": "RHSA-2021:0106", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0106" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0162", "reference_id": "RHSA-2021:0162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0384", "reference_id": "RHSA-2021:0384", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0384" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0433", "reference_id": "RHSA-2021:0433", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0433" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3205", "reference_id": "RHSA-2021:3205", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3205" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4767", "reference_id": "RHSA-2021:4767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5134", "reference_id": "RHSA-2021:5134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5134" }, { "reference_url": "https://usn.ubuntu.com/4714-1/", "reference_id": "USN-4714-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4714-1/" }, { "reference_url": "https://usn.ubuntu.com/4943-1/", "reference_id": "USN-4943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4943-1/" }, { "reference_url": "https://usn.ubuntu.com/6978-1/", "reference_id": "USN-6978-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6978-1/" } ], "weaknesses": [ { "cwe_id": 78, "name": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "description": "The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component." }, { "cwe_id": 502, "name": "Deserialization of Untrusted Data", "description": "The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." } ], "exploits": [], "severity_range_score": "7.0 - 9.0", "exploitability": "2.0", "weighted_severity": "8.1", "risk_score": 10.0, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2t1b-135u-euem" }