{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5122?format=json","vulnerability_id":"VCID-akr4-z7v7-9qbc","summary":"Apache CXF before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3, when the plaintext UsernameToken WS-SecurityPolicy is enabled, allows remote attackers to bypass authentication via a security header of a SOAP request containing a UsernameToken element that lacks a password child element.","aliases":[{"alias":"CVE-2013-0239"},{"alias":"GHSA-p5c5-6564-vvr8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/50597?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.5.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-u5sk-1a1u-zuex"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.5.9"},{"url":"http://public2.vulnerablecode.io/api/packages/50598?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.6.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-u5sk-1a1u-zuex"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.6.6"},{"url":"http://public2.vulnerablecode.io/api/packages/50599?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.7.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-u5sk-1a1u-zuex"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.7.3"},{"url":"http://public2.vulnerablecode.io/api/packages/20233?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.5.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ghg-a6dy-tkb2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.5.9"},{"url":"http://public2.vulnerablecode.io/api/packages/20234?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.6.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ghg-a6dy-tkb2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.6.6"},{"url":"http://public2.vulnerablecode.io/api/packages/20235?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.7.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ghg-a6dy-tkb2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.7.3"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/219963?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-n7kg-dj54-qybc"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.1"},{"url":"http://public2.vulnerablecode.io/api/packages/219964?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-n7kg-dj54-qybc"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/219965?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.1.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-n7kg-dj54-qybc"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.1.2"},{"url":"http://public2.vulnerablecode.io/api/packages/219966?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.1.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-n7kg-dj54-qybc"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.1.3"},{"url":"http://public2.vulnerablecode.io/api/packages/219967?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.1.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-n7kg-dj54-qybc"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.1.4"},{"url":"http://public2.vulnerablecode.io/api/packages/219968?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.1.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-n7kg-dj54-qybc"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.1.5"},{"url":"http://public2.vulnerablecode.io/api/packages/219969?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.1.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-n7kg-dj54-qybc"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.1.6"},{"url":"http://public2.vulnerablecode.io/api/packages/219970?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.1.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-n7kg-dj54-qybc"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.1.7"},{"url":"http://public2.vulnerablecode.io/api/packages/219971?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.1.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-n7kg-dj54-qybc"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.1.8"},{"url":"http://public2.vulnerablecode.io/api/packages/219972?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.1.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-n7kg-dj54-qybc"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.1.9"},{"url":"http://public2.vulnerablecode.io/api/packages/54326?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.1.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.1.10"},{"url":"http://public2.vulnerablecode.io/api/packages/219973?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-n7kg-dj54-qybc"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.2"},{"url":"http://public2.vulnerablecode.io/api/packages/219974?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-n7kg-dj54-qybc"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.2.1"},{"url":"http://public2.vulnerablecode.io/api/packages/219975?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.2.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-n7kg-dj54-qybc"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.2.2"},{"url":"http://public2.vulnerablecode.io/api/packages/219976?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-n7kg-dj54-qybc"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/219977?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.2.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-n7kg-dj54-qybc"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.2.4"},{"url":"http://public2.vulnerablecode.io/api/packages/219978?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.2.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-n7kg-dj54-qybc"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.2.5"},{"url":"http://public2.vulnerablecode.io/api/packages/219979?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-n7kg-dj54-qybc"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.2.6"},{"url":"http://public2.vulnerablecode.io/api/packages/219980?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.2.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-n7kg-dj54-qybc"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.2.7"},{"url":"http://public2.vulnerablecode.io/api/packages/219981?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.2.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-n7kg-dj54-qybc"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.2.8"},{"url":"http://public2.vulnerablecode.io/api/packages/54327?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.2.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.2.9"},{"url":"http://public2.vulnerablecode.io/api/packages/219982?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.2.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.2.10"},{"url":"http://public2.vulnerablecode.io/api/packages/219983?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.2.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.2.11"},{"url":"http://public2.vulnerablecode.io/api/packages/219984?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.2.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.2.12"},{"url":"http://public2.vulnerablecode.io/api/packages/219985?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.3.0"},{"url":"http://public2.vulnerablecode.io/api/packages/219986?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.3.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/219987?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.3.2"},{"url":"http://public2.vulnerablecode.io/api/packages/219988?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.3.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.3.3"},{"url":"http://public2.vulnerablecode.io/api/packages/219989?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.3.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.3.4"},{"url":"http://public2.vulnerablecode.io/api/packages/219990?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.3.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.3.5"},{"url":"http://public2.vulnerablecode.io/api/packages/219991?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.3.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.3.6"},{"url":"http://public2.vulnerablecode.io/api/packages/219992?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.3.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.3.7"},{"url":"http://public2.vulnerablecode.io/api/packages/219993?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.3.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.3.8"},{"url":"http://public2.vulnerablecode.io/api/packages/219994?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.3.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.3.9"},{"url":"http://public2.vulnerablecode.io/api/packages/219995?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.3.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.3.10"},{"url":"http://public2.vulnerablecode.io/api/packages/219996?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.3.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.3.11"},{"url":"http://public2.vulnerablecode.io/api/packages/219997?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.4.0"},{"url":"http://public2.vulnerablecode.io/api/packages/219998?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.4.1"},{"url":"http://public2.vulnerablecode.io/api/packages/219999?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.4.2"},{"url":"http://public2.vulnerablecode.io/api/packages/220000?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.4.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.4.3"},{"url":"http://public2.vulnerablecode.io/api/packages/220001?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.4.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.4.4"},{"url":"http://public2.vulnerablecode.io/api/packages/220002?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.4.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.4.5"},{"url":"http://public2.vulnerablecode.io/api/packages/220003?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.4.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.4.6"},{"url":"http://public2.vulnerablecode.io/api/packages/220004?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.4.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.4.7"},{"url":"http://public2.vulnerablecode.io/api/packages/220005?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.4.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.4.8"},{"url":"http://public2.vulnerablecode.io/api/packages/220006?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.4.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.4.9"},{"url":"http://public2.vulnerablecode.io/api/packages/220007?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.4.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.4.10"},{"url":"http://public2.vulnerablecode.io/api/packages/52214?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-u5sk-1a1u-zuex"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.5.0"},{"url":"http://public2.vulnerablecode.io/api/packages/220008?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.5.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-u5sk-1a1u-zuex"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.5.1"},{"url":"http://public2.vulnerablecode.io/api/packages/220009?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.5.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-u5sk-1a1u-zuex"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.5.2"},{"url":"http://public2.vulnerablecode.io/api/packages/220010?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.5.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-u5sk-1a1u-zuex"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.5.3"},{"url":"http://public2.vulnerablecode.io/api/packages/220011?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.5.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-u5sk-1a1u-zuex"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.5.4"},{"url":"http://public2.vulnerablecode.io/api/packages/220012?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.5.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-u5sk-1a1u-zuex"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.5.5"},{"url":"http://public2.vulnerablecode.io/api/packages/220013?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.5.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-u5sk-1a1u-zuex"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.5.6"},{"url":"http://public2.vulnerablecode.io/api/packages/220014?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.5.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-u5sk-1a1u-zuex"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.5.7"},{"url":"http://public2.vulnerablecode.io/api/packages/220015?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.5.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-u5sk-1a1u-zuex"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.5.8"},{"url":"http://public2.vulnerablecode.io/api/packages/50595?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.6.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-u5sk-1a1u-zuex"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/220017?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.6.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-u5sk-1a1u-zuex"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.6.1"},{"url":"http://public2.vulnerablecode.io/api/packages/220018?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.6.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-u5sk-1a1u-zuex"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.6.2"},{"url":"http://public2.vulnerablecode.io/api/packages/220019?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.6.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-u5sk-1a1u-zuex"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.6.3"},{"url":"http://public2.vulnerablecode.io/api/packages/220020?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.6.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-u5sk-1a1u-zuex"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.6.4"},{"url":"http://public2.vulnerablecode.io/api/packages/220021?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.6.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-u5sk-1a1u-zuex"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.6.5"},{"url":"http://public2.vulnerablecode.io/api/packages/50596?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.7.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-u5sk-1a1u-zuex"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.7.0"},{"url":"http://public2.vulnerablecode.io/api/packages/220031?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.7.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-u5sk-1a1u-zuex"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.7.1"},{"url":"http://public2.vulnerablecode.io/api/packages/220032?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.7.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-akr4-z7v7-9qbc"},{"vulnerability":"VCID-ay9n-qxb3-qucj"},{"vulnerability":"VCID-darq-bg13-x3fd"},{"vulnerability":"VCID-u5sk-1a1u-zuex"},{"vulnerability":"VCID-x3q1-vymh-jkew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxrs@2.7.2"},{"url":"http://public2.vulnerablecode.io/api/packages/20230?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ghg-a6dy-tkb2"},{"vulnerability":"VCID-akr4-z7v7-9qbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.4.1"},{"url":"http://public2.vulnerablecode.io/api/packages/148345?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ghg-a6dy-tkb2"},{"vulnerability":"VCID-akr4-z7v7-9qbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.4.2"},{"url":"http://public2.vulnerablecode.io/api/packages/148346?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.4.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ghg-a6dy-tkb2"},{"vulnerability":"VCID-akr4-z7v7-9qbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.4.3"},{"url":"http://public2.vulnerablecode.io/api/packages/148347?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.4.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ghg-a6dy-tkb2"},{"vulnerability":"VCID-akr4-z7v7-9qbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.4.4"},{"url":"http://public2.vulnerablecode.io/api/packages/148348?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.4.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ghg-a6dy-tkb2"},{"vulnerability":"VCID-akr4-z7v7-9qbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.4.5"},{"url":"http://public2.vulnerablecode.io/api/packages/148349?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.4.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ghg-a6dy-tkb2"},{"vulnerability":"VCID-akr4-z7v7-9qbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.4.6"},{"url":"http://public2.vulnerablecode.io/api/packages/148350?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.4.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ghg-a6dy-tkb2"},{"vulnerability":"VCID-akr4-z7v7-9qbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.4.7"},{"url":"http://public2.vulnerablecode.io/api/packages/148351?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.4.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ghg-a6dy-tkb2"},{"vulnerability":"VCID-akr4-z7v7-9qbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.4.8"},{"url":"http://public2.vulnerablecode.io/api/packages/148352?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.4.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ghg-a6dy-tkb2"},{"vulnerability":"VCID-akr4-z7v7-9qbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.4.9"},{"url":"http://public2.vulnerablecode.io/api/packages/148353?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.4.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ghg-a6dy-tkb2"},{"vulnerability":"VCID-akr4-z7v7-9qbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.4.10"},{"url":"http://public2.vulnerablecode.io/api/packages/148354?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6dpm-n1kk-5fer"},{"vulnerability":"VCID-7ghg-a6dy-tkb2"},{"vulnerability":"VCID-akr4-z7v7-9qbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.5.0"},{"url":"http://public2.vulnerablecode.io/api/packages/148355?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.5.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6dpm-n1kk-5fer"},{"vulnerability":"VCID-7ghg-a6dy-tkb2"},{"vulnerability":"VCID-akr4-z7v7-9qbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.5.1"},{"url":"http://public2.vulnerablecode.io/api/packages/148356?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.5.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6dpm-n1kk-5fer"},{"vulnerability":"VCID-7ghg-a6dy-tkb2"},{"vulnerability":"VCID-akr4-z7v7-9qbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.5.2"},{"url":"http://public2.vulnerablecode.io/api/packages/148357?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.5.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6dpm-n1kk-5fer"},{"vulnerability":"VCID-7ghg-a6dy-tkb2"},{"vulnerability":"VCID-akr4-z7v7-9qbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.5.3"},{"url":"http://public2.vulnerablecode.io/api/packages/148358?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.5.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6dpm-n1kk-5fer"},{"vulnerability":"VCID-7ghg-a6dy-tkb2"},{"vulnerability":"VCID-akr4-z7v7-9qbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.5.4"},{"url":"http://public2.vulnerablecode.io/api/packages/148359?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.5.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6dpm-n1kk-5fer"},{"vulnerability":"VCID-7ghg-a6dy-tkb2"},{"vulnerability":"VCID-akr4-z7v7-9qbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.5.5"},{"url":"http://public2.vulnerablecode.io/api/packages/148360?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.5.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6dpm-n1kk-5fer"},{"vulnerability":"VCID-7ghg-a6dy-tkb2"},{"vulnerability":"VCID-akr4-z7v7-9qbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.5.6"},{"url":"http://public2.vulnerablecode.io/api/packages/20237?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.5.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6dpm-n1kk-5fer"},{"vulnerability":"VCID-7ghg-a6dy-tkb2"},{"vulnerability":"VCID-akr4-z7v7-9qbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.5.7"},{"url":"http://public2.vulnerablecode.io/api/packages/20242?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.5.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ghg-a6dy-tkb2"},{"vulnerability":"VCID-akr4-z7v7-9qbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.5.8"},{"url":"http://public2.vulnerablecode.io/api/packages/20231?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.6.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6dpm-n1kk-5fer"},{"vulnerability":"VCID-7ghg-a6dy-tkb2"},{"vulnerability":"VCID-akr4-z7v7-9qbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/148361?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.6.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6dpm-n1kk-5fer"},{"vulnerability":"VCID-7ghg-a6dy-tkb2"},{"vulnerability":"VCID-akr4-z7v7-9qbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.6.1"},{"url":"http://public2.vulnerablecode.io/api/packages/148362?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.6.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6dpm-n1kk-5fer"},{"vulnerability":"VCID-7ghg-a6dy-tkb2"},{"vulnerability":"VCID-akr4-z7v7-9qbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.6.2"},{"url":"http://public2.vulnerablecode.io/api/packages/148363?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.6.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6dpm-n1kk-5fer"},{"vulnerability":"VCID-7ghg-a6dy-tkb2"},{"vulnerability":"VCID-akr4-z7v7-9qbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.6.3"},{"url":"http://public2.vulnerablecode.io/api/packages/20239?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.6.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6dpm-n1kk-5fer"},{"vulnerability":"VCID-7ghg-a6dy-tkb2"},{"vulnerability":"VCID-akr4-z7v7-9qbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.6.4"},{"url":"http://public2.vulnerablecode.io/api/packages/20243?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.6.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ghg-a6dy-tkb2"},{"vulnerability":"VCID-akr4-z7v7-9qbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.6.5"},{"url":"http://public2.vulnerablecode.io/api/packages/20232?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.7.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6dpm-n1kk-5fer"},{"vulnerability":"VCID-7ghg-a6dy-tkb2"},{"vulnerability":"VCID-akr4-z7v7-9qbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.7.0"},{"url":"http://public2.vulnerablecode.io/api/packages/20241?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.7.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6dpm-n1kk-5fer"},{"vulnerability":"VCID-7ghg-a6dy-tkb2"},{"vulnerability":"VCID-akr4-z7v7-9qbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.7.1"},{"url":"http://public2.vulnerablecode.io/api/packages/20244?format=json","purl":"pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.7.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ghg-a6dy-tkb2"},{"vulnerability":"VCID-akr4-z7v7-9qbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.cxf/cxf-rt-ws-security@2.7.2"},{"url":"http://public2.vulnerablecode.io/api/packages/124797?format=json","purl":"pkg:rpm/redhat/apache-cxf@2.4.9-6.redhat_3.ep6?arch=el6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6dpm-n1kk-5fer"},{"vulnerability":"VCID-akr4-z7v7-9qbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/apache-cxf@2.4.9-6.redhat_3.ep6%3Farch=el6"},{"url":"http://public2.vulnerablecode.io/api/packages/124798?format=json","purl":"pkg:rpm/redhat/apache-cxf@2.4.9-6.redhat_3.ep6?arch=el5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6dpm-n1kk-5fer"},{"vulnerability":"VCID-akr4-z7v7-9qbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/apache-cxf@2.4.9-6.redhat_3.ep6%3Farch=el5"}],"references":[{"reference_url":"http://osvdb.org/90078","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/90078"},{"reference_url":"http://packetstormsecurity.com/files/120214/Apache-CXF-WS-Security-UsernameToken-Bypass.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://packetstormsecurity.com/files/120214/Apache-CXF-WS-Security-UsernameToken-Bypass.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0749.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-0749.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0239.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0239.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0239","reference_id":"","reference_type":"","scores":[{"value":"0.02653","scoring_system":"epss","scoring_elements":"0.85868","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02653","scoring_system":"epss","scoring_elements":"0.8587","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02653","scoring_system":"epss","scoring_elements":"0.85853","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02653","scoring_system":"epss","scoring_elements":"0.85831","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02653","scoring_system":"epss","scoring_elements":"0.85815","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02653","scoring_system":"epss","scoring_elements":"0.85814","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02653","scoring_system":"epss","scoring_elements":"0.85804","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02653","scoring_system":"epss","scoring_elements":"0.8578","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02653","scoring_system":"epss","scoring_elements":"0.85787","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02653","scoring_system":"epss","scoring_elements":"0.85782","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02653","scoring_system":"epss","scoring_elements":"0.85764","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02653","scoring_system":"epss","scoring_elements":"0.85767","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02653","scoring_system":"epss","scoring_elements":"0.85771","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02653","scoring_system":"epss","scoring_elements":"0.85702","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02653","scoring_system":"epss","scoring_elements":"0.85917","published_at":"2026-05-14T12:55:00Z"},{"value":"0.02653","scoring_system":"epss","scoring_elements":"0.85882","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02653","scoring_system":"epss","scoring_elements":"0.85726","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02653","scoring_system":"epss","scoring_elements":"0.85719","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02653","scoring_system":"epss","scoring_elements":"0.85756","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02653","scoring_system":"epss","scoring_elements":"0.85745","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02653","scoring_system":"epss","scoring_elements":"0.85689","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0239"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0239","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0239"},{"reference_url":"http://seclists.org/fulldisclosure/2013/Feb/39","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2013/Feb/39"},{"reference_url":"http://secunia.com/advisories/51988","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/51988"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/81981","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/81981"},{"reference_url":"https://github.com/apache/cxf","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/cxf"},{"reference_url":"https://github.com/apache/cxf/commit/295a4e2f9eb3e7e0513980202949ccc424dee2d4","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/cxf/commit/295a4e2f9eb3e7e0513980202949ccc424dee2d4"},{"reference_url":"https://github.com/apache/cxf/commit/e4c6b3b0899ef2ba87c2610efc323b71c13dd421","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/cxf/commit/e4c6b3b0899ef2ba87c2610efc323b71c13dd421"},{"reference_url":"https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E"},{"reference_url":"http://svn.apache.org/viewvc?view=revision&revision=1438424","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://svn.apache.org/viewvc?view=revision&revision=1438424"},{"reference_url":"https://web.archive.org/web/20200229102616/http://www.securityfocus.com/bid/57876","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20200229102616/http://www.securityfocus.com/bid/57876"},{"reference_url":"http://www.securityfocus.com/bid/57876","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/57876"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=905722","reference_id":"905722","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=905722"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:cxf:2.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:cxf:2.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:cxf:2.4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.4.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:cxf:2.4.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.4.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.4.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:cxf:2.4.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.4.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.4.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:cxf:2.4.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.4.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.4.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:cxf:2.4.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.4.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.4.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:cxf:2.4.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.4.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:cxf:2.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:cxf:2.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.5.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:cxf:2.5.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.5.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.5.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:cxf:2.5.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.5.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.5.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:cxf:2.5.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.5.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.5.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:cxf:2.5.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.5.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.5.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:cxf:2.5.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.5.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.5.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:cxf:2.5.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.5.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:cxf:2.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:cxf:2.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.6.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:cxf:2.6.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.6.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.6.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:cxf:2.6.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.6.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.6.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:cxf:2.6.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.6.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.6.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:cxf:2.6.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.6.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:cxf:2.7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:cxf:2.7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.7.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.7.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:cxf:2.7.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:cxf:2.7.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0239","reference_id":"CVE-2013-0239","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0239"},{"reference_url":"http://cxf.apache.org/cve-2013-0239.html","reference_id":"CVE-2013-0239.HTML","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://cxf.apache.org/cve-2013-0239.html"},{"reference_url":"https://github.com/advisories/GHSA-p5c5-6564-vvr8","reference_id":"GHSA-p5c5-6564-vvr8","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-p5c5-6564-vvr8"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0644","reference_id":"RHSA-2013:0644","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0644"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0645","reference_id":"RHSA-2013:0645","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0645"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0649","reference_id":"RHSA-2013:0649","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0649"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0749","reference_id":"RHSA-2013:0749","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0749"}],"weaknesses":[{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."},{"cwe_id":287,"name":"Improper Authentication","description":"When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."}],"exploits":[],"severity_range_score":"4.0 - 6.9","exploitability":"0.5","weighted_severity":"6.2","risk_score":3.1,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-akr4-z7v7-9qbc"}