Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-cf4e-n3d4-x7fq

Summary

Undertow Uncontrolled Resource Consumption Vulnerability
A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and open file limits exhausted at some point, depending on the amount of memory available.

At HTTP upgrade to remoting, the WriteTimeoutStreamSinkConduit leaks connections if RemotingConnection is closed by Remoting ServerConnectionOpenListener. Because the remoting connection originates in Undertow as part of the HTTP upgrade, there is an external layer to the remoting connection. This connection is unaware of the outermost layer when closing the connection during the connection opening procedure. Hence, the Undertow WriteTimeoutStreamSinkConduit is not notified of the closed connection in this scenario. Because WriteTimeoutStreamSinkConduit creates a timeout task, the whole dependency tree leaks via that task, which is added to XNIO WorkerThread. So, the workerThread points to the Undertow conduit, which contains the connections and causes the leak.

Aliases

alias	CVE-2024-1635

alias	GHSA-w6qf-42m7-vh68

Fixed_packages

url	pkg:deb/debian/undertow@2.3.18-1?distro=sid
purl	pkg:deb/debian/undertow@2.3.18-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/undertow@2.3.18-1%3Fdistro=sid

url	pkg:deb/debian/undertow@2.3.20-1?distro=sid
purl	pkg:deb/debian/undertow@2.3.20-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/undertow@2.3.20-1%3Fdistro=sid

url	pkg:maven/io.undertow/undertow-core@2.2.31.Final
purl	pkg:maven/io.undertow/undertow-core@2.2.31.Final
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/io.undertow/undertow-core@2.2.31.Final

url	pkg:maven/io.undertow/undertow-core@2.3.12.Final
purl	pkg:maven/io.undertow/undertow-core@2.3.12.Final
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/io.undertow/undertow-core@2.3.12.Final

Affected_packages

url pkg:maven/io.undertow/undertow-core@2.3.0.Final

purl pkg:maven/io.undertow/undertow-core@2.3.0.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cf4e-n3d4-x7fq

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/io.undertow/undertow-core@2.3.0.Final

url pkg:rpm/redhat/eap7-activemq-artemis@1.5.5.016-1.redhat_00001.1.ep7?arch=el7

purl pkg:rpm/redhat/eap7-activemq-artemis@1.5.5.016-1.redhat_00001.1.ep7?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-52hy-69kb-byee

vulnerability	VCID-5cgf-6rth-nyfg

vulnerability	VCID-5r6b-8ze2-ruhw

vulnerability	VCID-6wpa-h8xy-kfh2

vulnerability	VCID-apmf-stq4-8udt

vulnerability	VCID-ast2-qxn7-m3ar

vulnerability	VCID-c4ms-cx82-n7bm

vulnerability	VCID-cf4e-n3d4-x7fq

vulnerability	VCID-ewgw-1sk9-dqhe

vulnerability	VCID-gpvy-v7xt-ekc8

vulnerability	VCID-j3w4-fpgm-bqf9

vulnerability	VCID-swy1-8ztq-5qgn

vulnerability	VCID-tqvr-tetp-8ugb

vulnerability	VCID-vb58-6kfn-7uaj

vulnerability	VCID-wvzn-b6g3-37gr

vulnerability	VCID-wz1m-11gx-cfd2

vulnerability	VCID-y7gj-gcwm-8fde

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-activemq-artemis@1.5.5.016-1.redhat_00001.1.ep7%3Farch=el7

url pkg:rpm/redhat/eap7-artemis-native@1:1.5.5.016-1.redhat_00001.1.ep7?arch=el7

purl pkg:rpm/redhat/eap7-artemis-native@1:1.5.5.016-1.redhat_00001.1.ep7?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-52hy-69kb-byee

vulnerability	VCID-5cgf-6rth-nyfg

vulnerability	VCID-5r6b-8ze2-ruhw

vulnerability	VCID-6wpa-h8xy-kfh2

vulnerability	VCID-apmf-stq4-8udt

vulnerability	VCID-ast2-qxn7-m3ar

vulnerability	VCID-c4ms-cx82-n7bm

vulnerability	VCID-cf4e-n3d4-x7fq

vulnerability	VCID-ewgw-1sk9-dqhe

vulnerability	VCID-gpvy-v7xt-ekc8

vulnerability	VCID-j3w4-fpgm-bqf9

vulnerability	VCID-swy1-8ztq-5qgn

vulnerability	VCID-tqvr-tetp-8ugb

vulnerability	VCID-vb58-6kfn-7uaj

vulnerability	VCID-wvzn-b6g3-37gr

vulnerability	VCID-wz1m-11gx-cfd2

vulnerability	VCID-y7gj-gcwm-8fde

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-artemis-native@1:1.5.5.016-1.redhat_00001.1.ep7%3Farch=el7

url pkg:rpm/redhat/eap7-jackson-annotations@2.10.4-3.redhat_00006.1?arch=el7eap

purl pkg:rpm/redhat/eap7-jackson-annotations@2.10.4-3.redhat_00006.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-52hy-69kb-byee

vulnerability	VCID-6y93-ewt4-5kaz

vulnerability	VCID-87dy-43px-e7gv

vulnerability	VCID-8fr2-v728-cfcc

vulnerability	VCID-cf4e-n3d4-x7fq

vulnerability	VCID-ewgw-1sk9-dqhe

vulnerability	VCID-fmhu-72zm-wucj

vulnerability	VCID-fp7h-pcay-kfgj

vulnerability	VCID-n3fq-7exc-qyan

vulnerability	VCID-r2k1-7y3z-77hh

vulnerability	VCID-tqvr-tetp-8ugb

vulnerability	VCID-vb58-6kfn-7uaj

vulnerability	VCID-wz1m-11gx-cfd2

vulnerability	VCID-zfjn-asm3-4kfu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-annotations@2.10.4-3.redhat_00006.1%3Farch=el7eap

url pkg:rpm/redhat/eap7-jackson-core@2.10.4-3.redhat_00006.1?arch=el7eap

purl pkg:rpm/redhat/eap7-jackson-core@2.10.4-3.redhat_00006.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-52hy-69kb-byee

vulnerability	VCID-6y93-ewt4-5kaz

vulnerability	VCID-87dy-43px-e7gv

vulnerability	VCID-8fr2-v728-cfcc

vulnerability	VCID-cf4e-n3d4-x7fq

vulnerability	VCID-ewgw-1sk9-dqhe

vulnerability	VCID-fmhu-72zm-wucj

vulnerability	VCID-fp7h-pcay-kfgj

vulnerability	VCID-n3fq-7exc-qyan

vulnerability	VCID-r2k1-7y3z-77hh

vulnerability	VCID-tqvr-tetp-8ugb

vulnerability	VCID-vb58-6kfn-7uaj

vulnerability	VCID-wz1m-11gx-cfd2

vulnerability	VCID-zfjn-asm3-4kfu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-core@2.10.4-3.redhat_00006.1%3Farch=el7eap

url pkg:rpm/redhat/eap7-jackson-databind@2.10.4-5.redhat_00006.1?arch=el7eap

purl pkg:rpm/redhat/eap7-jackson-databind@2.10.4-5.redhat_00006.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-52hy-69kb-byee

vulnerability	VCID-6y93-ewt4-5kaz

vulnerability	VCID-87dy-43px-e7gv

vulnerability	VCID-8fr2-v728-cfcc

vulnerability	VCID-cf4e-n3d4-x7fq

vulnerability	VCID-ewgw-1sk9-dqhe

vulnerability	VCID-fmhu-72zm-wucj

vulnerability	VCID-fp7h-pcay-kfgj

vulnerability	VCID-n3fq-7exc-qyan

vulnerability	VCID-r2k1-7y3z-77hh

vulnerability	VCID-tqvr-tetp-8ugb

vulnerability	VCID-vb58-6kfn-7uaj

vulnerability	VCID-wz1m-11gx-cfd2

vulnerability	VCID-zfjn-asm3-4kfu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-databind@2.10.4-5.redhat_00006.1%3Farch=el7eap

url pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.10.4-3.redhat_00006.1?arch=el7eap

purl pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.10.4-3.redhat_00006.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-52hy-69kb-byee

vulnerability	VCID-6y93-ewt4-5kaz

vulnerability	VCID-87dy-43px-e7gv

vulnerability	VCID-8fr2-v728-cfcc

vulnerability	VCID-cf4e-n3d4-x7fq

vulnerability	VCID-ewgw-1sk9-dqhe

vulnerability	VCID-fmhu-72zm-wucj

vulnerability	VCID-fp7h-pcay-kfgj

vulnerability	VCID-n3fq-7exc-qyan

vulnerability	VCID-r2k1-7y3z-77hh

vulnerability	VCID-tqvr-tetp-8ugb

vulnerability	VCID-vb58-6kfn-7uaj

vulnerability	VCID-wz1m-11gx-cfd2

vulnerability	VCID-zfjn-asm3-4kfu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.10.4-3.redhat_00006.1%3Farch=el7eap

url pkg:rpm/redhat/eap7-jackson-modules-base@2.10.4-5.redhat_00006.1?arch=el7eap

purl pkg:rpm/redhat/eap7-jackson-modules-base@2.10.4-5.redhat_00006.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-52hy-69kb-byee

vulnerability	VCID-6y93-ewt4-5kaz

vulnerability	VCID-87dy-43px-e7gv

vulnerability	VCID-8fr2-v728-cfcc

vulnerability	VCID-cf4e-n3d4-x7fq

vulnerability	VCID-ewgw-1sk9-dqhe

vulnerability	VCID-fmhu-72zm-wucj

vulnerability	VCID-fp7h-pcay-kfgj

vulnerability	VCID-n3fq-7exc-qyan

vulnerability	VCID-r2k1-7y3z-77hh

vulnerability	VCID-tqvr-tetp-8ugb

vulnerability	VCID-vb58-6kfn-7uaj

vulnerability	VCID-wz1m-11gx-cfd2

vulnerability	VCID-zfjn-asm3-4kfu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-modules-base@2.10.4-5.redhat_00006.1%3Farch=el7eap

url pkg:rpm/redhat/eap7-jackson-modules-java8@2.10.4-2.redhat_00006.1?arch=el7eap

purl pkg:rpm/redhat/eap7-jackson-modules-java8@2.10.4-2.redhat_00006.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-52hy-69kb-byee

vulnerability	VCID-6y93-ewt4-5kaz

vulnerability	VCID-87dy-43px-e7gv

vulnerability	VCID-8fr2-v728-cfcc

vulnerability	VCID-cf4e-n3d4-x7fq

vulnerability	VCID-ewgw-1sk9-dqhe

vulnerability	VCID-fmhu-72zm-wucj

vulnerability	VCID-fp7h-pcay-kfgj

vulnerability	VCID-n3fq-7exc-qyan

vulnerability	VCID-r2k1-7y3z-77hh

vulnerability	VCID-tqvr-tetp-8ugb

vulnerability	VCID-vb58-6kfn-7uaj

vulnerability	VCID-wz1m-11gx-cfd2

vulnerability	VCID-zfjn-asm3-4kfu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-modules-java8@2.10.4-2.redhat_00006.1%3Farch=el7eap

url pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-16.Final_redhat_00017.1?arch=el7eap

purl pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-16.Final_redhat_00017.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-52hy-69kb-byee

vulnerability	VCID-6y93-ewt4-5kaz

vulnerability	VCID-87dy-43px-e7gv

vulnerability	VCID-8fr2-v728-cfcc

vulnerability	VCID-cf4e-n3d4-x7fq

vulnerability	VCID-ewgw-1sk9-dqhe

vulnerability	VCID-fmhu-72zm-wucj

vulnerability	VCID-fp7h-pcay-kfgj

vulnerability	VCID-n3fq-7exc-qyan

vulnerability	VCID-r2k1-7y3z-77hh

vulnerability	VCID-tqvr-tetp-8ugb

vulnerability	VCID-vb58-6kfn-7uaj

vulnerability	VCID-wz1m-11gx-cfd2

vulnerability	VCID-zfjn-asm3-4kfu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-16.Final_redhat_00017.1%3Farch=el7eap

url pkg:rpm/redhat/eap7-jboss-xnio-base@3.5.11-1.Final_redhat_00001.1.ep7?arch=el7

purl pkg:rpm/redhat/eap7-jboss-xnio-base@3.5.11-1.Final_redhat_00001.1.ep7?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-52hy-69kb-byee

vulnerability	VCID-5cgf-6rth-nyfg

vulnerability	VCID-5r6b-8ze2-ruhw

vulnerability	VCID-6wpa-h8xy-kfh2

vulnerability	VCID-apmf-stq4-8udt

vulnerability	VCID-ast2-qxn7-m3ar

vulnerability	VCID-c4ms-cx82-n7bm

vulnerability	VCID-cf4e-n3d4-x7fq

vulnerability	VCID-ewgw-1sk9-dqhe

vulnerability	VCID-gpvy-v7xt-ekc8

vulnerability	VCID-j3w4-fpgm-bqf9

vulnerability	VCID-swy1-8ztq-5qgn

vulnerability	VCID-tqvr-tetp-8ugb

vulnerability	VCID-vb58-6kfn-7uaj

vulnerability	VCID-wvzn-b6g3-37gr

vulnerability	VCID-wz1m-11gx-cfd2

vulnerability	VCID-y7gj-gcwm-8fde

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-xnio-base@3.5.11-1.Final_redhat_00001.1.ep7%3Farch=el7

url pkg:rpm/redhat/eap7-jsoup@1.14.2-1.redhat_00002.1.ep7?arch=el7

purl pkg:rpm/redhat/eap7-jsoup@1.14.2-1.redhat_00002.1.ep7?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-52hy-69kb-byee

vulnerability	VCID-5cgf-6rth-nyfg

vulnerability	VCID-5r6b-8ze2-ruhw

vulnerability	VCID-6wpa-h8xy-kfh2

vulnerability	VCID-apmf-stq4-8udt

vulnerability	VCID-ast2-qxn7-m3ar

vulnerability	VCID-c4ms-cx82-n7bm

vulnerability	VCID-cf4e-n3d4-x7fq

vulnerability	VCID-ewgw-1sk9-dqhe

vulnerability	VCID-gpvy-v7xt-ekc8

vulnerability	VCID-j3w4-fpgm-bqf9

vulnerability	VCID-swy1-8ztq-5qgn

vulnerability	VCID-tqvr-tetp-8ugb

vulnerability	VCID-vb58-6kfn-7uaj

vulnerability	VCID-wvzn-b6g3-37gr

vulnerability	VCID-wz1m-11gx-cfd2

vulnerability	VCID-y7gj-gcwm-8fde

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jsoup@1.14.2-1.redhat_00002.1.ep7%3Farch=el7

url pkg:rpm/redhat/eap7-netty@4.1.63-5.Final_redhat_00003.1?arch=el7eap

purl pkg:rpm/redhat/eap7-netty@4.1.63-5.Final_redhat_00003.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-52hy-69kb-byee

vulnerability	VCID-6y93-ewt4-5kaz

vulnerability	VCID-87dy-43px-e7gv

vulnerability	VCID-8fr2-v728-cfcc

vulnerability	VCID-cf4e-n3d4-x7fq

vulnerability	VCID-ewgw-1sk9-dqhe

vulnerability	VCID-fmhu-72zm-wucj

vulnerability	VCID-fp7h-pcay-kfgj

vulnerability	VCID-n3fq-7exc-qyan

vulnerability	VCID-r2k1-7y3z-77hh

vulnerability	VCID-tqvr-tetp-8ugb

vulnerability	VCID-vb58-6kfn-7uaj

vulnerability	VCID-wz1m-11gx-cfd2

vulnerability	VCID-zfjn-asm3-4kfu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-netty@4.1.63-5.Final_redhat_00003.1%3Farch=el7eap

url pkg:rpm/redhat/eap7-undertow@1.4.18-14.SP13_redhat_00001.1.ep7?arch=el7

purl pkg:rpm/redhat/eap7-undertow@1.4.18-14.SP13_redhat_00001.1.ep7?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-52hy-69kb-byee

vulnerability	VCID-5cgf-6rth-nyfg

vulnerability	VCID-5r6b-8ze2-ruhw

vulnerability	VCID-6wpa-h8xy-kfh2

vulnerability	VCID-apmf-stq4-8udt

vulnerability	VCID-ast2-qxn7-m3ar

vulnerability	VCID-c4ms-cx82-n7bm

vulnerability	VCID-cf4e-n3d4-x7fq

vulnerability	VCID-ewgw-1sk9-dqhe

vulnerability	VCID-gpvy-v7xt-ekc8

vulnerability	VCID-j3w4-fpgm-bqf9

vulnerability	VCID-swy1-8ztq-5qgn

vulnerability	VCID-tqvr-tetp-8ugb

vulnerability	VCID-vb58-6kfn-7uaj

vulnerability	VCID-wvzn-b6g3-37gr

vulnerability	VCID-wz1m-11gx-cfd2

vulnerability	VCID-y7gj-gcwm-8fde

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow@1.4.18-14.SP13_redhat_00001.1.ep7%3Farch=el7

url pkg:rpm/redhat/eap7-undertow@2.0.41-4.SP5_redhat_00001.1?arch=el7eap

purl pkg:rpm/redhat/eap7-undertow@2.0.41-4.SP5_redhat_00001.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-52hy-69kb-byee

vulnerability	VCID-6y93-ewt4-5kaz

vulnerability	VCID-87dy-43px-e7gv

vulnerability	VCID-8fr2-v728-cfcc

vulnerability	VCID-cf4e-n3d4-x7fq

vulnerability	VCID-ewgw-1sk9-dqhe

vulnerability	VCID-fmhu-72zm-wucj

vulnerability	VCID-fp7h-pcay-kfgj

vulnerability	VCID-n3fq-7exc-qyan

vulnerability	VCID-r2k1-7y3z-77hh

vulnerability	VCID-tqvr-tetp-8ugb

vulnerability	VCID-vb58-6kfn-7uaj

vulnerability	VCID-wz1m-11gx-cfd2

vulnerability	VCID-zfjn-asm3-4kfu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow@2.0.41-4.SP5_redhat_00001.1%3Farch=el7eap

url pkg:rpm/redhat/eap7-undertow@2.2.30-1.SP1_redhat_00001.1?arch=el8eap

purl pkg:rpm/redhat/eap7-undertow@2.2.30-1.SP1_redhat_00001.1?arch=el8eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-38u7-pvx6-ayb4

vulnerability	VCID-52hy-69kb-byee

vulnerability	VCID-cf4e-n3d4-x7fq

vulnerability	VCID-ufjr-4tdy-q7hx

vulnerability	VCID-yrfg-zshw-tygb

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow@2.2.30-1.SP1_redhat_00001.1%3Farch=el8eap

url pkg:rpm/redhat/eap7-undertow@2.2.30-1.SP1_redhat_00001.1?arch=el7eap

purl pkg:rpm/redhat/eap7-undertow@2.2.30-1.SP1_redhat_00001.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-38u7-pvx6-ayb4

vulnerability	VCID-52hy-69kb-byee

vulnerability	VCID-cf4e-n3d4-x7fq

vulnerability	VCID-ufjr-4tdy-q7hx

vulnerability	VCID-yrfg-zshw-tygb

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow@2.2.30-1.SP1_redhat_00001.1%3Farch=el7eap

url pkg:rpm/redhat/eap7-undertow@2.2.30-1.SP1_redhat_00001.1?arch=el9eap

purl pkg:rpm/redhat/eap7-undertow@2.2.30-1.SP1_redhat_00001.1?arch=el9eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-38u7-pvx6-ayb4

vulnerability	VCID-52hy-69kb-byee

vulnerability	VCID-cf4e-n3d4-x7fq

vulnerability	VCID-ufjr-4tdy-q7hx

vulnerability	VCID-yrfg-zshw-tygb

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow@2.2.30-1.SP1_redhat_00001.1%3Farch=el9eap

url pkg:rpm/redhat/eap7-wildfly@7.1.10-2.GA_redhat_00002.1.ep7?arch=el7

purl pkg:rpm/redhat/eap7-wildfly@7.1.10-2.GA_redhat_00002.1.ep7?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-52hy-69kb-byee

vulnerability	VCID-5cgf-6rth-nyfg

vulnerability	VCID-5r6b-8ze2-ruhw

vulnerability	VCID-6wpa-h8xy-kfh2

vulnerability	VCID-apmf-stq4-8udt

vulnerability	VCID-ast2-qxn7-m3ar

vulnerability	VCID-c4ms-cx82-n7bm

vulnerability	VCID-cf4e-n3d4-x7fq

vulnerability	VCID-ewgw-1sk9-dqhe

vulnerability	VCID-gpvy-v7xt-ekc8

vulnerability	VCID-j3w4-fpgm-bqf9

vulnerability	VCID-swy1-8ztq-5qgn

vulnerability	VCID-tqvr-tetp-8ugb

vulnerability	VCID-vb58-6kfn-7uaj

vulnerability	VCID-wvzn-b6g3-37gr

vulnerability	VCID-wz1m-11gx-cfd2

vulnerability	VCID-y7gj-gcwm-8fde

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly@7.1.10-2.GA_redhat_00002.1.ep7%3Farch=el7

url pkg:rpm/redhat/eap7-wildfly@7.3.14-3.GA_redhat_00002.1?arch=el7eap

purl pkg:rpm/redhat/eap7-wildfly@7.3.14-3.GA_redhat_00002.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-52hy-69kb-byee

vulnerability	VCID-6y93-ewt4-5kaz

vulnerability	VCID-87dy-43px-e7gv

vulnerability	VCID-8fr2-v728-cfcc

vulnerability	VCID-cf4e-n3d4-x7fq

vulnerability	VCID-ewgw-1sk9-dqhe

vulnerability	VCID-fmhu-72zm-wucj

vulnerability	VCID-fp7h-pcay-kfgj

vulnerability	VCID-n3fq-7exc-qyan

vulnerability	VCID-r2k1-7y3z-77hh

vulnerability	VCID-tqvr-tetp-8ugb

vulnerability	VCID-vb58-6kfn-7uaj

vulnerability	VCID-wz1m-11gx-cfd2

vulnerability	VCID-zfjn-asm3-4kfu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly@7.3.14-3.GA_redhat_00002.1%3Farch=el7eap

url pkg:rpm/redhat/eap7-wildfly-elytron@1.10.17-1.Final_redhat_00001.1?arch=el7eap

purl pkg:rpm/redhat/eap7-wildfly-elytron@1.10.17-1.Final_redhat_00001.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-52hy-69kb-byee

vulnerability	VCID-6y93-ewt4-5kaz

vulnerability	VCID-87dy-43px-e7gv

vulnerability	VCID-8fr2-v728-cfcc

vulnerability	VCID-cf4e-n3d4-x7fq

vulnerability	VCID-ewgw-1sk9-dqhe

vulnerability	VCID-fmhu-72zm-wucj

vulnerability	VCID-fp7h-pcay-kfgj

vulnerability	VCID-n3fq-7exc-qyan

vulnerability	VCID-r2k1-7y3z-77hh

vulnerability	VCID-tqvr-tetp-8ugb

vulnerability	VCID-vb58-6kfn-7uaj

vulnerability	VCID-wz1m-11gx-cfd2

vulnerability	VCID-zfjn-asm3-4kfu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-elytron@1.10.17-1.Final_redhat_00001.1%3Farch=el7eap

url pkg:rpm/redhat/eap7-woodstox-core@5.0.3-2.redhat_00002.1.ep7?arch=el7

purl pkg:rpm/redhat/eap7-woodstox-core@5.0.3-2.redhat_00002.1.ep7?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-52hy-69kb-byee

vulnerability	VCID-5cgf-6rth-nyfg

vulnerability	VCID-5r6b-8ze2-ruhw

vulnerability	VCID-6wpa-h8xy-kfh2

vulnerability	VCID-apmf-stq4-8udt

vulnerability	VCID-ast2-qxn7-m3ar

vulnerability	VCID-c4ms-cx82-n7bm

vulnerability	VCID-cf4e-n3d4-x7fq

vulnerability	VCID-ewgw-1sk9-dqhe

vulnerability	VCID-gpvy-v7xt-ekc8

vulnerability	VCID-j3w4-fpgm-bqf9

vulnerability	VCID-swy1-8ztq-5qgn

vulnerability	VCID-tqvr-tetp-8ugb

vulnerability	VCID-vb58-6kfn-7uaj

vulnerability	VCID-wvzn-b6g3-37gr

vulnerability	VCID-wz1m-11gx-cfd2

vulnerability	VCID-y7gj-gcwm-8fde

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-woodstox-core@5.0.3-2.redhat_00002.1.ep7%3Farch=el7

url pkg:rpm/redhat/eap7-xml-security@2.0.10-2.redhat_00002.1.ep7?arch=el7

purl pkg:rpm/redhat/eap7-xml-security@2.0.10-2.redhat_00002.1.ep7?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-52hy-69kb-byee

vulnerability	VCID-5cgf-6rth-nyfg

vulnerability	VCID-5r6b-8ze2-ruhw

vulnerability	VCID-6wpa-h8xy-kfh2

vulnerability	VCID-apmf-stq4-8udt

vulnerability	VCID-ast2-qxn7-m3ar

vulnerability	VCID-c4ms-cx82-n7bm

vulnerability	VCID-cf4e-n3d4-x7fq

vulnerability	VCID-ewgw-1sk9-dqhe

vulnerability	VCID-gpvy-v7xt-ekc8

vulnerability	VCID-j3w4-fpgm-bqf9

vulnerability	VCID-swy1-8ztq-5qgn

vulnerability	VCID-tqvr-tetp-8ugb

vulnerability	VCID-vb58-6kfn-7uaj

vulnerability	VCID-wvzn-b6g3-37gr

vulnerability	VCID-wz1m-11gx-cfd2

vulnerability	VCID-y7gj-gcwm-8fde

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-xml-security@2.0.10-2.redhat_00002.1.ep7%3Farch=el7

url pkg:rpm/redhat/rh-sso7-keycloak@18.0.13-1.redhat_00001.1?arch=el8sso

purl pkg:rpm/redhat/rh-sso7-keycloak@18.0.13-1.redhat_00001.1?arch=el8sso

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cf4e-n3d4-x7fq

vulnerability	VCID-dt1x-6344-fkda

vulnerability	VCID-kbc1-6psh-17d8

vulnerability	VCID-nw1y-zwsy-auff

vulnerability	VCID-y5qk-qy59-23hn

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@18.0.13-1.redhat_00001.1%3Farch=el8sso

url pkg:rpm/redhat/rh-sso7-keycloak@18.0.13-1.redhat_00001.1?arch=el9sso

purl pkg:rpm/redhat/rh-sso7-keycloak@18.0.13-1.redhat_00001.1?arch=el9sso

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cf4e-n3d4-x7fq

vulnerability	VCID-dt1x-6344-fkda

vulnerability	VCID-kbc1-6psh-17d8

vulnerability	VCID-nw1y-zwsy-auff

vulnerability	VCID-y5qk-qy59-23hn

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@18.0.13-1.redhat_00001.1%3Farch=el9sso

url pkg:rpm/redhat/rh-sso7-keycloak@18.0.13-1.redhat_00001.1?arch=el7sso

purl pkg:rpm/redhat/rh-sso7-keycloak@18.0.13-1.redhat_00001.1?arch=el7sso

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cf4e-n3d4-x7fq

vulnerability	VCID-dt1x-6344-fkda

vulnerability	VCID-kbc1-6psh-17d8

vulnerability	VCID-nw1y-zwsy-auff

vulnerability	VCID-y5qk-qy59-23hn

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@18.0.13-1.redhat_00001.1%3Farch=el7sso

References

reference_url

https://access.redhat.com/errata/RHSA-2024:1674

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:54:05Z/

url

https://access.redhat.com/errata/RHSA-2024:1674

reference_url

https://access.redhat.com/errata/RHSA-2024:1675

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:54:05Z/

url

https://access.redhat.com/errata/RHSA-2024:1675

reference_url

https://access.redhat.com/errata/RHSA-2024:1676

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:54:05Z/

url

https://access.redhat.com/errata/RHSA-2024:1676

reference_url

https://access.redhat.com/errata/RHSA-2024:1677

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:54:05Z/

url

https://access.redhat.com/errata/RHSA-2024:1677

reference_url

https://access.redhat.com/errata/RHSA-2024:1860

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:54:05Z/

url

https://access.redhat.com/errata/RHSA-2024:1860

reference_url

https://access.redhat.com/errata/RHSA-2024:1861

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:54:05Z/

url

https://access.redhat.com/errata/RHSA-2024:1861

reference_url

https://access.redhat.com/errata/RHSA-2024:1862

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:54:05Z/

url

https://access.redhat.com/errata/RHSA-2024:1862

reference_url

https://access.redhat.com/errata/RHSA-2024:1864

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:54:05Z/

url

https://access.redhat.com/errata/RHSA-2024:1864

reference_url

https://access.redhat.com/errata/RHSA-2024:1866

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:54:05Z/

url

https://access.redhat.com/errata/RHSA-2024:1866

reference_url

https://access.redhat.com/errata/RHSA-2024:3354

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:54:05Z/

url

https://access.redhat.com/errata/RHSA-2024:3354

reference_url

https://access.redhat.com/errata/RHSA-2024:4884

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:54:05Z/

url

https://access.redhat.com/errata/RHSA-2024:4884

reference_url

https://access.redhat.com/errata/RHSA-2025:4226

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:54:05Z/

url

https://access.redhat.com/errata/RHSA-2025:4226

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1635.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1635.json

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2264928

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:54:05Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2264928

reference_url

https://github.com/undertow-io/undertow

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/undertow-io/undertow

reference_url

https://github.com/undertow-io/undertow/commit/3cdb104e225f34547ce9fd6eb8799eb68e040f19

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/undertow-io/undertow/commit/3cdb104e225f34547ce9fd6eb8799eb68e040f19

reference_url

https://github.com/undertow-io/undertow/commit/7d388c5aae9b82afb63f24e3b6a2044838dfb4de

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/undertow-io/undertow/commit/7d388c5aae9b82afb63f24e3b6a2044838dfb4de

reference_url

https://security.netapp.com/advisory/ntap-20240322-0007

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20240322-0007

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068817
reference_id	1068817
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068817

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:amq_streams:1
reference_id	cpe:/a:redhat:amq_streams:1
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:amq_streams:1

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:apache_camel_spring_boot:4.4::el6
reference_id	cpe:/a:redhat:apache_camel_spring_boot:4.4::el6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:apache_camel_spring_boot:4.4::el6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:
reference_id	cpe:/a:redhat:build_keycloak:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:camel_quarkus:2
reference_id	cpe:/a:redhat:camel_quarkus:2
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:camel_quarkus:2

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:camel_quarkus:3
reference_id	cpe:/a:redhat:camel_quarkus:3
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:camel_quarkus:3

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:camel_spring_boot:3
reference_id	cpe:/a:redhat:camel_spring_boot:3
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:camel_spring_boot:3

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:camel_spring_boot:4
reference_id	cpe:/a:redhat:camel_spring_boot:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:camel_spring_boot:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:integration:1
reference_id	cpe:/a:redhat:integration:1
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:integration:1

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_grid:7
reference_id	cpe:/a:redhat:jboss_data_grid:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_grid:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_grid:8
reference_id	cpe:/a:redhat:jboss_data_grid:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_grid:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4
reference_id	cpe:/a:redhat:jboss_enterprise_application_platform:7.4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7
reference_id	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8
reference_id	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9
reference_id	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8
reference_id	cpe:/a:redhat:jboss_enterprise_application_platform:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7
reference_id	cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7
reference_id	cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_bpms_platform:7
reference_id	cpe:/a:redhat:jboss_enterprise_bpms_platform:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_bpms_platform:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_fuse:7
reference_id	cpe:/a:redhat:jboss_fuse:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_fuse:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_fuse_service_works:6
reference_id	cpe:/a:redhat:jboss_fuse_service_works:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_fuse_service_works:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:optaplanner:::el6
reference_id	cpe:/a:redhat:optaplanner:::el6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:optaplanner:::el6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:quarkus:2
reference_id	cpe:/a:redhat:quarkus:2
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:quarkus:2

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:quarkus:3
reference_id	cpe:/a:redhat:quarkus:3
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:quarkus:3

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6
reference_id	cpe:/a:redhat:red_hat_single_sign_on:7.6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el7
reference_id	cpe:/a:redhat:red_hat_single_sign_on:7.6::el7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el8
reference_id	cpe:/a:redhat:red_hat_single_sign_on:7.6::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el9
reference_id	cpe:/a:redhat:red_hat_single_sign_on:7.6::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhosemc:1.0::el8
reference_id	cpe:/a:redhat:rhosemc:1.0::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhosemc:1.0::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:serverless:1
reference_id	cpe:/a:redhat:serverless:1
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:serverless:1

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:service_registry:2
reference_id	cpe:/a:redhat:service_registry:2
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:service_registry:2

reference_url

https://access.redhat.com/security/cve/CVE-2024-1635

reference_id

CVE-2024-1635

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:54:05Z/

url

https://access.redhat.com/security/cve/CVE-2024-1635

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-1635

reference_id

CVE-2024-1635

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-1635

reference_url

https://github.com/advisories/GHSA-w6qf-42m7-vh68

reference_id

GHSA-w6qf-42m7-vh68

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-w6qf-42m7-vh68

Weaknesses

cwe_id	400
name	Uncontrolled Resource Consumption
description	The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

Exploits

Severity_range_score 7.0 - 8.9

Exploitability 0.5

Weighted_severity 8.0

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cf4e-n3d4-x7fq

Vulnerability Instance