{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72133?format=json","vulnerability_id":"VCID-5kns-j1rv-9ybf","summary":"The org.h2.util.JdbcUtils.getConnection method of the H2 database takes as parameters the class name of the driver and URL of the database. An attacker may pass a JNDI driver name and a URL leading to a LDAP or RMI servers, causing remote code execution. This can be exploited through various attack vectors, most notably through the H2 Console which leads to unauthenticated remote code execution.","aliases":[{"alias":"CVE-2021-42392"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516158?format=json","purl":"pkg:deb/debian/h2database@1.4.197-4%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kns-j1rv-9ybf"},{"vulnerability":"VCID-sw4g-uf26-m3bw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/h2database@1.4.197-4%252Bdeb10u1"},{"url":"http://public2.vulnerablecode.io/api/packages/98248?format=json","purl":"pkg:deb/debian/h2database@1.4.197-4%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/h2database@1.4.197-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/909384?format=json","purl":"pkg:deb/debian/h2database@1.4.197-4%2Bdeb11u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/h2database@1.4.197-4%252Bdeb11u1"},{"url":"http://public2.vulnerablecode.io/api/packages/98250?format=json","purl":"pkg:deb/debian/h2database@2.1.210-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/h2database@2.1.210-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98246?format=json","purl":"pkg:deb/debian/h2database@2.1.214-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/h2database@2.1.214-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98249?format=json","purl":"pkg:deb/debian/h2database@2.2.220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/h2database@2.2.220-1%3Fdistro=trixie"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516157?format=json","purl":"pkg:deb/debian/h2database@1.4.193-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kns-j1rv-9ybf"},{"vulnerability":"VCID-sw4g-uf26-m3bw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/h2database@1.4.193-1"},{"url":"http://public2.vulnerablecode.io/api/packages/516158?format=json","purl":"pkg:deb/debian/h2database@1.4.197-4%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kns-j1rv-9ybf"},{"vulnerability":"VCID-sw4g-uf26-m3bw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/h2database@1.4.197-4%252Bdeb10u1"},{"url":"http://public2.vulnerablecode.io/api/packages/134429?format=json","purl":"pkg:rpm/redhat/eap7-h2database@1.4.197-2.redhat_00004.1?arch=el7eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kns-j1rv-9ybf"},{"vulnerability":"VCID-sw4g-uf26-m3bw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-h2database@1.4.197-2.redhat_00004.1%3Farch=el7eap"},{"url":"http://public2.vulnerablecode.io/api/packages/134431?format=json","purl":"pkg:rpm/redhat/eap7-h2database@1.4.197-2.redhat_00004.1?arch=el8eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kns-j1rv-9ybf"},{"vulnerability":"VCID-sw4g-uf26-m3bw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-h2database@1.4.197-2.redhat_00004.1%3Farch=el8eap"},{"url":"http://public2.vulnerablecode.io/api/packages/126411?format=json","purl":"pkg:rpm/redhat/eap7-hal-console@3.2.17-1.Final_redhat_00001.1?arch=el7eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kns-j1rv-9ybf"},{"vulnerability":"VCID-8n99-buv5-wkes"},{"vulnerability":"VCID-d2hp-jmtk-kfb9"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-hm4x-n9xk-ckes"},{"vulnerability":"VCID-m99z-sjft-8fbs"},{"vulnerability":"VCID-nbdw-rgrx-bkeb"},{"vulnerability":"VCID-r4xe-h69g-vfhk"},{"vulnerability":"VCID-uumb-j4ue-fbfe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-hal-console@3.2.17-1.Final_redhat_00001.1%3Farch=el7eap"},{"url":"http://public2.vulnerablecode.io/api/packages/126418?format=json","purl":"pkg:rpm/redhat/eap7-jackson-annotations@2.10.4-2.redhat_00004.1?arch=el7eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kns-j1rv-9ybf"},{"vulnerability":"VCID-8n99-buv5-wkes"},{"vulnerability":"VCID-d2hp-jmtk-kfb9"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-hm4x-n9xk-ckes"},{"vulnerability":"VCID-m99z-sjft-8fbs"},{"vulnerability":"VCID-nbdw-rgrx-bkeb"},{"vulnerability":"VCID-r4xe-h69g-vfhk"},{"vulnerability":"VCID-uumb-j4ue-fbfe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-annotations@2.10.4-2.redhat_00004.1%3Farch=el7eap"},{"url":"http://public2.vulnerablecode.io/api/packages/126421?format=json","purl":"pkg:rpm/redhat/eap7-jackson-core@2.10.4-2.redhat_00004.1?arch=el7eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kns-j1rv-9ybf"},{"vulnerability":"VCID-8n99-buv5-wkes"},{"vulnerability":"VCID-d2hp-jmtk-kfb9"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-hm4x-n9xk-ckes"},{"vulnerability":"VCID-m99z-sjft-8fbs"},{"vulnerability":"VCID-nbdw-rgrx-bkeb"},{"vulnerability":"VCID-r4xe-h69g-vfhk"},{"vulnerability":"VCID-uumb-j4ue-fbfe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-core@2.10.4-2.redhat_00004.1%3Farch=el7eap"},{"url":"http://public2.vulnerablecode.io/api/packages/126420?format=json","purl":"pkg:rpm/redhat/eap7-jackson-databind@2.10.4-4.redhat_00004.1?arch=el7eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kns-j1rv-9ybf"},{"vulnerability":"VCID-8n99-buv5-wkes"},{"vulnerability":"VCID-d2hp-jmtk-kfb9"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-hm4x-n9xk-ckes"},{"vulnerability":"VCID-m99z-sjft-8fbs"},{"vulnerability":"VCID-nbdw-rgrx-bkeb"},{"vulnerability":"VCID-r4xe-h69g-vfhk"},{"vulnerability":"VCID-r94a-3fq2-efdg"},{"vulnerability":"VCID-uumb-j4ue-fbfe"},{"vulnerability":"VCID-w1c4-c4xs-yba4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-databind@2.10.4-4.redhat_00004.1%3Farch=el7eap"},{"url":"http://public2.vulnerablecode.io/api/packages/126423?format=json","purl":"pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.10.4-2.redhat_00004.1?arch=el7eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kns-j1rv-9ybf"},{"vulnerability":"VCID-8n99-buv5-wkes"},{"vulnerability":"VCID-d2hp-jmtk-kfb9"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-hm4x-n9xk-ckes"},{"vulnerability":"VCID-m99z-sjft-8fbs"},{"vulnerability":"VCID-nbdw-rgrx-bkeb"},{"vulnerability":"VCID-r4xe-h69g-vfhk"},{"vulnerability":"VCID-uumb-j4ue-fbfe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.10.4-2.redhat_00004.1%3Farch=el7eap"},{"url":"http://public2.vulnerablecode.io/api/packages/126412?format=json","purl":"pkg:rpm/redhat/eap7-jackson-modules-base@2.10.4-4.redhat_00004.1?arch=el7eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kns-j1rv-9ybf"},{"vulnerability":"VCID-8n99-buv5-wkes"},{"vulnerability":"VCID-d2hp-jmtk-kfb9"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-hm4x-n9xk-ckes"},{"vulnerability":"VCID-m99z-sjft-8fbs"},{"vulnerability":"VCID-nbdw-rgrx-bkeb"},{"vulnerability":"VCID-r4xe-h69g-vfhk"},{"vulnerability":"VCID-uumb-j4ue-fbfe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-modules-base@2.10.4-4.redhat_00004.1%3Farch=el7eap"},{"url":"http://public2.vulnerablecode.io/api/packages/126415?format=json","purl":"pkg:rpm/redhat/eap7-jackson-modules-java8@2.10.4-2.redhat_00004.1?arch=el7eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kns-j1rv-9ybf"},{"vulnerability":"VCID-8n99-buv5-wkes"},{"vulnerability":"VCID-az78-umjq-z3bc"},{"vulnerability":"VCID-d2hp-jmtk-kfb9"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-hm4x-n9xk-ckes"},{"vulnerability":"VCID-m99z-sjft-8fbs"},{"vulnerability":"VCID-nbdw-rgrx-bkeb"},{"vulnerability":"VCID-r4xe-h69g-vfhk"},{"vulnerability":"VCID-r94a-3fq2-efdg"},{"vulnerability":"VCID-uumb-j4ue-fbfe"},{"vulnerability":"VCID-w1c4-c4xs-yba4"},{"vulnerability":"VCID-yywj-jh4h-qbhw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jackson-modules-java8@2.10.4-2.redhat_00004.1%3Farch=el7eap"},{"url":"http://public2.vulnerablecode.io/api/packages/126422?format=json","purl":"pkg:rpm/redhat/eap7-jettison@1.5.2-2.redhat_00002.1?arch=el7eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kns-j1rv-9ybf"},{"vulnerability":"VCID-8n99-buv5-wkes"},{"vulnerability":"VCID-d2hp-jmtk-kfb9"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-hm4x-n9xk-ckes"},{"vulnerability":"VCID-m99z-sjft-8fbs"},{"vulnerability":"VCID-nbdw-rgrx-bkeb"},{"vulnerability":"VCID-r4xe-h69g-vfhk"},{"vulnerability":"VCID-uumb-j4ue-fbfe"},{"vulnerability":"VCID-yywj-jh4h-qbhw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jettison@1.5.2-2.redhat_00002.1%3Farch=el7eap"},{"url":"http://public2.vulnerablecode.io/api/packages/126426?format=json","purl":"pkg:rpm/redhat/eap7-netty@4.1.63-4.Final_redhat_00002.1?arch=el7eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kns-j1rv-9ybf"},{"vulnerability":"VCID-8n99-buv5-wkes"},{"vulnerability":"VCID-d2hp-jmtk-kfb9"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-hm4x-n9xk-ckes"},{"vulnerability":"VCID-m99z-sjft-8fbs"},{"vulnerability":"VCID-nbdw-rgrx-bkeb"},{"vulnerability":"VCID-r4xe-h69g-vfhk"},{"vulnerability":"VCID-uumb-j4ue-fbfe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-netty@4.1.63-4.Final_redhat_00002.1%3Farch=el7eap"},{"url":"http://public2.vulnerablecode.io/api/packages/126413?format=json","purl":"pkg:rpm/redhat/eap7-resteasy@3.11.6-1.Final_redhat_00001.1?arch=el7eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kns-j1rv-9ybf"},{"vulnerability":"VCID-8n99-buv5-wkes"},{"vulnerability":"VCID-az78-umjq-z3bc"},{"vulnerability":"VCID-d2hp-jmtk-kfb9"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-hm4x-n9xk-ckes"},{"vulnerability":"VCID-m99z-sjft-8fbs"},{"vulnerability":"VCID-nbdw-rgrx-bkeb"},{"vulnerability":"VCID-r4xe-h69g-vfhk"},{"vulnerability":"VCID-r94a-3fq2-efdg"},{"vulnerability":"VCID-uumb-j4ue-fbfe"},{"vulnerability":"VCID-w1c4-c4xs-yba4"},{"vulnerability":"VCID-yywj-jh4h-qbhw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-resteasy@3.11.6-1.Final_redhat_00001.1%3Farch=el7eap"},{"url":"http://public2.vulnerablecode.io/api/packages/126424?format=json","purl":"pkg:rpm/redhat/eap7-snakeyaml@1.33.0-1.SP1_redhat_00001.1?arch=el7eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kns-j1rv-9ybf"},{"vulnerability":"VCID-8n99-buv5-wkes"},{"vulnerability":"VCID-az78-umjq-z3bc"},{"vulnerability":"VCID-d2hp-jmtk-kfb9"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-hm4x-n9xk-ckes"},{"vulnerability":"VCID-m99z-sjft-8fbs"},{"vulnerability":"VCID-nbdw-rgrx-bkeb"},{"vulnerability":"VCID-r4xe-h69g-vfhk"},{"vulnerability":"VCID-uumb-j4ue-fbfe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-snakeyaml@1.33.0-1.SP1_redhat_00001.1%3Farch=el7eap"},{"url":"http://public2.vulnerablecode.io/api/packages/126417?format=json","purl":"pkg:rpm/redhat/eap7-wildfly@7.3.12-3.GA_redhat_00002.1?arch=el7eap","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kns-j1rv-9ybf"},{"vulnerability":"VCID-8n99-buv5-wkes"},{"vulnerability":"VCID-d2hp-jmtk-kfb9"},{"vulnerability":"VCID-e9hn-47hj-jbbc"},{"vulnerability":"VCID-hm4x-n9xk-ckes"},{"vulnerability":"VCID-m99z-sjft-8fbs"},{"vulnerability":"VCID-nbdw-rgrx-bkeb"},{"vulnerability":"VCID-r4xe-h69g-vfhk"},{"vulnerability":"VCID-uumb-j4ue-fbfe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly@7.3.12-3.GA_redhat_00002.1%3Farch=el7eap"},{"url":"http://public2.vulnerablecode.io/api/packages/130639?format=json","purl":"pkg:rpm/redhat/rh-sso7@1-5?arch=el9sso","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3dxq-vw4d-jfhq"},{"vulnerability":"VCID-5kns-j1rv-9ybf"},{"vulnerability":"VCID-8fr2-v728-cfcc"},{"vulnerability":"VCID-8sqn-nkzx-euec"},{"vulnerability":"VCID-8ze1-r95u-xbg8"},{"vulnerability":"VCID-9evr-uk2w-ayg6"},{"vulnerability":"VCID-ag7u-zdts-2qb1"},{"vulnerability":"VCID-apmf-stq4-8udt"},{"vulnerability":"VCID-c4ms-cx82-n7bm"},{"vulnerability":"VCID-r9dc-6tk9-qkeh"},{"vulnerability":"VCID-tqvr-tetp-8ugb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7@1-5%3Farch=el9sso"},{"url":"http://public2.vulnerablecode.io/api/packages/130644?format=json","purl":"pkg:rpm/redhat/rh-sso7-javapackages-tools@6.0.0-7?arch=el9sso","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3dxq-vw4d-jfhq"},{"vulnerability":"VCID-5kns-j1rv-9ybf"},{"vulnerability":"VCID-8fr2-v728-cfcc"},{"vulnerability":"VCID-8sqn-nkzx-euec"},{"vulnerability":"VCID-8ze1-r95u-xbg8"},{"vulnerability":"VCID-9evr-uk2w-ayg6"},{"vulnerability":"VCID-ag7u-zdts-2qb1"},{"vulnerability":"VCID-apmf-stq4-8udt"},{"vulnerability":"VCID-c4ms-cx82-n7bm"},{"vulnerability":"VCID-tqvr-tetp-8ugb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-javapackages-tools@6.0.0-7%3Farch=el9sso"},{"url":"http://public2.vulnerablecode.io/api/packages/130640?format=json","purl":"pkg:rpm/redhat/rh-sso7-keycloak@15.0.8-1.redhat_00001.1?arch=el7sso","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kns-j1rv-9ybf"},{"vulnerability":"VCID-8fr2-v728-cfcc"},{"vulnerability":"VCID-8sqn-nkzx-euec"},{"vulnerability":"VCID-8ze1-r95u-xbg8"},{"vulnerability":"VCID-9evr-uk2w-ayg6"},{"vulnerability":"VCID-ag7u-zdts-2qb1"},{"vulnerability":"VCID-apmf-stq4-8udt"},{"vulnerability":"VCID-kfxs-f5j7-mfhu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@15.0.8-1.redhat_00001.1%3Farch=el7sso"},{"url":"http://public2.vulnerablecode.io/api/packages/130643?format=json","purl":"pkg:rpm/redhat/rh-sso7-keycloak@15.0.8-1.redhat_00001.1?arch=el8sso","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kns-j1rv-9ybf"},{"vulnerability":"VCID-8fr2-v728-cfcc"},{"vulnerability":"VCID-8sqn-nkzx-euec"},{"vulnerability":"VCID-8ze1-r95u-xbg8"},{"vulnerability":"VCID-9evr-uk2w-ayg6"},{"vulnerability":"VCID-ag7u-zdts-2qb1"},{"vulnerability":"VCID-apmf-stq4-8udt"},{"vulnerability":"VCID-kfxs-f5j7-mfhu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@15.0.8-1.redhat_00001.1%3Farch=el8sso"},{"url":"http://public2.vulnerablecode.io/api/packages/130638?format=json","purl":"pkg:rpm/redhat/rh-sso7-keycloak@18.0.3-1.redhat_00001.1?arch=el9sso","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3dxq-vw4d-jfhq"},{"vulnerability":"VCID-5kns-j1rv-9ybf"},{"vulnerability":"VCID-8fr2-v728-cfcc"},{"vulnerability":"VCID-8sqn-nkzx-euec"},{"vulnerability":"VCID-8ze1-r95u-xbg8"},{"vulnerability":"VCID-9evr-uk2w-ayg6"},{"vulnerability":"VCID-ag7u-zdts-2qb1"},{"vulnerability":"VCID-apmf-stq4-8udt"},{"vulnerability":"VCID-c4ms-cx82-n7bm"},{"vulnerability":"VCID-r9dc-6tk9-qkeh"},{"vulnerability":"VCID-tqvr-tetp-8ugb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@18.0.3-1.redhat_00001.1%3Farch=el9sso"},{"url":"http://public2.vulnerablecode.io/api/packages/130641?format=json","purl":"pkg:rpm/redhat/rh-sso7-keycloak@18.0.3-1.redhat_00001.1?arch=el8sso","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3dxq-vw4d-jfhq"},{"vulnerability":"VCID-5kns-j1rv-9ybf"},{"vulnerability":"VCID-8fr2-v728-cfcc"},{"vulnerability":"VCID-8sqn-nkzx-euec"},{"vulnerability":"VCID-8ze1-r95u-xbg8"},{"vulnerability":"VCID-9evr-uk2w-ayg6"},{"vulnerability":"VCID-ag7u-zdts-2qb1"},{"vulnerability":"VCID-apmf-stq4-8udt"},{"vulnerability":"VCID-c4ms-cx82-n7bm"},{"vulnerability":"VCID-r9dc-6tk9-qkeh"},{"vulnerability":"VCID-tqvr-tetp-8ugb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@18.0.3-1.redhat_00001.1%3Farch=el8sso"},{"url":"http://public2.vulnerablecode.io/api/packages/130642?format=json","purl":"pkg:rpm/redhat/rh-sso7-keycloak@18.0.3-1.redhat_00001.1?arch=el7sso","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3dxq-vw4d-jfhq"},{"vulnerability":"VCID-5kns-j1rv-9ybf"},{"vulnerability":"VCID-8fr2-v728-cfcc"},{"vulnerability":"VCID-8sqn-nkzx-euec"},{"vulnerability":"VCID-8ze1-r95u-xbg8"},{"vulnerability":"VCID-9evr-uk2w-ayg6"},{"vulnerability":"VCID-ag7u-zdts-2qb1"},{"vulnerability":"VCID-apmf-stq4-8udt"},{"vulnerability":"VCID-c4ms-cx82-n7bm"},{"vulnerability":"VCID-r9dc-6tk9-qkeh"},{"vulnerability":"VCID-tqvr-tetp-8ugb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@18.0.3-1.redhat_00001.1%3Farch=el7sso"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42392.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42392.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-42392","reference_id":"","reference_type":"","scores":[{"value":"0.90592","scoring_system":"epss","scoring_elements":"0.99632","published_at":"2026-06-08T12:55:00Z"},{"value":"0.90592","scoring_system":"epss","scoring_elements":"0.99633","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-42392"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42392","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42392"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23221","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23221"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003894","reference_id":"1003894","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003894"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2039403","reference_id":"2039403","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2039403"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1013","reference_id":"RHSA-2022:1013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4918","reference_id":"RHSA-2022:4918","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4918"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4919","reference_id":"RHSA-2022:4919","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4919"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4922","reference_id":"RHSA-2022:4922","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4922"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6782","reference_id":"RHSA-2022:6782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6783","reference_id":"RHSA-2022:6783","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6783"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6787","reference_id":"RHSA-2022:6787","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6787"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7409","reference_id":"RHSA-2022:7409","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7409"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7410","reference_id":"RHSA-2022:7410","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7410"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7411","reference_id":"RHSA-2022:7411","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7411"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7417","reference_id":"RHSA-2022:7417","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7417"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1747","reference_id":"RHSA-2025:1747","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1747"},{"reference_url":"https://usn.ubuntu.com/5365-1/","reference_id":"USN-5365-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5365-1/"},{"reference_url":"https://usn.ubuntu.com/6834-1/","reference_id":"USN-6834-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6834-1/"}],"weaknesses":[{"cwe_id":502,"name":"Deserialization of Untrusted Data","description":"The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid."}],"exploits":[],"severity_range_score":"9.8 - 9.8","exploitability":"2.0","weighted_severity":"8.8","risk_score":10.0,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5kns-j1rv-9ybf"}