{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42823?format=json","vulnerability_id":"VCID-e4uj-ak3b-gqd6","summary":"Insufficient Session Expiration\nA flaw was found in keycloak where keycloak may fail to logout user session if the logout request comes from external SAML identity provider and Principal Type is set to Attribute [Name].","aliases":[{"alias":"CVE-2021-3461"},{"alias":"GHSA-cm29-6wx7-p874"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/3971?format=json","purl":"pkg:alpm/archlinux/keycloak@13.0.1-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cxx9-9gwy-xyb6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/keycloak@13.0.1-1"},{"url":"http://public2.vulnerablecode.io/api/packages/61225?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@10.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ba6-j1fs-2kfc"},{"vulnerability":"VCID-361y-pegm-gqbs"},{"vulnerability":"VCID-3kg4-uvgq-5khf"},{"vulnerability":"VCID-6gee-p7fr-1yhy"},{"vulnerability":"VCID-7662-z35s-9qeq"},{"vulnerability":"VCID-7pje-w98s-9ueg"},{"vulnerability":"VCID-8jvu-59r6-rygw"},{"vulnerability":"VCID-8ze1-r95u-xbg8"},{"vulnerability":"VCID-9cgx-nsyr-gyc3"},{"vulnerability":"VCID-9wq8-wqya-87dw"},{"vulnerability":"VCID-azxv-y5rj-vkg9"},{"vulnerability":"VCID-ch1b-adh9-skah"},{"vulnerability":"VCID-crj8-4jaa-yyes"},{"vulnerability":"VCID-cxx9-9gwy-xyb6"},{"vulnerability":"VCID-d5ev-gcfy-6ke1"},{"vulnerability":"VCID-dc8s-fqv5-1uhk"},{"vulnerability":"VCID-gr2e-ntp4-9fdg"},{"vulnerability":"VCID-hjue-s41w-bye9"},{"vulnerability":"VCID-hxup-rgnc-mqbp"},{"vulnerability":"VCID-jbzy-b52n-4kcx"},{"vulnerability":"VCID-jm25-gtrc-zuhh"},{"vulnerability":"VCID-k6ct-rgvj-t3an"},{"vulnerability":"VCID-mwdj-rztg-pfgf"},{"vulnerability":"VCID-nkbw-r99s-n3fc"},{"vulnerability":"VCID-qjhb-ubp5-ukdy"},{"vulnerability":"VCID-rhrz-f6tf-tkhu"},{"vulnerability":"VCID-vs8q-ywf1-3qa2"},{"vulnerability":"VCID-wt2c-cyu2-kbgm"},{"vulnerability":"VCID-x4z9-b3qr-fybk"},{"vulnerability":"VCID-xbkp-kjgd-fqcx"},{"vulnerability":"VCID-xvvs-ttw1-wkbt"},{"vulnerability":"VCID-y9de-4w6u-abfa"},{"vulnerability":"VCID-zabp-1j4k-9bf8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@10.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/61241?format=json","purl":"pkg:maven/org.keycloak/keycloak-model-infinispan@10.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-azxv-y5rj-vkg9"},{"vulnerability":"VCID-t8wj-9vkr-hbc6"},{"vulnerability":"VCID-xbkp-kjgd-fqcx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-model-infinispan@10.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/61235?format=json","purl":"pkg:maven/org.keycloak/keycloak-model-jpa@10.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3kg4-uvgq-5khf"},{"vulnerability":"VCID-6gee-p7fr-1yhy"},{"vulnerability":"VCID-azxv-y5rj-vkg9"},{"vulnerability":"VCID-dc8s-fqv5-1uhk"},{"vulnerability":"VCID-fsfu-9hr9-2qcr"},{"vulnerability":"VCID-gr2e-ntp4-9fdg"},{"vulnerability":"VCID-hjue-s41w-bye9"},{"vulnerability":"VCID-pq67-ngsq-cbe4"},{"vulnerability":"VCID-wt2c-cyu2-kbgm"},{"vulnerability":"VCID-xbkp-kjgd-fqcx"},{"vulnerability":"VCID-y9de-4w6u-abfa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-model-jpa@10.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/58359?format=json","purl":"pkg:maven/org.keycloak/keycloak-parent@14.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1a4q-f36b-43aq"},{"vulnerability":"VCID-1bps-7j9p-a3b6"},{"vulnerability":"VCID-2ju8-s2gd-b3ee"},{"vulnerability":"VCID-48jh-8c96-3bc9"},{"vulnerability":"VCID-8sqn-nkzx-euec"},{"vulnerability":"VCID-azxv-y5rj-vkg9"},{"vulnerability":"VCID-kfxs-f5j7-mfhu"},{"vulnerability":"VCID-ku7s-gnhp-a3du"},{"vulnerability":"VCID-qjhb-ubp5-ukdy"},{"vulnerability":"VCID-rt61-271c-nkgk"},{"vulnerability":"VCID-xbkp-kjgd-fqcx"},{"vulnerability":"VCID-yn28-fcm1-zfcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-parent@14.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/61220?format=json","purl":"pkg:maven/org.keycloak/keycloak-saml-core-public@10.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-361y-pegm-gqbs"},{"vulnerability":"VCID-azxv-y5rj-vkg9"},{"vulnerability":"VCID-jfsk-9epz-t7a8"},{"vulnerability":"VCID-xbkp-kjgd-fqcx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-saml-core-public@10.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/61222?format=json","purl":"pkg:maven/org.keycloak/keycloak-server-spi-private@10.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3kg4-uvgq-5khf"},{"vulnerability":"VCID-6gee-p7fr-1yhy"},{"vulnerability":"VCID-azxv-y5rj-vkg9"},{"vulnerability":"VCID-dc8s-fqv5-1uhk"},{"vulnerability":"VCID-gr2e-ntp4-9fdg"},{"vulnerability":"VCID-hjue-s41w-bye9"},{"vulnerability":"VCID-jue7-bmnv-hqcy"},{"vulnerability":"VCID-kf26-bvty-a3g9"},{"vulnerability":"VCID-pq67-ngsq-cbe4"},{"vulnerability":"VCID-uxs4-bydz-tbh4"},{"vulnerability":"VCID-wt2c-cyu2-kbgm"},{"vulnerability":"VCID-xbkp-kjgd-fqcx"},{"vulnerability":"VCID-y9de-4w6u-abfa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-server-spi-private@10.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/61244?format=json","purl":"pkg:maven/org.keycloak/keycloak-services@10.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12yb-w8kt-jyg3"},{"vulnerability":"VCID-1fwh-a287-5qgt"},{"vulnerability":"VCID-1u7p-4qg4-yqbv"},{"vulnerability":"VCID-2kyy-pzzx-n7gr"},{"vulnerability":"VCID-2xg4-ad4r-4kce"},{"vulnerability":"VCID-2xvq-t8jp-zfbj"},{"vulnerability":"VCID-36v6-qmgy-j3cv"},{"vulnerability":"VCID-3adr-h63v-c3eg"},{"vulnerability":"VCID-3kg4-uvgq-5khf"},{"vulnerability":"VCID-4hs9-48uu-8qbf"},{"vulnerability":"VCID-66zv-ra8w-s3b4"},{"vulnerability":"VCID-6dya-2u73-vbee"},{"vulnerability":"VCID-6gee-p7fr-1yhy"},{"vulnerability":"VCID-6kbf-zmzu-xbgt"},{"vulnerability":"VCID-7662-z35s-9qeq"},{"vulnerability":"VCID-7uk5-w4qh-8uhq"},{"vulnerability":"VCID-8ekh-fbbj-5yfb"},{"vulnerability":"VCID-9jrc-ayvh-e7dk"},{"vulnerability":"VCID-asmd-x6cy-dqdt"},{"vulnerability":"VCID-azxv-y5rj-vkg9"},{"vulnerability":"VCID-bebk-k27t-4qgf"},{"vulnerability":"VCID-bub5-f9wf-57d4"},{"vulnerability":"VCID-ch1b-adh9-skah"},{"vulnerability":"VCID-cs4b-u9hn-9ugy"},{"vulnerability":"VCID-dc8s-fqv5-1uhk"},{"vulnerability":"VCID-dckx-y9zp-d7fy"},{"vulnerability":"VCID-dgdk-ahqm-9ken"},{"vulnerability":"VCID-dt1x-6344-fkda"},{"vulnerability":"VCID-dvk9-qsq9-4uc3"},{"vulnerability":"VCID-dwgd-79t9-d7a1"},{"vulnerability":"VCID-exeg-acrj-zkah"},{"vulnerability":"VCID-fkdm-gq5h-rbg7"},{"vulnerability":"VCID-g36a-kpzd-3bdf"},{"vulnerability":"VCID-ghak-3963-juhk"},{"vulnerability":"VCID-gr2e-ntp4-9fdg"},{"vulnerability":"VCID-gv5e-6w51-uydc"},{"vulnerability":"VCID-gyv4-k3na-eyhu"},{"vulnerability":"VCID-hjue-s41w-bye9"},{"vulnerability":"VCID-hr92-2apu-abg5"},{"vulnerability":"VCID-hxup-rgnc-mqbp"},{"vulnerability":"VCID-hzvd-ugxf-9fcd"},{"vulnerability":"VCID-j8hz-kys5-z3dr"},{"vulnerability":"VCID-jfsk-9epz-t7a8"},{"vulnerability":"VCID-jhzk-d1en-gkhj"},{"vulnerability":"VCID-jm25-gtrc-zuhh"},{"vulnerability":"VCID-jpky-uz5r-gbc8"},{"vulnerability":"VCID-jq8s-nkj4-j7h7"},{"vulnerability":"VCID-k6ct-rgvj-t3an"},{"vulnerability":"VCID-kbc1-6psh-17d8"},{"vulnerability":"VCID-kf26-bvty-a3g9"},{"vulnerability":"VCID-kmna-8rms-2bez"},{"vulnerability":"VCID-m24y-x4sk-2yd6"},{"vulnerability":"VCID-mt5g-24m9-tfbg"},{"vulnerability":"VCID-nw1y-zwsy-auff"},{"vulnerability":"VCID-pq67-ngsq-cbe4"},{"vulnerability":"VCID-pr4d-pmh8-yfeh"},{"vulnerability":"VCID-qjhb-ubp5-ukdy"},{"vulnerability":"VCID-s9bw-xmnt-xqbp"},{"vulnerability":"VCID-shsh-c1xa-xbes"},{"vulnerability":"VCID-sxtm-krnm-kff7"},{"vulnerability":"VCID-tv3h-kxj7-u7ct"},{"vulnerability":"VCID-tvba-94zp-t3hc"},{"vulnerability":"VCID-u2fq-9cjc-1kf6"},{"vulnerability":"VCID-ugpk-g4qu-x3b5"},{"vulnerability":"VCID-uxs4-bydz-tbh4"},{"vulnerability":"VCID-uya7-2sk1-6uat"},{"vulnerability":"VCID-v69z-xrfn-q3gu"},{"vulnerability":"VCID-vdjk-2v9a-xfdk"},{"vulnerability":"VCID-vs8q-ywf1-3qa2"},{"vulnerability":"VCID-vums-fzus-q7dn"},{"vulnerability":"VCID-w6nc-88yg-dkem"},{"vulnerability":"VCID-wcb5-wnjf-5uhm"},{"vulnerability":"VCID-wt2c-cyu2-kbgm"},{"vulnerability":"VCID-wxaq-rrqq-pyah"},{"vulnerability":"VCID-xbkp-kjgd-fqcx"},{"vulnerability":"VCID-xbmd-afn2-kfem"},{"vulnerability":"VCID-xk8n-4az9-zfh3"},{"vulnerability":"VCID-xmxb-sg5r-ufbt"},{"vulnerability":"VCID-xqks-vfap-aqb5"},{"vulnerability":"VCID-xymt-c6mk-73ff"},{"vulnerability":"VCID-y5qk-qy59-23hn"},{"vulnerability":"VCID-y9de-4w6u-abfa"},{"vulnerability":"VCID-zdyb-dh4t-5kam"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-services@10.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/61227?format=json","purl":"pkg:maven/org.keycloak/keycloak-wildfly-server-subsystem@10.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3kg4-uvgq-5khf"},{"vulnerability":"VCID-6gee-p7fr-1yhy"},{"vulnerability":"VCID-azxv-y5rj-vkg9"},{"vulnerability":"VCID-dc8s-fqv5-1uhk"},{"vulnerability":"VCID-gr2e-ntp4-9fdg"},{"vulnerability":"VCID-hjue-s41w-bye9"},{"vulnerability":"VCID-jm25-gtrc-zuhh"},{"vulnerability":"VCID-wt2c-cyu2-kbgm"},{"vulnerability":"VCID-xbkp-kjgd-fqcx"},{"vulnerability":"VCID-y36z-qpqd-37cs"},{"vulnerability":"VCID-y9de-4w6u-abfa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-wildfly-server-subsystem@10.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/61229?format=json","purl":"pkg:npm/keycloak-connect@10.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-361y-pegm-gqbs"},{"vulnerability":"VCID-38u7-pvx6-ayb4"},{"vulnerability":"VCID-3ajr-7d59-8ycu"},{"vulnerability":"VCID-6gee-p7fr-1yhy"},{"vulnerability":"VCID-6vdm-7hxn-3kh3"},{"vulnerability":"VCID-7662-z35s-9qeq"},{"vulnerability":"VCID-azxv-y5rj-vkg9"},{"vulnerability":"VCID-b7wt-ds9h-9bcu"},{"vulnerability":"VCID-crj8-4jaa-yyes"},{"vulnerability":"VCID-dc8s-fqv5-1uhk"},{"vulnerability":"VCID-e5va-tex4-5yea"},{"vulnerability":"VCID-jm25-gtrc-zuhh"},{"vulnerability":"VCID-k6ct-rgvj-t3an"},{"vulnerability":"VCID-wt2c-cyu2-kbgm"},{"vulnerability":"VCID-xbkp-kjgd-fqcx"},{"vulnerability":"VCID-y9de-4w6u-abfa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/keycloak-connect@10.0.0"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/2402?format=json","purl":"pkg:alpm/archlinux/keycloak@13.0.0-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-e4uj-ak3b-gqd6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/keycloak@13.0.0-1"},{"url":"http://public2.vulnerablecode.io/api/packages/61224?format=json","purl":"pkg:maven/org.keycloak/keycloak-core@9.0.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-e4uj-ak3b-gqd6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-core@9.0.13"},{"url":"http://public2.vulnerablecode.io/api/packages/61240?format=json","purl":"pkg:maven/org.keycloak/keycloak-model-infinispan@9.0.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-e4uj-ak3b-gqd6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-model-infinispan@9.0.13"},{"url":"http://public2.vulnerablecode.io/api/packages/61234?format=json","purl":"pkg:maven/org.keycloak/keycloak-model-jpa@9.0.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-e4uj-ak3b-gqd6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-model-jpa@9.0.13"},{"url":"http://public2.vulnerablecode.io/api/packages/61219?format=json","purl":"pkg:maven/org.keycloak/keycloak-saml-core-public@9.0.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-e4uj-ak3b-gqd6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-saml-core-public@9.0.13"},{"url":"http://public2.vulnerablecode.io/api/packages/61221?format=json","purl":"pkg:maven/org.keycloak/keycloak-server-spi-private@9.0.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-e4uj-ak3b-gqd6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-server-spi-private@9.0.13"},{"url":"http://public2.vulnerablecode.io/api/packages/61243?format=json","purl":"pkg:maven/org.keycloak/keycloak-services@9.0.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-e4uj-ak3b-gqd6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-services@9.0.13"},{"url":"http://public2.vulnerablecode.io/api/packages/61226?format=json","purl":"pkg:maven/org.keycloak/keycloak-wildfly-server-subsystem@9.0.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-e4uj-ak3b-gqd6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.keycloak/keycloak-wildfly-server-subsystem@9.0.13"},{"url":"http://public2.vulnerablecode.io/api/packages/61228?format=json","purl":"pkg:npm/keycloak-connect@9.0.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-e4uj-ak3b-gqd6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/keycloak-connect@9.0.13"},{"url":"http://public2.vulnerablecode.io/api/packages/137984?format=json","purl":"pkg:rpm/redhat/rh-sso7-keycloak@9.0.13-1.redhat_00006.1?arch=el7sso","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-e4uj-ak3b-gqd6"},{"vulnerability":"VCID-g36a-kpzd-3bdf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@9.0.13-1.redhat_00006.1%3Farch=el7sso"},{"url":"http://public2.vulnerablecode.io/api/packages/137985?format=json","purl":"pkg:rpm/redhat/rh-sso7-keycloak@9.0.13-1.redhat_00006.1?arch=el8sso","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-e4uj-ak3b-gqd6"},{"vulnerability":"VCID-g36a-kpzd-3bdf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@9.0.13-1.redhat_00006.1%3Farch=el8sso"},{"url":"http://public2.vulnerablecode.io/api/packages/137986?format=json","purl":"pkg:rpm/redhat/rh-sso7-keycloak@9.0.13-1.redhat_00006.1?arch=el6sso","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-e4uj-ak3b-gqd6"},{"vulnerability":"VCID-g36a-kpzd-3bdf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@9.0.13-1.redhat_00006.1%3Farch=el6sso"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3461.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3461.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3461","reference_id":"","reference_type":"","scores":[{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.1655","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16468","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3461"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1941565","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1941565"},{"reference_url":"https://github.com/keycloak/keycloak/issues/11203","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/keycloak/keycloak/issues/11203"},{"reference_url":"https://security.archlinux.org/ASA-202106-19","reference_id":"ASA-202106-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-19"},{"reference_url":"https://security.archlinux.org/AVG-1994","reference_id":"AVG-1994","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1994"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3461","reference_id":"CVE-2021-3461","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3461"},{"reference_url":"https://github.com/advisories/GHSA-cm29-6wx7-p874","reference_id":"GHSA-cm29-6wx7-p874","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-cm29-6wx7-p874"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2063","reference_id":"RHSA-2021:2063","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2063"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2064","reference_id":"RHSA-2021:2064","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2064"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2065","reference_id":"RHSA-2021:2065","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2065"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2070","reference_id":"RHSA-2021:2070","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2070"}],"weaknesses":[{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."},{"cwe_id":613,"name":"Insufficient Session Expiration","description":"According to WASC, Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."}],"exploits":[],"severity_range_score":"0.1 - 8.9","exploitability":"0.5","weighted_severity":"8.0","risk_score":4.0,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e4uj-ak3b-gqd6"}