Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/102265?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/102265?format=api", "purl": "pkg:rpm/redhat/unbound@1.7.3-15?arch=el8", "type": "rpm", "namespace": "redhat", "name": "unbound", "version": "1.7.3-15", "qualifiers": { "arch": "el8" }, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81748?format=api", "vulnerability_id": "VCID-2d5q-y4tv-ukgb", "summary": "unbound: out-of-bounds write in sldns_bget_token_par", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25035.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25035.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25035", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72792", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72799", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72819", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72795", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72833", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72847", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72872", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72855", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72848", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.7289", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72899", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72892", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72934", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72944", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25035" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954780", "reference_id": "1954780", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954780" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1853", "reference_id": "RHSA-2021:1853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0632", "reference_id": "RHSA-2022:0632", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0632" }, { "reference_url": "https://usn.ubuntu.com/4938-1/", "reference_id": "USN-4938-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4938-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2019-25035" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2d5q-y4tv-ukgb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81753?format=api", "vulnerability_id": "VCID-a58b-qqsv-9fec", "summary": "unbound: infinite loop via a compressed name in dname_pkt_copy", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25040.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25040.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25040", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77158", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77165", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77194", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77176", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77208", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77217", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77245", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77223", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.7722", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.7726", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77261", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77253", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77287", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77291", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25040" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25040" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954799", "reference_id": "1954799", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954799" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1853", "reference_id": "RHSA-2021:1853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0632", "reference_id": "RHSA-2022:0632", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0632" }, { "reference_url": "https://usn.ubuntu.com/4938-1/", "reference_id": "USN-4938-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4938-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2019-25040" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a58b-qqsv-9fec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81754?format=api", "vulnerability_id": "VCID-dc9g-bdph-9qa3", "summary": "unbound: assertion failure via a compressed name in dname_pkt_copy", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25041.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25041.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25041", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77217", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77223", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77252", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77235", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77266", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77275", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77302", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77282", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77279", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77319", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.7731", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77344", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.7735", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25041" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954801", "reference_id": "1954801", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954801" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1853", "reference_id": "RHSA-2021:1853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0632", "reference_id": "RHSA-2022:0632", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0632" }, { "reference_url": "https://usn.ubuntu.com/4938-1/", "reference_id": "USN-4938-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4938-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2019-25041" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dc9g-bdph-9qa3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81749?format=api", "vulnerability_id": "VCID-dnkp-t2z3-gbcm", "summary": "unbound: assertion failure and denial of service in synth_cname", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25036.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25036.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25036", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77158", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77165", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77194", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77176", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77208", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77217", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77245", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77223", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.7722", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.7726", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77261", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77253", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77287", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77291", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25036" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954782", "reference_id": "1954782", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954782" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1853", "reference_id": "RHSA-2021:1853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0632", "reference_id": "RHSA-2022:0632", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0632" }, { "reference_url": "https://usn.ubuntu.com/4938-1/", "reference_id": "USN-4938-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4938-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2019-25036" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dnkp-t2z3-gbcm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33755?format=api", "vulnerability_id": "VCID-e3w8-8bks-rbg6", "summary": "A vulnerability was discovered in NSD which could allow a local\n attacker to cause a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28935.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28935.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28935", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20304", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20372", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20449", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20508", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20233", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20313", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20402", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22038", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.2223", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22225", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22178", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22025", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22287", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22228", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28935" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28935", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28935" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1878761", "reference_id": "1878761", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1878761" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977165", "reference_id": "977165", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977165" }, { "reference_url": "https://security.archlinux.org/ASA-202012-17", "reference_id": "ASA-202012-17", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202012-17" }, { "reference_url": "https://security.archlinux.org/ASA-202012-18", "reference_id": "ASA-202012-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202012-18" }, { "reference_url": "https://security.archlinux.org/AVG-1326", "reference_id": "AVG-1326", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1326" }, { "reference_url": "https://security.archlinux.org/AVG-1327", "reference_id": "AVG-1327", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1327" }, { "reference_url": "https://security.gentoo.org/glsa/202101-38", "reference_id": "GLSA-202101-38", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202101-38" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1853", "reference_id": "RHSA-2021:1853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0632", "reference_id": "RHSA-2022:0632", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0632" }, { "reference_url": "https://usn.ubuntu.com/4938-1/", "reference_id": "USN-4938-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4938-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2020-28935" ], "risk_score": 2.0, "exploitability": "0.5", "weighted_severity": "4.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e3w8-8bks-rbg6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81745?format=api", "vulnerability_id": "VCID-fwbt-2wnn-p3cw", "summary": "unbound: integer overflow in the regional allocator via regional_alloc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25032.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25032.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25032", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.72917", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.72929", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.72948", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.72925", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.72962", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.72975", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.73", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.7298", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.72973", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.73014", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.73024", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.73017", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.73056", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.73067", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25032" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25032", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25032" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954772", "reference_id": "1954772", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954772" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1853", "reference_id": "RHSA-2021:1853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0632", "reference_id": "RHSA-2022:0632", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0632" }, { "reference_url": "https://usn.ubuntu.com/4938-1/", "reference_id": "USN-4938-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4938-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2019-25032" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fwbt-2wnn-p3cw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81750?format=api", "vulnerability_id": "VCID-nrbr-ruhk-8khx", "summary": "unbound: assertion failure and denial of service in dname_pkt_copy via an invalid packet", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25037.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25037.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25037", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77217", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77223", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.7735", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77279", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77319", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.7731", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77344", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77252", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77235", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77266", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77275", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77302", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77282", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25037" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25037", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25037" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954794", "reference_id": "1954794", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954794" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html", "reference_id": "msg00007.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T14:58:32Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210507-0007/", "reference_id": "ntap-20210507-0007", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T14:58:32Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210507-0007/" }, { "reference_url": "https://ostif.org/our-audit-of-unbound-dns-by-x41-d-sec-full-results/", "reference_id": "our-audit-of-unbound-dns-by-x41-d-sec-full-results", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T14:58:32Z/" } ], "url": "https://ostif.org/our-audit-of-unbound-dns-by-x41-d-sec-full-results/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1853", "reference_id": "RHSA-2021:1853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0632", "reference_id": "RHSA-2022:0632", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0632" }, { "reference_url": "https://usn.ubuntu.com/4938-1/", "reference_id": "USN-4938-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4938-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2019-25037" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nrbr-ruhk-8khx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81755?format=api", "vulnerability_id": "VCID-pb7a-j1ff-dbf7", "summary": "unbound: out-of-bounds write via a compressed name in rdata_copy", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25042.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25042.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25042", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72792", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72799", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72819", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72795", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72833", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72847", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72872", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72855", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72848", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.7289", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72899", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72892", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72934", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72944", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25042" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25042", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25042" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954804", "reference_id": "1954804", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954804" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1853", "reference_id": "RHSA-2021:1853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0632", "reference_id": "RHSA-2022:0632", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0632" }, { "reference_url": "https://usn.ubuntu.com/4938-1/", "reference_id": "USN-4938-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4938-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2019-25042" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pb7a-j1ff-dbf7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81751?format=api", "vulnerability_id": "VCID-qtvr-wfa9-qke6", "summary": "unbound: integer overflow in a size calculation in dnscrypt/dnscrypt.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25038.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25038.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25038", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72792", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72799", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72944", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.7289", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72899", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72892", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72934", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72819", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72795", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72833", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72847", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72872", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72855", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72848", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25038" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25038", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25038" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954796", "reference_id": "1954796", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954796" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html", "reference_id": "msg00007.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-06-11T14:42:51Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210507-0007/", "reference_id": "ntap-20210507-0007", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-06-11T14:42:51Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210507-0007/" }, { "reference_url": "https://ostif.org/our-audit-of-unbound-dns-by-x41-d-sec-full-results/", "reference_id": "our-audit-of-unbound-dns-by-x41-d-sec-full-results", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-06-11T14:42:51Z/" } ], "url": "https://ostif.org/our-audit-of-unbound-dns-by-x41-d-sec-full-results/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1853", "reference_id": "RHSA-2021:1853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0632", "reference_id": "RHSA-2022:0632", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0632" }, { "reference_url": "https://usn.ubuntu.com/4938-1/", "reference_id": "USN-4938-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4938-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2019-25038" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qtvr-wfa9-qke6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81752?format=api", "vulnerability_id": "VCID-twch-y9hk-ybew", "summary": "unbound: integer overflow in a size calculation in respip/respip.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25039.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25039.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25039", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72792", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72799", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72819", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72795", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72833", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72847", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72872", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72855", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72848", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.7289", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72899", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72892", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72934", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72944", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25039" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25039", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25039" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954797", "reference_id": "1954797", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954797" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1853", "reference_id": "RHSA-2021:1853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0632", "reference_id": "RHSA-2022:0632", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0632" }, { "reference_url": "https://usn.ubuntu.com/4938-1/", "reference_id": "USN-4938-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4938-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2019-25039" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-twch-y9hk-ybew" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81747?format=api", "vulnerability_id": "VCID-u811-711b-87c4", "summary": "unbound: integer overflow in sldns_str2wire_dname_buf_origin can lead to an out-of-bounds write", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25034.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25034.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25034", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72792", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72799", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72819", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72795", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72833", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72847", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72872", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72855", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72848", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.7289", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72899", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72892", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72934", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72944", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25034" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25034", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25034" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954778", "reference_id": "1954778", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954778" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1853", "reference_id": "RHSA-2021:1853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0632", "reference_id": "RHSA-2022:0632", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0632" }, { "reference_url": "https://usn.ubuntu.com/4938-1/", "reference_id": "USN-4938-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4938-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2019-25034" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u811-711b-87c4" } ], "fixing_vulnerabilities": [], "risk_score": "4.4", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/unbound@1.7.3-15%3Farch=el8" }