{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/98705?format=json","vulnerability_id":"VCID-cyk5-5eaa-nubh","summary":"A parsing issue similar to CVE-2022-3171, but with textformat in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend updating to the versions mentioned above.","aliases":[{"alias":"CVE-2022-3509"},{"alias":"GHSA-g5ww-5jh7-63cx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/124238?format=json","purl":"pkg:deb/debian/protobuf@3.21.9-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/protobuf@3.21.9-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/124237?format=json","purl":"pkg:deb/debian/protobuf@3.21.12-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-q9yb-5dsu-uuft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/protobuf@3.21.12-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/509814?format=json","purl":"pkg:deb/debian/protobuf@3.21.12-3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-q9yb-5dsu-uuft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/protobuf@3.21.12-3"},{"url":"http://public2.vulnerablecode.io/api/packages/124241?format=json","purl":"pkg:deb/debian/protobuf@3.21.12-11?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-q9yb-5dsu-uuft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/protobuf@3.21.12-11%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/124240?format=json","purl":"pkg:deb/debian/protobuf@3.21.12-15?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/protobuf@3.21.12-15%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/191963?format=json","purl":"pkg:ebuild/dev-java/protobuf-java@3.20.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/protobuf-java@3.20.3"},{"url":"http://public2.vulnerablecode.io/api/packages/144492?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.16.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-evzn-t2as-qfbn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.16.3"},{"url":"http://public2.vulnerablecode.io/api/packages/144491?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.19.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-evzn-t2as-qfbn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.19.6"},{"url":"http://public2.vulnerablecode.io/api/packages/144490?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.20.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-evzn-t2as-qfbn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.20.3"},{"url":"http://public2.vulnerablecode.io/api/packages/144485?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.21.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-evzn-t2as-qfbn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.21.7"},{"url":"http://public2.vulnerablecode.io/api/packages/144501?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-javalite@3.16.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-evzn-t2as-qfbn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-javalite@3.16.3"},{"url":"http://public2.vulnerablecode.io/api/packages/144499?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-javalite@3.20.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-evzn-t2as-qfbn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-javalite@3.20.3"},{"url":"http://public2.vulnerablecode.io/api/packages/144488?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-javalite@3.21.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-evzn-t2as-qfbn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-javalite@3.21.7"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/124239?format=json","purl":"pkg:deb/debian/protobuf@3.12.4-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-q9yb-5dsu-uuft"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/protobuf@3.12.4-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/509813?format=json","purl":"pkg:deb/debian/protobuf@3.12.4-1%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-q9yb-5dsu-uuft"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/protobuf@3.12.4-1%252Bdeb11u1"},{"url":"http://public2.vulnerablecode.io/api/packages/185965?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/185966?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/185967?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.1.0"},{"url":"http://public2.vulnerablecode.io/api/packages/185968?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.2.0rc2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.2.0rc2"},{"url":"http://public2.vulnerablecode.io/api/packages/185969?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.2.0-rc.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.2.0-rc.1"},{"url":"http://public2.vulnerablecode.io/api/packages/185970?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/185971?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.3.0"},{"url":"http://public2.vulnerablecode.io/api/packages/185972?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.3.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/185973?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.4.0"},{"url":"http://public2.vulnerablecode.io/api/packages/185974?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.5.0"},{"url":"http://public2.vulnerablecode.io/api/packages/185975?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.5.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.5.1"},{"url":"http://public2.vulnerablecode.io/api/packages/185976?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.6.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/185977?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.6.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.6.1"},{"url":"http://public2.vulnerablecode.io/api/packages/185978?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.7.0-rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.7.0-rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/185979?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.7.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.7.0"},{"url":"http://public2.vulnerablecode.io/api/packages/185980?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.7.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.7.1"},{"url":"http://public2.vulnerablecode.io/api/packages/185981?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.8.0-rc-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.8.0-rc-1"},{"url":"http://public2.vulnerablecode.io/api/packages/185982?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.8.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.8.0"},{"url":"http://public2.vulnerablecode.io/api/packages/185983?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.9.0-rc-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.9.0-rc-1"},{"url":"http://public2.vulnerablecode.io/api/packages/185984?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.9.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.9.0"},{"url":"http://public2.vulnerablecode.io/api/packages/185985?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.9.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.9.1"},{"url":"http://public2.vulnerablecode.io/api/packages/185986?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.9.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.9.2"},{"url":"http://public2.vulnerablecode.io/api/packages/185987?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.10.0-rc-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.10.0-rc-1"},{"url":"http://public2.vulnerablecode.io/api/packages/185988?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.10.0"},{"url":"http://public2.vulnerablecode.io/api/packages/185989?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.11.0-rc-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.11.0-rc-1"},{"url":"http://public2.vulnerablecode.io/api/packages/185990?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.11.0-rc-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.11.0-rc-2"},{"url":"http://public2.vulnerablecode.io/api/packages/185991?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.11.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.11.0"},{"url":"http://public2.vulnerablecode.io/api/packages/185992?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.11.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.11.1"},{"url":"http://public2.vulnerablecode.io/api/packages/185993?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.11.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.11.3"},{"url":"http://public2.vulnerablecode.io/api/packages/185994?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.11.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.11.4"},{"url":"http://public2.vulnerablecode.io/api/packages/185995?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.12.0-rc-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.12.0-rc-1"},{"url":"http://public2.vulnerablecode.io/api/packages/185996?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.12.0-rc-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.12.0-rc-2"},{"url":"http://public2.vulnerablecode.io/api/packages/185997?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.12.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.12.0"},{"url":"http://public2.vulnerablecode.io/api/packages/185998?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.12.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.12.1"},{"url":"http://public2.vulnerablecode.io/api/packages/185999?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.12.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.12.2"},{"url":"http://public2.vulnerablecode.io/api/packages/186000?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.12.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.12.4"},{"url":"http://public2.vulnerablecode.io/api/packages/186001?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.13.0-rc-3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.13.0-rc-3"},{"url":"http://public2.vulnerablecode.io/api/packages/186002?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.13.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.13.0"},{"url":"http://public2.vulnerablecode.io/api/packages/186003?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.14.0-rc-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.14.0-rc-1"},{"url":"http://public2.vulnerablecode.io/api/packages/186004?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.14.0-rc-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.14.0-rc-2"},{"url":"http://public2.vulnerablecode.io/api/packages/186005?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.14.0-rc-3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.14.0-rc-3"},{"url":"http://public2.vulnerablecode.io/api/packages/186006?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.14.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.14.0"},{"url":"http://public2.vulnerablecode.io/api/packages/186007?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.15.0-rc-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.15.0-rc-1"},{"url":"http://public2.vulnerablecode.io/api/packages/186008?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.15.0-rc-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-f9f2-212v-c7a6"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.15.0-rc-2"},{"url":"http://public2.vulnerablecode.io/api/packages/60301?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.15.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.15.0"},{"url":"http://public2.vulnerablecode.io/api/packages/550792?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.15.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.15.1"},{"url":"http://public2.vulnerablecode.io/api/packages/550793?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.15.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.15.2"},{"url":"http://public2.vulnerablecode.io/api/packages/550794?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.15.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.15.3"},{"url":"http://public2.vulnerablecode.io/api/packages/550795?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.15.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.15.4"},{"url":"http://public2.vulnerablecode.io/api/packages/550796?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.15.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.15.5"},{"url":"http://public2.vulnerablecode.io/api/packages/550797?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.15.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.15.6"},{"url":"http://public2.vulnerablecode.io/api/packages/550798?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.15.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.15.7"},{"url":"http://public2.vulnerablecode.io/api/packages/550799?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.15.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.15.8"},{"url":"http://public2.vulnerablecode.io/api/packages/550800?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.16.0-rc-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.16.0-rc-1"},{"url":"http://public2.vulnerablecode.io/api/packages/550801?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.16.0-rc-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.16.0-rc-2"},{"url":"http://public2.vulnerablecode.io/api/packages/550802?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.16.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.16.0"},{"url":"http://public2.vulnerablecode.io/api/packages/60112?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.16.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.16.1"},{"url":"http://public2.vulnerablecode.io/api/packages/504530?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.17.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.17.0"},{"url":"http://public2.vulnerablecode.io/api/packages/614714?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.17.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.17.1"},{"url":"http://public2.vulnerablecode.io/api/packages/614715?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.17.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.17.2"},{"url":"http://public2.vulnerablecode.io/api/packages/614716?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.17.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.17.3"},{"url":"http://public2.vulnerablecode.io/api/packages/614717?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.18.0-rc-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.18.0-rc-1"},{"url":"http://public2.vulnerablecode.io/api/packages/614718?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.18.0-rc-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.18.0-rc-2"},{"url":"http://public2.vulnerablecode.io/api/packages/60110?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.18.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.18.0"},{"url":"http://public2.vulnerablecode.io/api/packages/550803?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.18.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.18.1"},{"url":"http://public2.vulnerablecode.io/api/packages/60113?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.18.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.18.2"},{"url":"http://public2.vulnerablecode.io/api/packages/614719?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.18.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.18.3"},{"url":"http://public2.vulnerablecode.io/api/packages/614720?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.19.0-rc-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.19.0-rc-1"},{"url":"http://public2.vulnerablecode.io/api/packages/614721?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.19.0-rc-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.19.0-rc-2"},{"url":"http://public2.vulnerablecode.io/api/packages/60111?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.19.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.19.0"},{"url":"http://public2.vulnerablecode.io/api/packages/550804?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.19.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"},{"vulnerability":"VCID-z8kw-qr2z-4qe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.19.1"},{"url":"http://public2.vulnerablecode.io/api/packages/60114?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.19.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.19.2"},{"url":"http://public2.vulnerablecode.io/api/packages/614722?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.19.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.19.3"},{"url":"http://public2.vulnerablecode.io/api/packages/614723?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.19.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.19.4"},{"url":"http://public2.vulnerablecode.io/api/packages/614724?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.19.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.19.5"},{"url":"http://public2.vulnerablecode.io/api/packages/504531?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.20.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.20.0"},{"url":"http://public2.vulnerablecode.io/api/packages/614725?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.20.1-rc-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.20.1-rc-1"},{"url":"http://public2.vulnerablecode.io/api/packages/614726?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.20.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.20.1"},{"url":"http://public2.vulnerablecode.io/api/packages/614727?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.20.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.20.2"},{"url":"http://public2.vulnerablecode.io/api/packages/504532?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.21.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.21.0"},{"url":"http://public2.vulnerablecode.io/api/packages/614728?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.21.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.21.1"},{"url":"http://public2.vulnerablecode.io/api/packages/614729?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.21.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.21.2"},{"url":"http://public2.vulnerablecode.io/api/packages/614730?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.21.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.21.3"},{"url":"http://public2.vulnerablecode.io/api/packages/614731?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.21.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.21.4"},{"url":"http://public2.vulnerablecode.io/api/packages/614732?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.21.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.21.5"},{"url":"http://public2.vulnerablecode.io/api/packages/614733?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-java@3.21.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-java@3.21.6"},{"url":"http://public2.vulnerablecode.io/api/packages/504843?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-javalite@3.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-sar2-p37e-b3df"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-javalite@3.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/504845?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-javalite@3.20.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-javalite@3.20.0"},{"url":"http://public2.vulnerablecode.io/api/packages/504846?format=json","purl":"pkg:maven/com.google.protobuf/protobuf-javalite@3.21.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cyk5-5eaa-nubh"},{"vulnerability":"VCID-evzn-t2as-qfbn"},{"vulnerability":"VCID-sar2-p37e-b3df"},{"vulnerability":"VCID-w8kg-x567-r7bj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.google.protobuf/protobuf-javalite@3.21.0"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3509.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3509.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3509","reference_id":"","reference_type":"","scores":[{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31227","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31237","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31304","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31271","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31236","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31204","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3509"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/protocolbuffers/protobuf/blob/v2.6.1/java/core/src/main/java/com/google/protobuf/MessageReflection.java","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/protocolbuffers/protobuf/blob/v2.6.1/java/core/src/main/java/com/google/protobuf/MessageReflection.java"},{"reference_url":"https://github.com/protocolbuffers/protobuf/blob/v3.0.0/java/core/src/main/java/com/google/protobuf/MessageReflection.java","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/protocolbuffers/protobuf/blob/v3.0.0/java/core/src/main/java/com/google/protobuf/MessageReflection.java"},{"reference_url":"https://github.com/protocolbuffers/protobuf/commit/a3888f53317a8018e7a439bac4abeb8f3425d5e9","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:09:47Z/"}],"url":"https://github.com/protocolbuffers/protobuf/commit/a3888f53317a8018e7a439bac4abeb8f3425d5e9"},{"reference_url":"https://github.com/protocolbuffers/protobuf/tree/main/java","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/protocolbuffers/protobuf/tree/main/java"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3509","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3509"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2184161","reference_id":"2184161","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2184161"},{"reference_url":"https://github.com/advisories/GHSA-g5ww-5jh7-63cx","reference_id":"GHSA-g5ww-5jh7-63cx","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-g5ww-5jh7-63cx"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1855","reference_id":"RHSA-2023:1855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3815","reference_id":"RHSA-2023:3815","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3815"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4983","reference_id":"RHSA-2023:4983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4983"}],"weaknesses":[{"cwe_id":915,"name":"Improperly Controlled Modification of Dynamically-Determined Object Attributes","description":"The product receives input from an upstream component that specifies multiple attributes, properties, or fields that are to be initialized or updated in an object, but it does not properly control which attributes can be modified."},{"cwe_id":400,"name":"Uncontrolled Resource Consumption","description":"The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."},{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."}],"exploits":[],"severity_range_score":"5.3 - 8.9","exploitability":"0.5","weighted_severity":"8.0","risk_score":4.0,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cyk5-5eaa-nubh"}