{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41948?format=json","vulnerability_id":"VCID-1h2x-c7nu-5fd3","summary":"Improper Input Validation and Injection in Apache Log4j2\nApache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to an attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.","aliases":[{"alias":"CVE-2021-44832"},{"alias":"GHSA-8489-44mv-ggj8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/898541?format=json","purl":"pkg:deb/debian/apache-log4j2@2.17.1-1~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bpjn-vu9d-zyc9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j2@2.17.1-1~deb11u1"},{"url":"http://public2.vulnerablecode.io/api/packages/88124?format=json","purl":"pkg:deb/debian/apache-log4j2@2.17.1-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j2@2.17.1-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88128?format=json","purl":"pkg:deb/debian/apache-log4j2@2.17.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j2@2.17.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88122?format=json","purl":"pkg:deb/debian/apache-log4j2@2.19.0-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bpjn-vu9d-zyc9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j2@2.19.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/59949?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-bubv-9mb8-2bgh"},{"vulnerability":"VCID-p2pt-hvun-aybq"},{"vulnerability":"VCID-yvpr-28au-57cc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.3.2"},{"url":"http://public2.vulnerablecode.io/api/packages/59950?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.12.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-k88w-sf7h-dken"},{"vulnerability":"VCID-p2pt-hvun-aybq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.12.4"},{"url":"http://public2.vulnerablecode.io/api/packages/59951?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.17.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-k88w-sf7h-dken"},{"vulnerability":"VCID-p2pt-hvun-aybq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.17.1"},{"url":"http://public2.vulnerablecode.io/api/packages/59775?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.9.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cvjd-bcvv-auev"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.9.2"},{"url":"http://public2.vulnerablecode.io/api/packages/59880?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cvjd-bcvv-auev"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.9"},{"url":"http://public2.vulnerablecode.io/api/packages/59959?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.13"},{"url":"http://public2.vulnerablecode.io/api/packages/59960?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.14","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.14"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5419?format=json","purl":"pkg:deb/debian/apache-log4j2@2.0~beta9-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-bubv-9mb8-2bgh"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-m99z-sjft-8fbs"},{"vulnerability":"VCID-yvpr-28au-57cc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j2@2.0~beta9-1"},{"url":"http://public2.vulnerablecode.io/api/packages/5420?format=json","purl":"pkg:deb/debian/apache-log4j2@2.7-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-m99z-sjft-8fbs"},{"vulnerability":"VCID-yvpr-28au-57cc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j2@2.7-2"},{"url":"http://public2.vulnerablecode.io/api/packages/5421?format=json","purl":"pkg:deb/debian/apache-log4j2@2.17.1-1~deb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache-log4j2@2.17.1-1~deb10u1"},{"url":"http://public2.vulnerablecode.io/api/packages/59946?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.0-beta7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-h4pp-n8w2-gkhr"},{"vulnerability":"VCID-p2pt-hvun-aybq"},{"vulnerability":"VCID-yvpr-28au-57cc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.0-beta7"},{"url":"http://public2.vulnerablecode.io/api/packages/253614?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.0-beta8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-h4pp-n8w2-gkhr"},{"vulnerability":"VCID-p2pt-hvun-aybq"},{"vulnerability":"VCID-yvpr-28au-57cc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.0-beta8"},{"url":"http://public2.vulnerablecode.io/api/packages/73028?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.0-beta9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-h4pp-n8w2-gkhr"},{"vulnerability":"VCID-m99z-sjft-8fbs"},{"vulnerability":"VCID-p2pt-hvun-aybq"},{"vulnerability":"VCID-yvpr-28au-57cc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.0-beta9"},{"url":"http://public2.vulnerablecode.io/api/packages/253615?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.0-rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-h4pp-n8w2-gkhr"},{"vulnerability":"VCID-p2pt-hvun-aybq"},{"vulnerability":"VCID-yvpr-28au-57cc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.0-rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/253616?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.0-rc2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-h4pp-n8w2-gkhr"},{"vulnerability":"VCID-p2pt-hvun-aybq"},{"vulnerability":"VCID-yvpr-28au-57cc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.0-rc2"},{"url":"http://public2.vulnerablecode.io/api/packages/64295?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-bubv-9mb8-2bgh"},{"vulnerability":"VCID-p2pt-hvun-aybq"},{"vulnerability":"VCID-yvpr-28au-57cc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/246849?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-bubv-9mb8-2bgh"},{"vulnerability":"VCID-p2pt-hvun-aybq"},{"vulnerability":"VCID-yvpr-28au-57cc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/246850?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-bubv-9mb8-2bgh"},{"vulnerability":"VCID-p2pt-hvun-aybq"},{"vulnerability":"VCID-yvpr-28au-57cc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/246851?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-bubv-9mb8-2bgh"},{"vulnerability":"VCID-p2pt-hvun-aybq"},{"vulnerability":"VCID-yvpr-28au-57cc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.1"},{"url":"http://public2.vulnerablecode.io/api/packages/246852?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-bubv-9mb8-2bgh"},{"vulnerability":"VCID-p2pt-hvun-aybq"},{"vulnerability":"VCID-yvpr-28au-57cc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.2"},{"url":"http://public2.vulnerablecode.io/api/packages/246853?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-bubv-9mb8-2bgh"},{"vulnerability":"VCID-p2pt-hvun-aybq"},{"vulnerability":"VCID-yvpr-28au-57cc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/59764?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.3.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-bubv-9mb8-2bgh"},{"vulnerability":"VCID-p2pt-hvun-aybq"},{"vulnerability":"VCID-yvpr-28au-57cc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/59947?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-bubv-9mb8-2bgh"},{"vulnerability":"VCID-m99z-sjft-8fbs"},{"vulnerability":"VCID-p2pt-hvun-aybq"},{"vulnerability":"VCID-yvpr-28au-57cc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.4"},{"url":"http://public2.vulnerablecode.io/api/packages/246854?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-bubv-9mb8-2bgh"},{"vulnerability":"VCID-p2pt-hvun-aybq"},{"vulnerability":"VCID-yvpr-28au-57cc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.4.1"},{"url":"http://public2.vulnerablecode.io/api/packages/246855?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-bubv-9mb8-2bgh"},{"vulnerability":"VCID-p2pt-hvun-aybq"},{"vulnerability":"VCID-yvpr-28au-57cc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.5"},{"url":"http://public2.vulnerablecode.io/api/packages/246856?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-bubv-9mb8-2bgh"},{"vulnerability":"VCID-p2pt-hvun-aybq"},{"vulnerability":"VCID-yvpr-28au-57cc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.6"},{"url":"http://public2.vulnerablecode.io/api/packages/246857?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.6.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-bubv-9mb8-2bgh"},{"vulnerability":"VCID-p2pt-hvun-aybq"},{"vulnerability":"VCID-yvpr-28au-57cc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.6.1"},{"url":"http://public2.vulnerablecode.io/api/packages/246858?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.6.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-bubv-9mb8-2bgh"},{"vulnerability":"VCID-p2pt-hvun-aybq"},{"vulnerability":"VCID-yvpr-28au-57cc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.6.2"},{"url":"http://public2.vulnerablecode.io/api/packages/246859?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-bubv-9mb8-2bgh"},{"vulnerability":"VCID-p2pt-hvun-aybq"},{"vulnerability":"VCID-yvpr-28au-57cc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.7"},{"url":"http://public2.vulnerablecode.io/api/packages/246860?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-bubv-9mb8-2bgh"},{"vulnerability":"VCID-p2pt-hvun-aybq"},{"vulnerability":"VCID-yvpr-28au-57cc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.8"},{"url":"http://public2.vulnerablecode.io/api/packages/246861?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.8.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-bubv-9mb8-2bgh"},{"vulnerability":"VCID-p2pt-hvun-aybq"},{"vulnerability":"VCID-yvpr-28au-57cc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.8.1"},{"url":"http://public2.vulnerablecode.io/api/packages/76424?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.8.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-p2pt-hvun-aybq"},{"vulnerability":"VCID-yvpr-28au-57cc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.8.2"},{"url":"http://public2.vulnerablecode.io/api/packages/253617?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.9.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-p2pt-hvun-aybq"},{"vulnerability":"VCID-yvpr-28au-57cc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.9.0"},{"url":"http://public2.vulnerablecode.io/api/packages/253618?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.9.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-p2pt-hvun-aybq"},{"vulnerability":"VCID-yvpr-28au-57cc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.9.1"},{"url":"http://public2.vulnerablecode.io/api/packages/253619?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-p2pt-hvun-aybq"},{"vulnerability":"VCID-yvpr-28au-57cc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.10.0"},{"url":"http://public2.vulnerablecode.io/api/packages/253620?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.11.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-p2pt-hvun-aybq"},{"vulnerability":"VCID-yvpr-28au-57cc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.11.0"},{"url":"http://public2.vulnerablecode.io/api/packages/253621?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.11.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-p2pt-hvun-aybq"},{"vulnerability":"VCID-yvpr-28au-57cc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.11.1"},{"url":"http://public2.vulnerablecode.io/api/packages/253622?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.11.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-p2pt-hvun-aybq"},{"vulnerability":"VCID-yvpr-28au-57cc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.11.2"},{"url":"http://public2.vulnerablecode.io/api/packages/253623?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.12.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-k88w-sf7h-dken"},{"vulnerability":"VCID-p2pt-hvun-aybq"},{"vulnerability":"VCID-yvpr-28au-57cc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.12.0"},{"url":"http://public2.vulnerablecode.io/api/packages/253624?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.12.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-k88w-sf7h-dken"},{"vulnerability":"VCID-p2pt-hvun-aybq"},{"vulnerability":"VCID-yvpr-28au-57cc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.12.1"},{"url":"http://public2.vulnerablecode.io/api/packages/59765?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.12.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-k88w-sf7h-dken"},{"vulnerability":"VCID-p2pt-hvun-aybq"},{"vulnerability":"VCID-yvpr-28au-57cc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.12.2"},{"url":"http://public2.vulnerablecode.io/api/packages/59877?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.12.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-k88w-sf7h-dken"},{"vulnerability":"VCID-p2pt-hvun-aybq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.12.3"},{"url":"http://public2.vulnerablecode.io/api/packages/59948?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.13.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-k88w-sf7h-dken"},{"vulnerability":"VCID-m99z-sjft-8fbs"},{"vulnerability":"VCID-p2pt-hvun-aybq"},{"vulnerability":"VCID-yvpr-28au-57cc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.13.0"},{"url":"http://public2.vulnerablecode.io/api/packages/253625?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.13.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-k88w-sf7h-dken"},{"vulnerability":"VCID-p2pt-hvun-aybq"},{"vulnerability":"VCID-yvpr-28au-57cc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.13.1"},{"url":"http://public2.vulnerablecode.io/api/packages/77170?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.13.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-k88w-sf7h-dken"},{"vulnerability":"VCID-p2pt-hvun-aybq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.13.2"},{"url":"http://public2.vulnerablecode.io/api/packages/549454?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.13.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-k88w-sf7h-dken"},{"vulnerability":"VCID-p2pt-hvun-aybq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.13.3"},{"url":"http://public2.vulnerablecode.io/api/packages/549455?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.14.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-k88w-sf7h-dken"},{"vulnerability":"VCID-p2pt-hvun-aybq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.14.0"},{"url":"http://public2.vulnerablecode.io/api/packages/549456?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.14.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-k88w-sf7h-dken"},{"vulnerability":"VCID-p2pt-hvun-aybq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.14.1"},{"url":"http://public2.vulnerablecode.io/api/packages/59763?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.15.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-k88w-sf7h-dken"},{"vulnerability":"VCID-p2pt-hvun-aybq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.15.0"},{"url":"http://public2.vulnerablecode.io/api/packages/59804?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.16.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-k88w-sf7h-dken"},{"vulnerability":"VCID-p2pt-hvun-aybq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.16.0"},{"url":"http://public2.vulnerablecode.io/api/packages/59878?format=json","purl":"pkg:maven/org.apache.logging.log4j/log4j-core@2.17.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-bpjn-vu9d-zyc9"},{"vulnerability":"VCID-k88w-sf7h-dken"},{"vulnerability":"VCID-p2pt-hvun-aybq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.logging.log4j/log4j-core@2.17.0"},{"url":"http://public2.vulnerablecode.io/api/packages/59771?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-cvjd-bcvv-auev"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-m99z-sjft-8fbs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.0"},{"url":"http://public2.vulnerablecode.io/api/packages/547779?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-cvjd-bcvv-auev"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-m99z-sjft-8fbs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.1"},{"url":"http://public2.vulnerablecode.io/api/packages/547780?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-cvjd-bcvv-auev"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-m99z-sjft-8fbs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.2"},{"url":"http://public2.vulnerablecode.io/api/packages/547781?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-cvjd-bcvv-auev"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-m99z-sjft-8fbs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.3"},{"url":"http://public2.vulnerablecode.io/api/packages/547782?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-cvjd-bcvv-auev"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-m99z-sjft-8fbs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.4"},{"url":"http://public2.vulnerablecode.io/api/packages/547783?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-cvjd-bcvv-auev"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-m99z-sjft-8fbs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.5"},{"url":"http://public2.vulnerablecode.io/api/packages/547784?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-cvjd-bcvv-auev"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-m99z-sjft-8fbs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.6"},{"url":"http://public2.vulnerablecode.io/api/packages/547785?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-cvjd-bcvv-auev"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-m99z-sjft-8fbs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.8.7"},{"url":"http://public2.vulnerablecode.io/api/packages/547786?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.9.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-cvjd-bcvv-auev"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-m99z-sjft-8fbs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.9.0"},{"url":"http://public2.vulnerablecode.io/api/packages/547787?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.9.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-cvjd-bcvv-auev"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-m99z-sjft-8fbs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.9.1"},{"url":"http://public2.vulnerablecode.io/api/packages/59772?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-cvjd-bcvv-auev"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-m99z-sjft-8fbs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.0"},{"url":"http://public2.vulnerablecode.io/api/packages/547788?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-cvjd-bcvv-auev"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-m99z-sjft-8fbs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.1"},{"url":"http://public2.vulnerablecode.io/api/packages/547789?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-cvjd-bcvv-auev"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-m99z-sjft-8fbs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.2"},{"url":"http://public2.vulnerablecode.io/api/packages/547790?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-cvjd-bcvv-auev"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-m99z-sjft-8fbs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.3"},{"url":"http://public2.vulnerablecode.io/api/packages/547791?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-cvjd-bcvv-auev"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-m99z-sjft-8fbs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.4"},{"url":"http://public2.vulnerablecode.io/api/packages/547792?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-cvjd-bcvv-auev"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-m99z-sjft-8fbs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.5"},{"url":"http://public2.vulnerablecode.io/api/packages/547793?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-cvjd-bcvv-auev"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-m99z-sjft-8fbs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.6"},{"url":"http://public2.vulnerablecode.io/api/packages/547794?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-cvjd-bcvv-auev"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-m99z-sjft-8fbs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.7"},{"url":"http://public2.vulnerablecode.io/api/packages/59776?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-cvjd-bcvv-auev"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.10.8"},{"url":"http://public2.vulnerablecode.io/api/packages/59773?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-cvjd-bcvv-auev"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-m99z-sjft-8fbs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.0"},{"url":"http://public2.vulnerablecode.io/api/packages/547795?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-cvjd-bcvv-auev"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-m99z-sjft-8fbs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.1"},{"url":"http://public2.vulnerablecode.io/api/packages/547796?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-cvjd-bcvv-auev"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-m99z-sjft-8fbs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.2"},{"url":"http://public2.vulnerablecode.io/api/packages/547797?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-cvjd-bcvv-auev"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-m99z-sjft-8fbs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.3"},{"url":"http://public2.vulnerablecode.io/api/packages/547798?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-cvjd-bcvv-auev"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-m99z-sjft-8fbs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.4"},{"url":"http://public2.vulnerablecode.io/api/packages/547799?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-cvjd-bcvv-auev"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-m99z-sjft-8fbs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.5"},{"url":"http://public2.vulnerablecode.io/api/packages/547800?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-cvjd-bcvv-auev"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-m99z-sjft-8fbs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.6"},{"url":"http://public2.vulnerablecode.io/api/packages/547801?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-cvjd-bcvv-auev"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-m99z-sjft-8fbs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.7"},{"url":"http://public2.vulnerablecode.io/api/packages/547802?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-cvjd-bcvv-auev"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-m99z-sjft-8fbs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.8"},{"url":"http://public2.vulnerablecode.io/api/packages/547803?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-cvjd-bcvv-auev"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-m99z-sjft-8fbs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.9"},{"url":"http://public2.vulnerablecode.io/api/packages/59777?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-e9hn-47hj-jbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.10"},{"url":"http://public2.vulnerablecode.io/api/packages/59822?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.11"},{"url":"http://public2.vulnerablecode.io/api/packages/59881?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@1.11.12"},{"url":"http://public2.vulnerablecode.io/api/packages/59774?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-cvjd-bcvv-auev"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-m99z-sjft-8fbs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/547804?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-cvjd-bcvv-auev"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-m99z-sjft-8fbs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/547805?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-cvjd-bcvv-auev"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-m99z-sjft-8fbs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/547806?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-cvjd-bcvv-auev"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-m99z-sjft-8fbs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.3"},{"url":"http://public2.vulnerablecode.io/api/packages/547807?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-cvjd-bcvv-auev"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-m99z-sjft-8fbs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.4"},{"url":"http://public2.vulnerablecode.io/api/packages/547808?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-cvjd-bcvv-auev"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-m99z-sjft-8fbs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.5"},{"url":"http://public2.vulnerablecode.io/api/packages/547809?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-cvjd-bcvv-auev"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-m99z-sjft-8fbs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.6"},{"url":"http://public2.vulnerablecode.io/api/packages/547810?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-cvjd-bcvv-auev"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-m99z-sjft-8fbs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.7"},{"url":"http://public2.vulnerablecode.io/api/packages/547811?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-cvjd-bcvv-auev"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-m99z-sjft-8fbs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.8"},{"url":"http://public2.vulnerablecode.io/api/packages/547812?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-cvjd-bcvv-auev"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-m99z-sjft-8fbs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.9"},{"url":"http://public2.vulnerablecode.io/api/packages/547813?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-cvjd-bcvv-auev"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-m99z-sjft-8fbs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.10"},{"url":"http://public2.vulnerablecode.io/api/packages/59778?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-e9hn-47hj-jbbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.11"},{"url":"http://public2.vulnerablecode.io/api/packages/59823?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-abbg-jx1x-2qfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.12"},{"url":"http://public2.vulnerablecode.io/api/packages/59882?format=json","purl":"pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.ops4j.pax.logging/pax-logging-log4j2@2.0.13"},{"url":"http://public2.vulnerablecode.io/api/packages/134633?format=json","purl":"pkg:rpm/redhat/eap7-log4j@2.17.1-1.redhat_00001.1?arch=el8eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-4kg8-pt48-sqdw"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-d1ur-tzx5-qkgj"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-eje8-2hub-j7ag"},{"vulnerability":"VCID-mebx-kds2-f3ee"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-log4j@2.17.1-1.redhat_00001.1%3Farch=el8eap"},{"url":"http://public2.vulnerablecode.io/api/packages/134753?format=json","purl":"pkg:rpm/redhat/eap7-log4j@2.17.1-1.redhat_00001.1?arch=el7eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1h2x-c7nu-5fd3"},{"vulnerability":"VCID-4kg8-pt48-sqdw"},{"vulnerability":"VCID-abbg-jx1x-2qfh"},{"vulnerability":"VCID-d1ur-tzx5-qkgj"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-eje8-2hub-j7ag"},{"vulnerability":"VCID-mebx-kds2-f3ee"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-log4j@2.17.1-1.redhat_00001.1%3Farch=el7eap"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44832.json","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44832.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44832","reference_id":"","reference_type":"","scores":[{"value":"0.53591","scoring_system":"epss","scoring_elements":"0.98035","published_at":"2026-06-04T12:55:00Z"},{"value":"0.53591","scoring_system":"epss","scoring_elements":"0.98039","published_at":"2026-06-07T12:55:00Z"},{"value":"0.53591","scoring_system":"epss","scoring_elements":"0.98038","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44832"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T18:53:35Z/"}],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44832","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44832"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/apache/logging-log4j2","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/logging-log4j2"},{"reference_url":"https://issues.apache.org/jira/browse/LOG4J2-3293","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T18:53:35Z/"}],"url":"https://issues.apache.org/jira/browse/LOG4J2-3293"},{"reference_url":"https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T18:53:35Z/"}],"url":"https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T18:53:35Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC"},{"reference_url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220104-0001","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20220104-0001"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2022.html","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T18:53:35Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2022.html","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T18:53:35Z/"}],"url":"https://www.oracle.com/security-alerts/cpujan2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2022.html","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T18:53:35Z/"}],"url":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/12/28/1","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T18:53:35Z/"}],"url":"http://www.openwall.com/lists/oss-security/2021/12/28/1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1002813","reference_id":"1002813","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1002813"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2035951","reference_id":"2035951","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2035951"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-44832","reference_id":"CVE-2021-44832","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-44832"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA/","reference_id":"EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T18:53:35Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA/"},{"reference_url":"https://github.com/advisories/GHSA-8489-44mv-ggj8","reference_id":"GHSA-8489-44mv-ggj8","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8489-44mv-ggj8"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220104-0001/","reference_id":"ntap-20220104-0001","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T18:53:35Z/"}],"url":"https://security.netapp.com/advisory/ntap-20220104-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0083","reference_id":"RHSA-2022:0083","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0083"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0138","reference_id":"RHSA-2022:0138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0181","reference_id":"RHSA-2022:0181","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0181"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0203","reference_id":"RHSA-2022:0203","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0203"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0205","reference_id":"RHSA-2022:0205","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0205"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0216","reference_id":"RHSA-2022:0216","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0216"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0222","reference_id":"RHSA-2022:0222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0223","reference_id":"RHSA-2022:0223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0225","reference_id":"RHSA-2022:0225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0225"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0226","reference_id":"RHSA-2022:0226","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0226"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0227","reference_id":"RHSA-2022:0227","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0227"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0230","reference_id":"RHSA-2022:0230","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0230"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0236","reference_id":"RHSA-2022:0236","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0236"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0467","reference_id":"RHSA-2022:0467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0467"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0485","reference_id":"RHSA-2022:0485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0493","reference_id":"RHSA-2022:0493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1296","reference_id":"RHSA-2022:1296","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1296"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1297","reference_id":"RHSA-2022:1297","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1297"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1299","reference_id":"RHSA-2022:1299","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1299"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC/","reference_id":"T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T18:53:35Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC/"},{"reference_url":"https://usn.ubuntu.com/5222-1/","reference_id":"USN-5222-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5222-1/"}],"weaknesses":[{"cwe_id":20,"name":"Improper Input Validation","description":"The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly."},{"cwe_id":74,"name":"Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')","description":"The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."},{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."},{"cwe_id":78,"name":"Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","description":"The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component."}],"exploits":[],"severity_range_score":"4.0 - 6.9","exploitability":"0.5","weighted_severity":"6.2","risk_score":3.1,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1h2x-c7nu-5fd3"}