Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/rh-python38-python@3.8.6-1?arch=el7
Typerpm
Namespaceredhat
Namerh-python38-python
Version3.8.6-1
Qualifiers
arch el7
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-efdj-sb7s-p3fk
vulnerability_id VCID-efdj-sb7s-p3fk
summary 
Multiple vulnerabilities have been found in Python, the worst of
    which could result in a Denial of Service condition.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14422.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14422.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14422
reference_id
reference_type
scores
0
value 0.01172
scoring_system epss
scoring_elements 0.78633
published_at 2026-04-01T12:55:00Z
1
value 0.01172
scoring_system epss
scoring_elements 0.7864
published_at 2026-04-02T12:55:00Z
2
value 0.01172
scoring_system epss
scoring_elements 0.78671
published_at 2026-04-04T12:55:00Z
3
value 0.01172
scoring_system epss
scoring_elements 0.78651
published_at 2026-04-07T12:55:00Z
4
value 0.01172
scoring_system epss
scoring_elements 0.78677
published_at 2026-04-08T12:55:00Z
5
value 0.01172
scoring_system epss
scoring_elements 0.78683
published_at 2026-04-09T12:55:00Z
6
value 0.01172
scoring_system epss
scoring_elements 0.78708
published_at 2026-04-11T12:55:00Z
7
value 0.01172
scoring_system epss
scoring_elements 0.7869
published_at 2026-04-12T12:55:00Z
8
value 0.01172
scoring_system epss
scoring_elements 0.78682
published_at 2026-04-13T12:55:00Z
9
value 0.01172
scoring_system epss
scoring_elements 0.78711
published_at 2026-04-16T12:55:00Z
10
value 0.01172
scoring_system epss
scoring_elements 0.78709
published_at 2026-04-18T12:55:00Z
11
value 0.01172
scoring_system epss
scoring_elements 0.78705
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14422
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14422
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14422
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1854926
reference_id 1854926
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1854926
5
reference_url https://security.gentoo.org/glsa/202008-01
reference_id GLSA-202008-01
reference_type
scores
url https://security.gentoo.org/glsa/202008-01
6
reference_url https://access.redhat.com/errata/RHSA-2020:4285
reference_id RHSA-2020:4285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4285
7
reference_url https://access.redhat.com/errata/RHSA-2020:4299
reference_id RHSA-2020:4299
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4299
8
reference_url https://access.redhat.com/errata/RHSA-2020:4433
reference_id RHSA-2020:4433
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4433
9
reference_url https://access.redhat.com/errata/RHSA-2020:4641
reference_id RHSA-2020:4641
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4641
10
reference_url https://access.redhat.com/errata/RHSA-2020:5010
reference_id RHSA-2020:5010
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5010
11
reference_url https://usn.ubuntu.com/4428-1/
reference_id USN-4428-1
reference_type
scores
url https://usn.ubuntu.com/4428-1/
12
reference_url https://usn.ubuntu.com/6891-1/
reference_id USN-6891-1
reference_type
scores
url https://usn.ubuntu.com/6891-1/
fixed_packages
aliases CVE-2020-14422
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-efdj-sb7s-p3fk
1
url VCID-gvgx-eq9r-d3d2
vulnerability_id VCID-gvgx-eq9r-d3d2
summary 
Multiple vulnerabilities have been found in Python, the worst of
    which could result in the arbitrary execution of code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26116.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26116.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-26116
reference_id
reference_type
scores
0
value 0.00903
scoring_system epss
scoring_elements 0.75643
published_at 2026-04-01T12:55:00Z
1
value 0.00903
scoring_system epss
scoring_elements 0.75645
published_at 2026-04-02T12:55:00Z
2
value 0.00903
scoring_system epss
scoring_elements 0.75676
published_at 2026-04-04T12:55:00Z
3
value 0.00903
scoring_system epss
scoring_elements 0.75655
published_at 2026-04-07T12:55:00Z
4
value 0.00903
scoring_system epss
scoring_elements 0.7569
published_at 2026-04-08T12:55:00Z
5
value 0.00903
scoring_system epss
scoring_elements 0.757
published_at 2026-04-09T12:55:00Z
6
value 0.00903
scoring_system epss
scoring_elements 0.75725
published_at 2026-04-11T12:55:00Z
7
value 0.00903
scoring_system epss
scoring_elements 0.75706
published_at 2026-04-12T12:55:00Z
8
value 0.00903
scoring_system epss
scoring_elements 0.75699
published_at 2026-04-13T12:55:00Z
9
value 0.01017
scoring_system epss
scoring_elements 0.77213
published_at 2026-04-21T12:55:00Z
10
value 0.01017
scoring_system epss
scoring_elements 0.7722
published_at 2026-04-16T12:55:00Z
11
value 0.01017
scoring_system epss
scoring_elements 0.77222
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-26116
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26116
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26116
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1883014
reference_id 1883014
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1883014
5
reference_url https://security.gentoo.org/glsa/202101-18
reference_id GLSA-202101-18
reference_type
scores
url https://security.gentoo.org/glsa/202101-18
6
reference_url https://access.redhat.com/errata/RHSA-2020:4273
reference_id RHSA-2020:4273
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4273
7
reference_url https://access.redhat.com/errata/RHSA-2020:4285
reference_id RHSA-2020:4285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4285
8
reference_url https://access.redhat.com/errata/RHSA-2020:4299
reference_id RHSA-2020:4299
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4299
9
reference_url https://access.redhat.com/errata/RHSA-2021:1633
reference_id RHSA-2021:1633
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1633
10
reference_url https://access.redhat.com/errata/RHSA-2021:1761
reference_id RHSA-2021:1761
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1761
11
reference_url https://access.redhat.com/errata/RHSA-2021:1879
reference_id RHSA-2021:1879
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1879
12
reference_url https://access.redhat.com/errata/RHSA-2021:3366
reference_id RHSA-2021:3366
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3366
13
reference_url https://access.redhat.com/errata/RHSA-2022:5235
reference_id RHSA-2022:5235
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5235
14
reference_url https://usn.ubuntu.com/4581-1/
reference_id USN-4581-1
reference_type
scores
url https://usn.ubuntu.com/4581-1/
15
reference_url https://usn.ubuntu.com/4754-3/
reference_id USN-4754-3
reference_type
scores
url https://usn.ubuntu.com/4754-3/
16
reference_url https://usn.ubuntu.com/6891-1/
reference_id USN-6891-1
reference_type
scores
url https://usn.ubuntu.com/6891-1/
fixed_packages
aliases CVE-2020-26116
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gvgx-eq9r-d3d2
2
url VCID-gxkt-bvtg-gbaj
vulnerability_id VCID-gxkt-bvtg-gbaj
summary urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest(). NOTE: this is similar to CVE-2020-26116.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26137.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26137.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-26137
reference_id
reference_type
scores
0
value 0.00277
scoring_system epss
scoring_elements 0.5118
published_at 2026-04-21T12:55:00Z
1
value 0.00277
scoring_system epss
scoring_elements 0.51202
published_at 2026-04-18T12:55:00Z
2
value 0.00277
scoring_system epss
scoring_elements 0.51061
published_at 2026-04-01T12:55:00Z
3
value 0.00277
scoring_system epss
scoring_elements 0.51195
published_at 2026-04-16T12:55:00Z
4
value 0.00277
scoring_system epss
scoring_elements 0.51156
published_at 2026-04-13T12:55:00Z
5
value 0.00277
scoring_system epss
scoring_elements 0.51171
published_at 2026-04-12T12:55:00Z
6
value 0.00277
scoring_system epss
scoring_elements 0.51193
published_at 2026-04-11T12:55:00Z
7
value 0.00277
scoring_system epss
scoring_elements 0.51149
published_at 2026-04-09T12:55:00Z
8
value 0.00277
scoring_system epss
scoring_elements 0.51152
published_at 2026-04-08T12:55:00Z
9
value 0.00277
scoring_system epss
scoring_elements 0.51097
published_at 2026-04-07T12:55:00Z
10
value 0.00277
scoring_system epss
scoring_elements 0.51139
published_at 2026-04-04T12:55:00Z
11
value 0.00277
scoring_system epss
scoring_elements 0.51115
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-26137
2
reference_url https://bugs.python.org/issue39603
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.python.org/issue39603
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26137
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26137
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/advisories/GHSA-wqvq-5m8c-6g24
reference_id
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wqvq-5m8c-6g24
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/urllib3/PYSEC-2020-148.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/urllib3/PYSEC-2020-148.yaml
7
reference_url https://github.com/urllib3/urllib3
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/urllib3/urllib3
8
reference_url https://github.com/urllib3/urllib3/commit/1dd69c5c5982fae7c87a620d487c2ebf7a6b436b
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/urllib3/urllib3/commit/1dd69c5c5982fae7c87a620d487c2ebf7a6b436b
9
reference_url https://github.com/urllib3/urllib3/pull/1800
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/urllib3/urllib3/pull/1800
10
reference_url https://lists.debian.org/debian-lts-announce/2021/06/msg00015.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/06/msg00015.html
11
reference_url https://lists.debian.org/debian-lts-announce/2023/10/msg00012.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2023/10/msg00012.html
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-26137
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-26137
13
reference_url https://usn.ubuntu.com/4570-1
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4570-1
14
reference_url https://usn.ubuntu.com/4570-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4570-1/
15
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2022.html
16
reference_url https://www.oracle.com/security-alerts/cpuoct2021.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2021.html
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1883632
reference_id 1883632
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1883632
18
reference_url https://access.redhat.com/errata/RHSA-2020:4299
reference_id RHSA-2020:4299
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4299
19
reference_url https://access.redhat.com/errata/RHSA-2021:0034
reference_id RHSA-2021:0034
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0034
20
reference_url https://access.redhat.com/errata/RHSA-2021:0079
reference_id RHSA-2021:0079
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0079
21
reference_url https://access.redhat.com/errata/RHSA-2021:1631
reference_id RHSA-2021:1631
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1631
22
reference_url https://access.redhat.com/errata/RHSA-2021:1761
reference_id RHSA-2021:1761
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1761
23
reference_url https://access.redhat.com/errata/RHSA-2022:5235
reference_id RHSA-2022:5235
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5235
fixed_packages
aliases CVE-2020-26137, GHSA-wqvq-5m8c-6g24, PYSEC-2020-148
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gxkt-bvtg-gbaj
3
url VCID-tyk4-kazt-kydj
vulnerability_id VCID-tyk4-kazt-kydj
summary 
Multiple vulnerabilities have been found in Python, the worst of
    which could result in a Denial of Service condition.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20907.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20907.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-20907
reference_id
reference_type
scores
0
value 0.00323
scoring_system epss
scoring_elements 0.55257
published_at 2026-04-01T12:55:00Z
1
value 0.00323
scoring_system epss
scoring_elements 0.55355
published_at 2026-04-02T12:55:00Z
2
value 0.00323
scoring_system epss
scoring_elements 0.5538
published_at 2026-04-04T12:55:00Z
3
value 0.00323
scoring_system epss
scoring_elements 0.55358
published_at 2026-04-07T12:55:00Z
4
value 0.00323
scoring_system epss
scoring_elements 0.55408
published_at 2026-04-09T12:55:00Z
5
value 0.00323
scoring_system epss
scoring_elements 0.55419
published_at 2026-04-11T12:55:00Z
6
value 0.00323
scoring_system epss
scoring_elements 0.55397
published_at 2026-04-21T12:55:00Z
7
value 0.00323
scoring_system epss
scoring_elements 0.55379
published_at 2026-04-13T12:55:00Z
8
value 0.00323
scoring_system epss
scoring_elements 0.55414
published_at 2026-04-16T12:55:00Z
9
value 0.00323
scoring_system epss
scoring_elements 0.55418
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-20907
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20907
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20907
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1856481
reference_id 1856481
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1856481
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970099
reference_id 970099
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970099
6
reference_url https://security.gentoo.org/glsa/202008-01
reference_id GLSA-202008-01
reference_type
scores
url https://security.gentoo.org/glsa/202008-01
7
reference_url https://access.redhat.com/errata/RHSA-2020:4273
reference_id RHSA-2020:4273
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4273
8
reference_url https://access.redhat.com/errata/RHSA-2020:4285
reference_id RHSA-2020:4285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4285
9
reference_url https://access.redhat.com/errata/RHSA-2020:4299
reference_id RHSA-2020:4299
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4299
10
reference_url https://access.redhat.com/errata/RHSA-2020:4433
reference_id RHSA-2020:4433
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4433
11
reference_url https://access.redhat.com/errata/RHSA-2020:4641
reference_id RHSA-2020:4641
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4641
12
reference_url https://access.redhat.com/errata/RHSA-2020:4654
reference_id RHSA-2020:4654
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4654
13
reference_url https://access.redhat.com/errata/RHSA-2020:5009
reference_id RHSA-2020:5009
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5009
14
reference_url https://access.redhat.com/errata/RHSA-2020:5010
reference_id RHSA-2020:5010
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5010
15
reference_url https://access.redhat.com/errata/RHSA-2021:0528
reference_id RHSA-2021:0528
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0528
16
reference_url https://access.redhat.com/errata/RHSA-2021:0761
reference_id RHSA-2021:0761
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0761
17
reference_url https://access.redhat.com/errata/RHSA-2021:0881
reference_id RHSA-2021:0881
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0881
18
reference_url https://access.redhat.com/errata/RHSA-2021:0949
reference_id RHSA-2021:0949
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0949
19
reference_url https://usn.ubuntu.com/4428-1/
reference_id USN-4428-1
reference_type
scores
url https://usn.ubuntu.com/4428-1/
20
reference_url https://usn.ubuntu.com/4754-3/
reference_id USN-4754-3
reference_type
scores
url https://usn.ubuntu.com/4754-3/
21
reference_url https://usn.ubuntu.com/6891-1/
reference_id USN-6891-1
reference_type
scores
url https://usn.ubuntu.com/6891-1/
fixed_packages
aliases CVE-2019-20907
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tyk4-kazt-kydj
4
url VCID-v7cw-w79c-zfbh
vulnerability_id VCID-v7cw-w79c-zfbh
summary psutil (aka python-psutil) through 5.6.5 can have a double free. This occurs because of refcount mishandling within a while or for loop that converts system data into a Python object.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18874.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18874.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-18874
reference_id
reference_type
scores
0
value 0.00134
scoring_system epss
scoring_elements 0.33073
published_at 2026-04-21T12:55:00Z
1
value 0.00134
scoring_system epss
scoring_elements 0.33112
published_at 2026-04-18T12:55:00Z
2
value 0.00134
scoring_system epss
scoring_elements 0.33135
published_at 2026-04-16T12:55:00Z
3
value 0.00134
scoring_system epss
scoring_elements 0.33094
published_at 2026-04-13T12:55:00Z
4
value 0.00134
scoring_system epss
scoring_elements 0.33117
published_at 2026-04-12T12:55:00Z
5
value 0.00134
scoring_system epss
scoring_elements 0.33156
published_at 2026-04-11T12:55:00Z
6
value 0.00134
scoring_system epss
scoring_elements 0.33154
published_at 2026-04-09T12:55:00Z
7
value 0.00134
scoring_system epss
scoring_elements 0.33121
published_at 2026-04-08T12:55:00Z
8
value 0.00134
scoring_system epss
scoring_elements 0.33245
published_at 2026-04-04T12:55:00Z
9
value 0.00134
scoring_system epss
scoring_elements 0.33213
published_at 2026-04-02T12:55:00Z
10
value 0.00134
scoring_system epss
scoring_elements 0.33077
published_at 2026-04-07T12:55:00Z
11
value 0.00134
scoring_system epss
scoring_elements 0.33082
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-18874
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18874
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18874
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/advisories/GHSA-qfc5-mcwq-26q8
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-qfc5-mcwq-26q8
5
reference_url https://github.com/giampaolo/psutil
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/giampaolo/psutil
6
reference_url https://github.com/giampaolo/psutil/blob/master/HISTORY.rst#566
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/giampaolo/psutil/blob/master/HISTORY.rst#566
7
reference_url https://github.com/giampaolo/psutil/commit/7d512c8e4442a896d56505be3e78f1156f443465
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/giampaolo/psutil/commit/7d512c8e4442a896d56505be3e78f1156f443465
8
reference_url https://github.com/giampaolo/psutil/pull/1616
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/giampaolo/psutil/pull/1616
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/psutil/PYSEC-2019-41.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/psutil/PYSEC-2019-41.yaml
10
reference_url https://lists.debian.org/debian-lts-announce/2019/11/msg00018.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2019/11/msg00018.html
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2P7QI7MOTZTFXQYU23CP3RAWXCERMOAS/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2P7QI7MOTZTFXQYU23CP3RAWXCERMOAS/
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OLETTJYZL2SMBUI4Q2NGBMGPDPP54SRG/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OLETTJYZL2SMBUI4Q2NGBMGPDPP54SRG/
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2P7QI7MOTZTFXQYU23CP3RAWXCERMOAS
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2P7QI7MOTZTFXQYU23CP3RAWXCERMOAS
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2P7QI7MOTZTFXQYU23CP3RAWXCERMOAS/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2P7QI7MOTZTFXQYU23CP3RAWXCERMOAS/
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OLETTJYZL2SMBUI4Q2NGBMGPDPP54SRG
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OLETTJYZL2SMBUI4Q2NGBMGPDPP54SRG
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OLETTJYZL2SMBUI4Q2NGBMGPDPP54SRG/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OLETTJYZL2SMBUI4Q2NGBMGPDPP54SRG/
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-18874
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-18874
18
reference_url https://usn.ubuntu.com/4204-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4204-1
19
reference_url https://usn.ubuntu.com/4204-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4204-1/
20
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1772014
reference_id 1772014
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1772014
21
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=944605
reference_id 944605
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=944605
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:psutil_project:psutil:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:psutil_project:psutil:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:psutil_project:psutil:*:*:*:*:*:*:*:*
23
reference_url https://access.redhat.com/errata/RHSA-2020:2583
reference_id RHSA-2020:2583
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2583
24
reference_url https://access.redhat.com/errata/RHSA-2020:2593
reference_id RHSA-2020:2593
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2593
25
reference_url https://access.redhat.com/errata/RHSA-2020:2635
reference_id RHSA-2020:2635
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2635
26
reference_url https://access.redhat.com/errata/RHSA-2020:4254
reference_id RHSA-2020:4254
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4254
27
reference_url https://access.redhat.com/errata/RHSA-2020:4255
reference_id RHSA-2020:4255
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4255
28
reference_url https://access.redhat.com/errata/RHSA-2020:4299
reference_id RHSA-2020:4299
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4299
29
reference_url https://access.redhat.com/errata/RHSA-2020:5249
reference_id RHSA-2020:5249
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5249
30
reference_url https://access.redhat.com/errata/RHSA-2021:1313
reference_id RHSA-2021:1313
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1313
31
reference_url https://access.redhat.com/errata/RHSA-2021:4162
reference_id RHSA-2021:4162
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4162
32
reference_url https://access.redhat.com/errata/RHSA-2021:4324
reference_id RHSA-2021:4324
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4324
fixed_packages
aliases CVE-2019-18874, GHSA-qfc5-mcwq-26q8, PYSEC-2019-41
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v7cw-w79c-zfbh
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-python38-python@3.8.6-1%3Farch=el7