{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40309?format=json","vulnerability_id":"VCID-x63h-y2jy-pyaz","summary":"Moderate severity vulnerability that affects org.apache.httpcomponents:httpclient\nhttp/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents HttpClient before 4.3.6 ignores the http.socket.timeout configuration setting during an SSL handshake, which allows remote attackers to cause a denial of service (HTTPS call hang) via unspecified vectors.","aliases":[{"alias":"CVE-2015-5262"},{"alias":"GHSA-fmj5-wv96-r2ch"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/91802?format=json","purl":"pkg:deb/debian/commons-httpclient@3.1-12?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/commons-httpclient@3.1-12%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/580702?format=json","purl":"pkg:deb/debian/commons-httpclient@3.1-12","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/commons-httpclient@3.1-12"},{"url":"http://public2.vulnerablecode.io/api/packages/91798?format=json","purl":"pkg:deb/debian/commons-httpclient@3.1-16?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/commons-httpclient@3.1-16%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98646?format=json","purl":"pkg:deb/debian/httpcomponents-client@4.3.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/httpcomponents-client@4.3.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/516458?format=json","purl":"pkg:deb/debian/httpcomponents-client@4.5.2-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6amm-pfu5-6bf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/httpcomponents-client@4.5.2-2"},{"url":"http://public2.vulnerablecode.io/api/packages/98643?format=json","purl":"pkg:deb/debian/httpcomponents-client@4.5.13-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/httpcomponents-client@4.5.13-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98641?format=json","purl":"pkg:deb/debian/httpcomponents-client@4.5.14-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/httpcomponents-client@4.5.14-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/56694?format=json","purl":"pkg:maven/org.apache.httpcomponents/httpclient@4.3.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6amm-pfu5-6bf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.3.6"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/6058?format=json","purl":"pkg:deb/debian/commons-httpclient@2.0a1%2B20020904-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-jd44-nhjx-3yfw"},{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-rp7v-71b5-sqfd"},{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/commons-httpclient@2.0a1%252B20020904-2"},{"url":"http://public2.vulnerablecode.io/api/packages/6059?format=json","purl":"pkg:deb/debian/commons-httpclient@3.0.1-0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-jd44-nhjx-3yfw"},{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-rp7v-71b5-sqfd"},{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/commons-httpclient@3.0.1-0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/6060?format=json","purl":"pkg:deb/debian/commons-httpclient@3.1-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-jd44-nhjx-3yfw"},{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-rp7v-71b5-sqfd"},{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/commons-httpclient@3.1-2"},{"url":"http://public2.vulnerablecode.io/api/packages/6061?format=json","purl":"pkg:deb/debian/commons-httpclient@3.1-9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-jd44-nhjx-3yfw"},{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-rp7v-71b5-sqfd"},{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/commons-httpclient@3.1-9"},{"url":"http://public2.vulnerablecode.io/api/packages/6062?format=json","purl":"pkg:deb/debian/commons-httpclient@3.1-9%2Bdeb6u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-jd44-nhjx-3yfw"},{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-rp7v-71b5-sqfd"},{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/commons-httpclient@3.1-9%252Bdeb6u2"},{"url":"http://public2.vulnerablecode.io/api/packages/6063?format=json","purl":"pkg:deb/debian/commons-httpclient@3.1-10.2%2Bdeb7u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/commons-httpclient@3.1-10.2%252Bdeb7u2"},{"url":"http://public2.vulnerablecode.io/api/packages/6064?format=json","purl":"pkg:deb/debian/commons-httpclient@3.1-11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/commons-httpclient@3.1-11"},{"url":"http://public2.vulnerablecode.io/api/packages/580700?format=json","purl":"pkg:deb/debian/commons-httpclient@3.1-11%2Bdeb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/commons-httpclient@3.1-11%252Bdeb8u1"},{"url":"http://public2.vulnerablecode.io/api/packages/6095?format=json","purl":"pkg:deb/debian/httpcomponents-client@4.0.1-1squeeze1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-318s-st8t-wke2"},{"vulnerability":"VCID-6amm-pfu5-6bf4"},{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-x63h-y2jy-pyaz"},{"vulnerability":"VCID-yrbr-vnty-ebfr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/httpcomponents-client@4.0.1-1squeeze1"},{"url":"http://public2.vulnerablecode.io/api/packages/6096?format=json","purl":"pkg:deb/debian/httpcomponents-client@4.1.1-2%2Bdeb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6amm-pfu5-6bf4"},{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-x63h-y2jy-pyaz"},{"vulnerability":"VCID-yrbr-vnty-ebfr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/httpcomponents-client@4.1.1-2%252Bdeb7u1"},{"url":"http://public2.vulnerablecode.io/api/packages/6097?format=json","purl":"pkg:deb/debian/httpcomponents-client@4.3.5-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6amm-pfu5-6bf4"},{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/httpcomponents-client@4.3.5-2"},{"url":"http://public2.vulnerablecode.io/api/packages/226555?format=json","purl":"pkg:maven/org.apache.httpcomponents/httpclient@4.0-alpha1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6amm-pfu5-6bf4"},{"vulnerability":"VCID-jd44-nhjx-3yfw"},{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-rp7v-71b5-sqfd"},{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.0-alpha1"},{"url":"http://public2.vulnerablecode.io/api/packages/226556?format=json","purl":"pkg:maven/org.apache.httpcomponents/httpclient@4.0-alpha2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6amm-pfu5-6bf4"},{"vulnerability":"VCID-jd44-nhjx-3yfw"},{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-rp7v-71b5-sqfd"},{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.0-alpha2"},{"url":"http://public2.vulnerablecode.io/api/packages/226557?format=json","purl":"pkg:maven/org.apache.httpcomponents/httpclient@4.0-alpha3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6amm-pfu5-6bf4"},{"vulnerability":"VCID-jd44-nhjx-3yfw"},{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-rp7v-71b5-sqfd"},{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.0-alpha3"},{"url":"http://public2.vulnerablecode.io/api/packages/226558?format=json","purl":"pkg:maven/org.apache.httpcomponents/httpclient@4.0-alpha4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6amm-pfu5-6bf4"},{"vulnerability":"VCID-jd44-nhjx-3yfw"},{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-rp7v-71b5-sqfd"},{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.0-alpha4"},{"url":"http://public2.vulnerablecode.io/api/packages/226559?format=json","purl":"pkg:maven/org.apache.httpcomponents/httpclient@4.0-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6amm-pfu5-6bf4"},{"vulnerability":"VCID-jd44-nhjx-3yfw"},{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-rp7v-71b5-sqfd"},{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.0-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/226560?format=json","purl":"pkg:maven/org.apache.httpcomponents/httpclient@4.0-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6amm-pfu5-6bf4"},{"vulnerability":"VCID-jd44-nhjx-3yfw"},{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-rp7v-71b5-sqfd"},{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.0-beta2"},{"url":"http://public2.vulnerablecode.io/api/packages/62454?format=json","purl":"pkg:maven/org.apache.httpcomponents/httpclient@4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-318s-st8t-wke2"},{"vulnerability":"VCID-6amm-pfu5-6bf4"},{"vulnerability":"VCID-jd44-nhjx-3yfw"},{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.0"},{"url":"http://public2.vulnerablecode.io/api/packages/226561?format=json","purl":"pkg:maven/org.apache.httpcomponents/httpclient@4.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-318s-st8t-wke2"},{"vulnerability":"VCID-6amm-pfu5-6bf4"},{"vulnerability":"VCID-jd44-nhjx-3yfw"},{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/226562?format=json","purl":"pkg:maven/org.apache.httpcomponents/httpclient@4.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-318s-st8t-wke2"},{"vulnerability":"VCID-6amm-pfu5-6bf4"},{"vulnerability":"VCID-jd44-nhjx-3yfw"},{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/226564?format=json","purl":"pkg:maven/org.apache.httpcomponents/httpclient@4.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-318s-st8t-wke2"},{"vulnerability":"VCID-6amm-pfu5-6bf4"},{"vulnerability":"VCID-jd44-nhjx-3yfw"},{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.0.3"},{"url":"http://public2.vulnerablecode.io/api/packages/226566?format=json","purl":"pkg:maven/org.apache.httpcomponents/httpclient@4.1-alpha1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-318s-st8t-wke2"},{"vulnerability":"VCID-6amm-pfu5-6bf4"},{"vulnerability":"VCID-jd44-nhjx-3yfw"},{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.1-alpha1"},{"url":"http://public2.vulnerablecode.io/api/packages/226568?format=json","purl":"pkg:maven/org.apache.httpcomponents/httpclient@4.1-alpha2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-318s-st8t-wke2"},{"vulnerability":"VCID-6amm-pfu5-6bf4"},{"vulnerability":"VCID-jd44-nhjx-3yfw"},{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.1-alpha2"},{"url":"http://public2.vulnerablecode.io/api/packages/226569?format=json","purl":"pkg:maven/org.apache.httpcomponents/httpclient@4.1-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-318s-st8t-wke2"},{"vulnerability":"VCID-6amm-pfu5-6bf4"},{"vulnerability":"VCID-jd44-nhjx-3yfw"},{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.1-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/226570?format=json","purl":"pkg:maven/org.apache.httpcomponents/httpclient@4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-318s-st8t-wke2"},{"vulnerability":"VCID-6amm-pfu5-6bf4"},{"vulnerability":"VCID-jd44-nhjx-3yfw"},{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.1"},{"url":"http://public2.vulnerablecode.io/api/packages/151303?format=json","purl":"pkg:maven/org.apache.httpcomponents/httpclient@4.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6amm-pfu5-6bf4"},{"vulnerability":"VCID-jd44-nhjx-3yfw"},{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/226571?format=json","purl":"pkg:maven/org.apache.httpcomponents/httpclient@4.1.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6amm-pfu5-6bf4"},{"vulnerability":"VCID-jd44-nhjx-3yfw"},{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.1.2"},{"url":"http://public2.vulnerablecode.io/api/packages/226572?format=json","purl":"pkg:maven/org.apache.httpcomponents/httpclient@4.1.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6amm-pfu5-6bf4"},{"vulnerability":"VCID-jd44-nhjx-3yfw"},{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.1.3"},{"url":"http://public2.vulnerablecode.io/api/packages/226573?format=json","purl":"pkg:maven/org.apache.httpcomponents/httpclient@4.2-alpha1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6amm-pfu5-6bf4"},{"vulnerability":"VCID-jd44-nhjx-3yfw"},{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.2-alpha1"},{"url":"http://public2.vulnerablecode.io/api/packages/226574?format=json","purl":"pkg:maven/org.apache.httpcomponents/httpclient@4.2-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6amm-pfu5-6bf4"},{"vulnerability":"VCID-jd44-nhjx-3yfw"},{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.2-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/226575?format=json","purl":"pkg:maven/org.apache.httpcomponents/httpclient@4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6amm-pfu5-6bf4"},{"vulnerability":"VCID-jd44-nhjx-3yfw"},{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.2"},{"url":"http://public2.vulnerablecode.io/api/packages/226576?format=json","purl":"pkg:maven/org.apache.httpcomponents/httpclient@4.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6amm-pfu5-6bf4"},{"vulnerability":"VCID-jd44-nhjx-3yfw"},{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.2.1"},{"url":"http://public2.vulnerablecode.io/api/packages/226577?format=json","purl":"pkg:maven/org.apache.httpcomponents/httpclient@4.2.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6amm-pfu5-6bf4"},{"vulnerability":"VCID-jd44-nhjx-3yfw"},{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.2.2"},{"url":"http://public2.vulnerablecode.io/api/packages/56720?format=json","purl":"pkg:maven/org.apache.httpcomponents/httpclient@4.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6amm-pfu5-6bf4"},{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/226578?format=json","purl":"pkg:maven/org.apache.httpcomponents/httpclient@4.2.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6amm-pfu5-6bf4"},{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.2.4"},{"url":"http://public2.vulnerablecode.io/api/packages/226579?format=json","purl":"pkg:maven/org.apache.httpcomponents/httpclient@4.2.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6amm-pfu5-6bf4"},{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.2.5"},{"url":"http://public2.vulnerablecode.io/api/packages/226580?format=json","purl":"pkg:maven/org.apache.httpcomponents/httpclient@4.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6amm-pfu5-6bf4"},{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.2.6"},{"url":"http://public2.vulnerablecode.io/api/packages/226581?format=json","purl":"pkg:maven/org.apache.httpcomponents/httpclient@4.3-alpha1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6amm-pfu5-6bf4"},{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.3-alpha1"},{"url":"http://public2.vulnerablecode.io/api/packages/226582?format=json","purl":"pkg:maven/org.apache.httpcomponents/httpclient@4.3-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6amm-pfu5-6bf4"},{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.3-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/226583?format=json","purl":"pkg:maven/org.apache.httpcomponents/httpclient@4.3-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6amm-pfu5-6bf4"},{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.3-beta2"},{"url":"http://public2.vulnerablecode.io/api/packages/62651?format=json","purl":"pkg:maven/org.apache.httpcomponents/httpclient@4.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6amm-pfu5-6bf4"},{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-x63h-y2jy-pyaz"},{"vulnerability":"VCID-yrbr-vnty-ebfr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.3"},{"url":"http://public2.vulnerablecode.io/api/packages/62652?format=json","purl":"pkg:maven/org.apache.httpcomponents/httpclient@4.3.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6amm-pfu5-6bf4"},{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/226584?format=json","purl":"pkg:maven/org.apache.httpcomponents/httpclient@4.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6amm-pfu5-6bf4"},{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.3.2"},{"url":"http://public2.vulnerablecode.io/api/packages/226585?format=json","purl":"pkg:maven/org.apache.httpcomponents/httpclient@4.3.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6amm-pfu5-6bf4"},{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.3.3"},{"url":"http://public2.vulnerablecode.io/api/packages/226586?format=json","purl":"pkg:maven/org.apache.httpcomponents/httpclient@4.3.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6amm-pfu5-6bf4"},{"vulnerability":"VCID-mkuu-7x6y-7kc6"},{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.3.4"},{"url":"http://public2.vulnerablecode.io/api/packages/56731?format=json","purl":"pkg:maven/org.apache.httpcomponents/httpclient@4.3.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6amm-pfu5-6bf4"},{"vulnerability":"VCID-x63h-y2jy-pyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.httpcomponents/httpclient@4.3.5"}],"references":[{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-October/167962.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-October/167962.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-October/167999.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-October/167999.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168030.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168030.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00032.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00032.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00033.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00033.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5262.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5262.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5262","reference_id":"","reference_type":"","scores":[{"value":"0.01199","scoring_system":"epss","scoring_elements":"0.7924","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01199","scoring_system":"epss","scoring_elements":"0.79226","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01199","scoring_system":"epss","scoring_elements":"0.79253","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01199","scoring_system":"epss","scoring_elements":"0.79259","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01199","scoring_system":"epss","scoring_elements":"0.79251","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5262"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1261538","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1261538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5262","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5262"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/apache/httpcomponents-client/commit/09027e7286974bf6b61f4106395da2623121db8d","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/httpcomponents-client/commit/09027e7286974bf6b61f4106395da2623121db8d"},{"reference_url":"https://github.com/apache/httpcomponents-client/commit/6705924879810f617a7a21d34f16b6c0d61e8d34","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/httpcomponents-client/commit/6705924879810f617a7a21d34f16b6c0d61e8d34"},{"reference_url":"https://github.com/apache/httpcomponents-client/commit/d954cd287dfcdad8f153e61181e20d253175ca8c","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/httpcomponents-client/commit/d954cd287dfcdad8f153e61181e20d253175ca8c"},{"reference_url":"https://issues.apache.org/jira/browse/HTTPCLIENT-1478","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://issues.apache.org/jira/browse/HTTPCLIENT-1478"},{"reference_url":"https://jenkins.io/security/advisory/2018-02-26","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://jenkins.io/security/advisory/2018-02-26"},{"reference_url":"https://jenkins.io/security/advisory/2018-02-26/","reference_id":"","reference_type":"","scores":[],"url":"https://jenkins.io/security/advisory/2018-02-26/"},{"reference_url":"https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E"},{"reference_url":"http://svn.apache.org/viewvc?view=revision&revision=1626784","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://svn.apache.org/viewvc?view=revision&revision=1626784"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"},{"reference_url":"http://www.securitytracker.com/id/1033743","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securitytracker.com/id/1033743"},{"reference_url":"http://www.ubuntu.com/usn/USN-2769-1","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-2769-1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=798650","reference_id":"798650","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=798650"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-5262","reference_id":"CVE-2015-5262","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-5262"},{"reference_url":"https://github.com/advisories/GHSA-fmj5-wv96-r2ch","reference_id":"GHSA-fmj5-wv96-r2ch","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-fmj5-wv96-r2ch"},{"reference_url":"https://usn.ubuntu.com/2769-1/","reference_id":"USN-2769-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2769-1/"}],"weaknesses":[{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."},{"cwe_id":399,"name":"Resource Management Errors","description":"Weaknesses in this category are related to improper management of system resources."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."},{"cwe_id":770,"name":"Allocation of Resources Without Limits or Throttling","description":"The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor."}],"exploits":[],"severity_range_score":"4.0 - 7.5","exploitability":"0.5","weighted_severity":"6.2","risk_score":3.1,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x63h-y2jy-pyaz"}