Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1035235?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1035235?format=api", "purl": "pkg:deb/debian/unbound@1.4.6-1%2Bsqueeze3", "type": "deb", "namespace": "debian", "name": "unbound", "version": "1.4.6-1+squeeze3", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "1.17.1-2+deb12u4", "latest_non_vulnerable_version": "1.17.1-2+deb12u4", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81748?format=api", "vulnerability_id": "VCID-2d5q-y4tv-ukgb", "summary": "unbound: out-of-bounds write in sldns_bget_token_par", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25035.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25035.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25035", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72792", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72799", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72819", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72795", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72833", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72847", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72872", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72855", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72848", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.7289", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25035" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954780", "reference_id": "1954780", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954780" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1853", "reference_id": "RHSA-2021:1853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0632", "reference_id": "RHSA-2022:0632", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0632" }, { "reference_url": "https://usn.ubuntu.com/4938-1/", "reference_id": "USN-4938-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4938-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049646?format=api", "purl": "pkg:deb/debian/unbound@1.13.1-1%2Bdeb11u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4etu-cddt-sbfm" }, { "vulnerability": "VCID-4sax-ynvh-abed" }, { "vulnerability": "VCID-b7b8-guvx-3bhy" }, { "vulnerability": "VCID-cjha-wacb-mqds" }, { "vulnerability": "VCID-pc5g-wqzg-rfhu" }, { "vulnerability": "VCID-zjjk-kfsd-e7ck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.13.1-1%252Bdeb11u2" } ], "aliases": [ "CVE-2019-25035" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2d5q-y4tv-ukgb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82021?format=api", "vulnerability_id": "VCID-3e4q-7bsf-fyh2", "summary": "unbound: uninitialized memory accesses leads to crash via a crafted NOTIFY query", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16866.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16866.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16866", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01248", "scoring_system": "epss", "scoring_elements": "0.79266", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01248", "scoring_system": "epss", "scoring_elements": "0.79314", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01248", "scoring_system": "epss", "scoring_elements": "0.79317", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01248", "scoring_system": "epss", "scoring_elements": "0.79341", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01248", "scoring_system": "epss", "scoring_elements": "0.79325", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01248", "scoring_system": "epss", "scoring_elements": "0.79273", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01248", "scoring_system": "epss", "scoring_elements": "0.79296", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01248", "scoring_system": "epss", "scoring_elements": "0.79282", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01248", "scoring_system": "epss", "scoring_elements": "0.79307", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16866" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16866", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16866" }, { "reference_url": "https://github.com/NLnetLabs/unbound/blob/release-1.9.4/doc/Changelog", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/NLnetLabs/unbound/blob/release-1.9.4/doc/Changelog" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E65NCWZZB2D75ZIYWPXKMVGSGNYW4JMC/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E65NCWZZB2D75ZIYWPXKMVGSGNYW4JMC/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MLRHE7TQFAOV4MB2ELTOGESZYUL65NUJ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MLRHE7TQFAOV4MB2ELTOGESZYUL65NUJ/" }, { "reference_url": "https://nlnetlabs.nl/downloads/unbound/CVE-2019-16866.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nlnetlabs.nl/downloads/unbound/CVE-2019-16866.txt" }, { "reference_url": "https://seclists.org/bugtraq/2019/Oct/23", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2019/Oct/23" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4544", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2019/dsa-4544" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1767955", "reference_id": "1767955", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1767955" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941692", "reference_id": "941692", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941692" }, { "reference_url": "https://security.archlinux.org/ASA-201910-6", "reference_id": "ASA-201910-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201910-6" }, { "reference_url": "https://security.archlinux.org/AVG-1042", "reference_id": "AVG-1042", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1042" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:nlnetlabs:unbound:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16866", "reference_id": "CVE-2019-16866", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16866" }, { "reference_url": "https://usn.ubuntu.com/4149-1/", "reference_id": "USN-4149-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4149-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038109?format=api", "purl": "pkg:deb/debian/unbound@1.9.0-2%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d5q-y4tv-ukgb" }, { "vulnerability": "VCID-3e4q-7bsf-fyh2" }, { "vulnerability": "VCID-4etu-cddt-sbfm" }, { "vulnerability": "VCID-4sax-ynvh-abed" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-6wjx-c9v1-nqf9" }, { "vulnerability": "VCID-a58b-qqsv-9fec" }, { "vulnerability": "VCID-am4a-hwtd-uybh" }, { "vulnerability": "VCID-awc5-73ya-6faa" }, { "vulnerability": "VCID-b7b8-guvx-3bhy" }, { "vulnerability": "VCID-cjha-wacb-mqds" }, { "vulnerability": "VCID-dc9g-bdph-9qa3" }, { "vulnerability": "VCID-dnkp-t2z3-gbcm" }, { "vulnerability": "VCID-e25c-xfn1-1bhn" }, { "vulnerability": "VCID-e3w8-8bks-rbg6" }, { "vulnerability": "VCID-f23u-dymp-63c9" }, { "vulnerability": "VCID-fwbt-2wnn-p3cw" }, { "vulnerability": "VCID-kzmv-f7dr-uqcm" }, { "vulnerability": "VCID-nrbr-ruhk-8khx" }, { "vulnerability": "VCID-pb7a-j1ff-dbf7" }, { "vulnerability": "VCID-pc5g-wqzg-rfhu" }, { "vulnerability": "VCID-pquu-mx3q-2bay" }, { "vulnerability": "VCID-qtvr-wfa9-qke6" }, { "vulnerability": "VCID-twch-y9hk-ybew" }, { "vulnerability": "VCID-u811-711b-87c4" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-ywzz-4ya4-cyh9" }, { "vulnerability": "VCID-zjjk-kfsd-e7ck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.9.0-2%252Bdeb10u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049646?format=api", "purl": "pkg:deb/debian/unbound@1.13.1-1%2Bdeb11u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4etu-cddt-sbfm" }, { "vulnerability": "VCID-4sax-ynvh-abed" }, { "vulnerability": "VCID-b7b8-guvx-3bhy" }, { "vulnerability": "VCID-cjha-wacb-mqds" }, { "vulnerability": "VCID-pc5g-wqzg-rfhu" }, { "vulnerability": "VCID-zjjk-kfsd-e7ck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.13.1-1%252Bdeb11u2" } ], "aliases": [ "CVE-2019-16866" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3e4q-7bsf-fyh2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/73716?format=api", "vulnerability_id": "VCID-4etu-cddt-sbfm", "summary": "unbound: Unbounded name compression could lead to Denial of Service", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8508.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8508.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8508", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00228", "scoring_system": "epss", "scoring_elements": "0.45595", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00228", "scoring_system": "epss", "scoring_elements": "0.45571", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00228", "scoring_system": "epss", "scoring_elements": "0.4554", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00228", "scoring_system": "epss", "scoring_elements": "0.45547", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00228", "scoring_system": "epss", "scoring_elements": "0.45527", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00228", "scoring_system": "epss", "scoring_elements": "0.45549", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00228", "scoring_system": "epss", "scoring_elements": "0.45495", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00228", "scoring_system": "epss", "scoring_elements": "0.4555", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00228", "scoring_system": "epss", "scoring_elements": "0.45551", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8508" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1083282", "reference_id": "1083282", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1083282" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316321", "reference_id": "2316321", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316321" }, { "reference_url": "https://www.nlnetlabs.nl/downloads/unbound/CVE-2024-8508.txt", "reference_id": "CVE-2024-8508.txt", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T17:11:45Z/" } ], "url": "https://www.nlnetlabs.nl/downloads/unbound/CVE-2024-8508.txt" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11170", "reference_id": "RHSA-2024:11170", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11170" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11232", "reference_id": "RHSA-2024:11232", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11232" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0140", "reference_id": "RHSA-2025:0140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0837", "reference_id": "RHSA-2025:0837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1120", "reference_id": "RHSA-2025:1120", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8047", "reference_id": "RHSA-2025:8047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8197", "reference_id": "RHSA-2025:8197", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8197" }, { "reference_url": "https://usn.ubuntu.com/7080-1/", "reference_id": "USN-7080-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7080-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049672?format=api", "purl": "pkg:deb/debian/unbound@1.17.1-2%2Bdeb12u4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.17.1-2%252Bdeb12u4" } ], "aliases": [ "CVE-2024-8508" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4etu-cddt-sbfm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/68620?format=api", "vulnerability_id": "VCID-4sax-ynvh-abed", "summary": "unbound: Unbound Cache poisoning", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5994.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5994.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5994", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20188", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19969", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20243", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20048", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20107", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.21974", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.21877", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.21878", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.21934", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5994" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5994", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5994" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109427", "reference_id": "1109427", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109427" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380949", "reference_id": "2380949", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380949" }, { "reference_url": "https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt", "reference_id": "CVE-2025-5994.txt", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/R:U/V:C" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-16T15:42:14Z/" } ], "url": "https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11849", "reference_id": "RHSA-2025:11849", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11849" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11884", "reference_id": "RHSA-2025:11884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12064", "reference_id": "RHSA-2025:12064", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12064" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12416", "reference_id": "RHSA-2025:12416", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12416" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12520", "reference_id": "RHSA-2025:12520", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12520" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12523", "reference_id": "RHSA-2025:12523", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12523" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12929", "reference_id": "RHSA-2025:12929", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12929" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13575", "reference_id": "RHSA-2025:13575", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13575" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13576", "reference_id": "RHSA-2025:13576", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13576" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13577", "reference_id": "RHSA-2025:13577", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13577" }, { "reference_url": "https://usn.ubuntu.com/7666-1/", "reference_id": "USN-7666-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7666-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049672?format=api", "purl": "pkg:deb/debian/unbound@1.17.1-2%2Bdeb12u4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.17.1-2%252Bdeb12u4" } ], "aliases": [ "CVE-2025-5994" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4sax-ynvh-abed" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61411?format=api", "vulnerability_id": "VCID-66sa-bc5p-jqde", "summary": "Multiple vulnerabilities have been discovered in Dnsmasq, the worst of which could lead to a denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50387.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50387.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50387", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.51989", "scoring_system": "epss", "scoring_elements": "0.97914", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.51989", "scoring_system": "epss", "scoring_elements": "0.97913", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.51989", "scoring_system": "epss", "scoring_elements": "0.97912", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.51989", "scoring_system": "epss", "scoring_elements": "0.97898", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.51989", "scoring_system": "epss", "scoring_elements": "0.97901", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.51989", "scoring_system": "epss", "scoring_elements": "0.97906", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.51989", "scoring_system": "epss", "scoring_elements": "0.97909", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.51989", "scoring_system": "epss", "scoring_elements": "0.97896", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.51989", "scoring_system": "epss", "scoring_elements": "0.97922", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50387" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html", "reference_id": "017430.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845", "reference_id": "1063845", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852", "reference_id": "1063852", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077750", "reference_id": "1077750", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077750" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/02/16/2", "reference_id": "2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/02/16/2" }, { "reference_url": "https://www.isc.org/blogs/2024-bind-security-release/", "reference_id": "2024-bind-security-release", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://www.isc.org/blogs/2024-bind-security-release/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263914", "reference_id": "2263914", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263914" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/02/16/3", "reference_id": "3", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/02/16/3" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/", "reference_id": "6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/", "reference_id": "BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/" }, { "reference_url": "https://kb.isc.org/docs/cve-2023-50387", "reference_id": "cve-2023-50387", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://kb.isc.org/docs/cve-2023-50387" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-50387", "reference_id": "CVE-2023-50387", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2023-50387" }, { "reference_url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-50387", "reference_id": "CVE-2023-50387", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-50387" }, { "reference_url": "https://www.theregister.com/2024/02/13/dnssec_vulnerability_internet/", "reference_id": "dnssec_vulnerability_internet", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://www.theregister.com/2024/02/13/dnssec_vulnerability_internet/" }, { "reference_url": "https://security.gentoo.org/glsa/202412-10", "reference_id": "GLSA-202412-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-10" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/", "reference_id": "HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/", "reference_id": "IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/" }, { "reference_url": "https://news.ycombinator.com/item?id=39367411", "reference_id": "item?id=39367411", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://news.ycombinator.com/item?id=39367411" }, { "reference_url": "https://news.ycombinator.com/item?id=39372384", "reference_id": "item?id=39372384", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://news.ycombinator.com/item?id=39372384" }, { "reference_url": "https://www.athene-center.de/aktuelles/key-trap", "reference_id": "key-trap", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://www.athene-center.de/aktuelles/key-trap" }, { "reference_url": "https://www.securityweek.com/keytrap-dns-attack-could-disable-large-parts-of-internet-researchers/", "reference_id": "keytrap-dns-attack-could-disable-large-parts-of-internet-researchers", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://www.securityweek.com/keytrap-dns-attack-could-disable-large-parts-of-internet-researchers/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html", "reference_id": "msg00006.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html", "reference_id": "msg00011.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240307-0007/", "reference_id": "ntap-20240307-0007", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240307-0007/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/", "reference_id": "PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/" }, { "reference_url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html", "reference_id": "powerdns-advisory-2024-01.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/", "reference_id": "RGS7JN6FZXUSTC2XKQHH27574XOULYYJ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0965", "reference_id": "RHSA-2024:0965", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0965" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0977", "reference_id": "RHSA-2024:0977", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0977" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0981", "reference_id": "RHSA-2024:0981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0982", "reference_id": "RHSA-2024:0982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11003", "reference_id": "RHSA-2024:11003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1334", "reference_id": "RHSA-2024:1334", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1334" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1335", "reference_id": "RHSA-2024:1335", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1335" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1522", "reference_id": "RHSA-2024:1522", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1522" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1543", "reference_id": "RHSA-2024:1543", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1543" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1544", "reference_id": "RHSA-2024:1544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1545", "reference_id": "RHSA-2024:1545", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1545" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1647", "reference_id": "RHSA-2024:1647", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1647" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1648", "reference_id": "RHSA-2024:1648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1648" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1781", "reference_id": "RHSA-2024:1781", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1781" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1782", "reference_id": "RHSA-2024:1782", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1782" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1789", "reference_id": "RHSA-2024:1789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1800", "reference_id": "RHSA-2024:1800", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1800" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1801", "reference_id": "RHSA-2024:1801", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1801" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1803", "reference_id": "RHSA-2024:1803", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1803" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1804", "reference_id": "RHSA-2024:1804", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1804" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2551", "reference_id": "RHSA-2024:2551", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2551" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2587", "reference_id": "RHSA-2024:2587", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2587" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2696", "reference_id": "RHSA-2024:2696", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2696" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2720", "reference_id": "RHSA-2024:2720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2721", "reference_id": "RHSA-2024:2721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2821", "reference_id": "RHSA-2024:2821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2890", "reference_id": "RHSA-2024:2890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3271", "reference_id": "RHSA-2024:3271", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3271" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3741", "reference_id": "RHSA-2024:3741", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3741" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3877", "reference_id": "RHSA-2024:3877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3929", "reference_id": "RHSA-2024:3929", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3929" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0039", "reference_id": "RHSA-2025:0039", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0039" }, { "reference_url": "https://bugzilla.suse.com/show_bug.cgi?id=1219823", "reference_id": "show_bug.cgi?id=1219823", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1219823" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/", "reference_id": "SVYA42BLXUCIDLD35YIJPJSHDIADNYMP", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/" }, { "reference_url": "https://www.athene-center.de/fileadmin/content/PDF/Technical_Report_KeyTrap.pdf", "reference_id": "Technical_Report_KeyTrap.pdf", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://www.athene-center.de/fileadmin/content/PDF/Technical_Report_KeyTrap.pdf" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/", "reference_id": "TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/" }, { "reference_url": "https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/", "reference_id": "unbound-1.19.1-released", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/", "reference_id": "UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/" }, { "reference_url": "https://usn.ubuntu.com/6633-1/", "reference_id": "USN-6633-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6633-1/" }, { "reference_url": "https://usn.ubuntu.com/6642-1/", "reference_id": "USN-6642-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6642-1/" }, { "reference_url": "https://usn.ubuntu.com/6657-1/", "reference_id": "USN-6657-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6657-1/" }, { "reference_url": "https://usn.ubuntu.com/6657-2/", "reference_id": "USN-6657-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6657-2/" }, { "reference_url": "https://usn.ubuntu.com/6665-1/", "reference_id": "USN-6665-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6665-1/" }, { "reference_url": "https://usn.ubuntu.com/6723-1/", "reference_id": "USN-6723-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6723-1/" }, { "reference_url": "https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1", "reference_id": "v5.7.1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/", "reference_id": "ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049646?format=api", "purl": "pkg:deb/debian/unbound@1.13.1-1%2Bdeb11u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4etu-cddt-sbfm" }, { "vulnerability": "VCID-4sax-ynvh-abed" }, { "vulnerability": "VCID-b7b8-guvx-3bhy" }, { "vulnerability": "VCID-cjha-wacb-mqds" }, { "vulnerability": "VCID-pc5g-wqzg-rfhu" }, { "vulnerability": "VCID-zjjk-kfsd-e7ck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.13.1-1%252Bdeb11u2" } ], "aliases": [ "CVE-2023-50387" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-66sa-bc5p-jqde" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48879?format=api", "vulnerability_id": "VCID-6t3w-1ksa-a7eq", "summary": "Multiple Denial of Service vulnerabilities have been found in\n Unbound.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4528", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02914", "scoring_system": "epss", "scoring_elements": "0.86314", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02914", "scoring_system": "epss", "scoring_elements": "0.86324", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02914", "scoring_system": "epss", "scoring_elements": "0.86343", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02914", "scoring_system": "epss", "scoring_elements": "0.86344", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02914", "scoring_system": "epss", "scoring_elements": "0.86362", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02914", "scoring_system": "epss", "scoring_elements": "0.86372", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02914", "scoring_system": "epss", "scoring_elements": "0.86386", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02914", "scoring_system": "epss", "scoring_elements": "0.86383", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02914", "scoring_system": "epss", "scoring_elements": "0.86378", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02914", "scoring_system": "epss", "scoring_elements": "0.86395", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4528" }, { "reference_url": "https://security.gentoo.org/glsa/201311-18", "reference_id": "GLSA-201311-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201311-18" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035237?format=api", "purl": "pkg:deb/debian/unbound@1.4.17-3%2Bdeb7u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d5q-y4tv-ukgb" }, { "vulnerability": "VCID-3e4q-7bsf-fyh2" }, { "vulnerability": "VCID-4etu-cddt-sbfm" }, { "vulnerability": "VCID-4sax-ynvh-abed" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-6wjx-c9v1-nqf9" }, { "vulnerability": "VCID-a58b-qqsv-9fec" }, { "vulnerability": "VCID-am4a-hwtd-uybh" }, { "vulnerability": "VCID-awc5-73ya-6faa" }, { "vulnerability": "VCID-b7b8-guvx-3bhy" }, { "vulnerability": "VCID-cjha-wacb-mqds" }, { "vulnerability": "VCID-dc9g-bdph-9qa3" }, { "vulnerability": "VCID-dnkp-t2z3-gbcm" }, { "vulnerability": "VCID-e25c-xfn1-1bhn" }, { "vulnerability": "VCID-e3w8-8bks-rbg6" }, { "vulnerability": "VCID-f23u-dymp-63c9" }, { "vulnerability": "VCID-fwbt-2wnn-p3cw" }, { "vulnerability": "VCID-kzmv-f7dr-uqcm" }, { "vulnerability": "VCID-nrbr-ruhk-8khx" }, { "vulnerability": "VCID-pb7a-j1ff-dbf7" }, { "vulnerability": "VCID-pc5g-wqzg-rfhu" }, { "vulnerability": "VCID-pquu-mx3q-2bay" }, { "vulnerability": "VCID-qtvr-wfa9-qke6" }, { "vulnerability": "VCID-ta1t-nmud-eudt" }, { "vulnerability": "VCID-twch-y9hk-ybew" }, { "vulnerability": "VCID-u811-711b-87c4" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-ynr4-2ksj-hqf1" }, { "vulnerability": "VCID-ywzz-4ya4-cyh9" }, { "vulnerability": "VCID-zjjk-kfsd-e7ck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.4.17-3%252Bdeb7u2" } ], "aliases": [ "CVE-2011-4528" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6t3w-1ksa-a7eq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31263?format=api", "vulnerability_id": "VCID-6wjx-c9v1-nqf9", "summary": "Multiple vulnerabilities have been discovered in Unbound, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30698.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30698.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-30698", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.2924", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.2929", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29104", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29169", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29209", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29214", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29116", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29142", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-30698" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30698", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30698" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016493", "reference_id": "1016493", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016493" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116725", "reference_id": "2116725", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116725" }, { "reference_url": "https://security.gentoo.org/glsa/202212-02", "reference_id": "GLSA-202212-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202212-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7622", "reference_id": "RHSA-2022:7622", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7622" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8062", "reference_id": "RHSA-2022:8062", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8062" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2045", "reference_id": "RHSA-2024:2045", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2045" }, { "reference_url": "https://usn.ubuntu.com/5569-1/", "reference_id": "USN-5569-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5569-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049646?format=api", "purl": "pkg:deb/debian/unbound@1.13.1-1%2Bdeb11u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4etu-cddt-sbfm" }, { "vulnerability": "VCID-4sax-ynvh-abed" }, { "vulnerability": "VCID-b7b8-guvx-3bhy" }, { "vulnerability": "VCID-cjha-wacb-mqds" }, { "vulnerability": "VCID-pc5g-wqzg-rfhu" }, { "vulnerability": "VCID-zjjk-kfsd-e7ck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.13.1-1%252Bdeb11u2" } ], "aliases": [ "CVE-2022-30698" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6wjx-c9v1-nqf9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81753?format=api", "vulnerability_id": "VCID-a58b-qqsv-9fec", "summary": "unbound: infinite loop via a compressed name in dname_pkt_copy", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25040.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25040.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25040", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77158", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77165", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77194", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77176", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77208", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77217", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77245", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77223", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.7722", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.7726", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25040" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25040" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954799", "reference_id": "1954799", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954799" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1853", "reference_id": "RHSA-2021:1853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0632", "reference_id": "RHSA-2022:0632", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0632" }, { "reference_url": "https://usn.ubuntu.com/4938-1/", "reference_id": "USN-4938-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4938-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049646?format=api", "purl": "pkg:deb/debian/unbound@1.13.1-1%2Bdeb11u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4etu-cddt-sbfm" }, { "vulnerability": "VCID-4sax-ynvh-abed" }, { "vulnerability": "VCID-b7b8-guvx-3bhy" }, { "vulnerability": "VCID-cjha-wacb-mqds" }, { "vulnerability": "VCID-pc5g-wqzg-rfhu" }, { "vulnerability": "VCID-zjjk-kfsd-e7ck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.13.1-1%252Bdeb11u2" } ], "aliases": [ "CVE-2019-25040" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a58b-qqsv-9fec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81746?format=api", "vulnerability_id": "VCID-am4a-hwtd-uybh", "summary": "unbound: integer overflow in the regional allocator via the ALIGN_UP macro", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25033.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25033.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25033", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55331", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55443", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55505", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55498", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55507", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55486", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55469", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55467", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55445", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55497", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25033" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25033", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25033" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954775", "reference_id": "1954775", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954775" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html", "reference_id": "msg00007.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:24:46Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210507-0007/", "reference_id": "ntap-20210507-0007", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:24:46Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210507-0007/" }, { "reference_url": "https://ostif.org/our-audit-of-unbound-dns-by-x41-d-sec-full-results/", "reference_id": "our-audit-of-unbound-dns-by-x41-d-sec-full-results", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:24:46Z/" } ], "url": "https://ostif.org/our-audit-of-unbound-dns-by-x41-d-sec-full-results/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7622", "reference_id": "RHSA-2022:7622", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7622" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0749", "reference_id": "RHSA-2024:0749", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0749" }, { "reference_url": "https://usn.ubuntu.com/4938-1/", "reference_id": "USN-4938-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4938-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049646?format=api", "purl": "pkg:deb/debian/unbound@1.13.1-1%2Bdeb11u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4etu-cddt-sbfm" }, { "vulnerability": "VCID-4sax-ynvh-abed" }, { "vulnerability": "VCID-b7b8-guvx-3bhy" }, { "vulnerability": "VCID-cjha-wacb-mqds" }, { "vulnerability": "VCID-pc5g-wqzg-rfhu" }, { "vulnerability": "VCID-zjjk-kfsd-e7ck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.13.1-1%252Bdeb11u2" } ], "aliases": [ "CVE-2019-25033" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-am4a-hwtd-uybh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31264?format=api", "vulnerability_id": "VCID-awc5-73ya-6faa", "summary": "Multiple vulnerabilities have been discovered in Unbound, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30699.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30699.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-30699", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.2924", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.2929", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29104", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29169", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29209", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29214", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29116", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29142", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-30699" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30699", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30699" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016493", "reference_id": "1016493", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016493" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116729", "reference_id": "2116729", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116729" }, { "reference_url": "https://security.gentoo.org/glsa/202212-02", "reference_id": "GLSA-202212-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202212-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7622", "reference_id": "RHSA-2022:7622", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7622" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8062", "reference_id": "RHSA-2022:8062", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8062" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2045", "reference_id": "RHSA-2024:2045", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2045" }, { "reference_url": "https://usn.ubuntu.com/5569-1/", "reference_id": "USN-5569-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5569-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049646?format=api", "purl": "pkg:deb/debian/unbound@1.13.1-1%2Bdeb11u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4etu-cddt-sbfm" }, { "vulnerability": "VCID-4sax-ynvh-abed" }, { "vulnerability": "VCID-b7b8-guvx-3bhy" }, { "vulnerability": "VCID-cjha-wacb-mqds" }, { "vulnerability": "VCID-pc5g-wqzg-rfhu" }, { "vulnerability": "VCID-zjjk-kfsd-e7ck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.13.1-1%252Bdeb11u2" } ], "aliases": [ "CVE-2022-30699" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-awc5-73ya-6faa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74433?format=api", "vulnerability_id": "VCID-b7b8-guvx-3bhy", "summary": "unbound: Heap-Buffer-Overflow in Unbound", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43168.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43168.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43168", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.25946", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26149", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.25915", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.25983", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26035", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26045", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.25941", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26109", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43168" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43168", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43168" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/NLnetLabs/unbound/issues/1039", "reference_id": "1039", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-09T19:19:04Z/" } ], "url": "https://github.com/NLnetLabs/unbound/issues/1039" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303462", "reference_id": "2303462", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-09T19:19:04Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303462" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4", "reference_id": "cpe:/a:redhat:openshift:4", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:16.2", "reference_id": "cpe:/a:redhat:openstack:16.2", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:16.2" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:17.1", "reference_id": "cpe:/a:redhat:openstack:17.1", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:17.1" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:18.0", "reference_id": "cpe:/a:redhat:openstack:18.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:18.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2024-43168", "reference_id": "CVE-2024-43168", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-09T19:19:04Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2024-43168" }, { "reference_url": "https://github.com/NLnetLabs/unbound/pull/1040/files", "reference_id": "files", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-09T19:19:04Z/" } ], "url": "https://github.com/NLnetLabs/unbound/pull/1040/files" }, { "reference_url": "https://usn.ubuntu.com/6998-1/", "reference_id": "USN-6998-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6998-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049672?format=api", "purl": "pkg:deb/debian/unbound@1.17.1-2%2Bdeb12u4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.17.1-2%252Bdeb12u4" } ], "aliases": [ "CVE-2024-43168" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b7b8-guvx-3bhy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76421?format=api", "vulnerability_id": "VCID-cjha-wacb-mqds", "summary": "unbound: DNSBomb vulnerability", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33655.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33655.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-33655", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03922", "scoring_system": "epss", "scoring_elements": "0.88324", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03922", "scoring_system": "epss", "scoring_elements": "0.88263", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03922", "scoring_system": "epss", "scoring_elements": "0.88278", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03922", "scoring_system": "epss", "scoring_elements": "0.88283", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03922", "scoring_system": "epss", "scoring_elements": "0.88303", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03922", "scoring_system": "epss", "scoring_elements": "0.88308", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03922", "scoring_system": "epss", "scoring_elements": "0.88319", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03922", "scoring_system": "epss", "scoring_elements": "0.88311", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-33655" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33655", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33655" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.isc.org/blogs/2024-dnsbomb/", "reference_id": "2024-dnsbomb", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T18:13:28Z/" } ], "url": "https://www.isc.org/blogs/2024-dnsbomb/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279942", "reference_id": "2279942", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279942" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3TBXPRJ2Q235YUZKYDRWOSYNDFBJQWJ3/", "reference_id": "3TBXPRJ2Q235YUZKYDRWOSYNDFBJQWJ3", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T18:13:28Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3TBXPRJ2Q235YUZKYDRWOSYNDFBJQWJ3/" }, { "reference_url": "https://gitlab.isc.org/isc-projects/bind9/-/issues/4398", "reference_id": "4398", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T18:13:28Z/" } ], "url": "https://gitlab.isc.org/isc-projects/bind9/-/issues/4398" }, { "reference_url": "https://sp2024.ieee-security.org/accepted-papers.html", "reference_id": "accepted-papers.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T18:13:28Z/" } ], "url": "https://sp2024.ieee-security.org/accepted-papers.html" }, { "reference_url": "https://alas.aws.amazon.com/ALAS-2024-1934.html", "reference_id": "ALAS-2024-1934.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T18:13:28Z/" } ], "url": "https://alas.aws.amazon.com/ALAS-2024-1934.html" }, { "reference_url": "https://github.com/NLnetLabs/unbound/commit/c3206f4568f60c486be6d165b1f2b5b254fea3de", "reference_id": "c3206f4568f60c486be6d165b1f2b5b254fea3de", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T18:13:28Z/" } ], "url": "https://github.com/NLnetLabs/unbound/commit/c3206f4568f60c486be6d165b1f2b5b254fea3de" }, { "reference_url": "https://github.com/TechnitiumSoftware/DnsServer/blob/master/CHANGELOG.md#version-120", "reference_id": "CHANGELOG.md#version-120", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T18:13:28Z/" } ], "url": "https://github.com/TechnitiumSoftware/DnsServer/blob/master/CHANGELOG.md#version-120" }, { "reference_url": "https://nlnetlabs.nl/downloads/unbound/CVE-2024-33655.txt", "reference_id": "CVE-2024-33655.txt", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T18:13:28Z/" } ], "url": "https://nlnetlabs.nl/downloads/unbound/CVE-2024-33655.txt" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QITY2QBX2OCBTZIXD2A5ES62STFIA4AL/", "reference_id": "QITY2QBX2OCBTZIXD2A5ES62STFIA4AL", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T18:13:28Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QITY2QBX2OCBTZIXD2A5ES62STFIA4AL/" }, { "reference_url": "https://meterpreter.org/researchers-uncover-dnsbomb-a-new-pdos-attack-exploiting-legitimate-dns-features/", "reference_id": "researchers-uncover-dnsbomb-a-new-pdos-attack-exploiting-legitimate-dns-features", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T18:13:28Z/" } ], "url": "https://meterpreter.org/researchers-uncover-dnsbomb-a-new-pdos-attack-exploiting-legitimate-dns-features/" }, { "reference_url": "https://datatracker.ietf.org/doc/html/rfc1035", "reference_id": "rfc1035", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T18:13:28Z/" } ], "url": "https://datatracker.ietf.org/doc/html/rfc1035" }, { "reference_url": "https://nlnetlabs.nl/projects/unbound/security-advisories/", "reference_id": "security-advisories", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T18:13:28Z/" } ], "url": "https://nlnetlabs.nl/projects/unbound/security-advisories/" }, { "reference_url": "https://usn.ubuntu.com/6791-1/", "reference_id": "USN-6791-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6791-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049672?format=api", "purl": "pkg:deb/debian/unbound@1.17.1-2%2Bdeb12u4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.17.1-2%252Bdeb12u4" } ], "aliases": [ "CVE-2024-33655" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cjha-wacb-mqds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81754?format=api", "vulnerability_id": "VCID-dc9g-bdph-9qa3", "summary": "unbound: assertion failure via a compressed name in dname_pkt_copy", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25041.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25041.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25041", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77217", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77223", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77252", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77235", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77266", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77275", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77302", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77282", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77279", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77319", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25041" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954801", "reference_id": "1954801", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954801" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1853", "reference_id": "RHSA-2021:1853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0632", "reference_id": "RHSA-2022:0632", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0632" }, { "reference_url": "https://usn.ubuntu.com/4938-1/", "reference_id": "USN-4938-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4938-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049646?format=api", "purl": "pkg:deb/debian/unbound@1.13.1-1%2Bdeb11u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4etu-cddt-sbfm" }, { "vulnerability": "VCID-4sax-ynvh-abed" }, { "vulnerability": "VCID-b7b8-guvx-3bhy" }, { "vulnerability": "VCID-cjha-wacb-mqds" }, { "vulnerability": "VCID-pc5g-wqzg-rfhu" }, { "vulnerability": "VCID-zjjk-kfsd-e7ck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.13.1-1%252Bdeb11u2" } ], "aliases": [ "CVE-2019-25041" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dc9g-bdph-9qa3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81749?format=api", "vulnerability_id": "VCID-dnkp-t2z3-gbcm", "summary": "unbound: assertion failure and denial of service in synth_cname", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25036.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25036.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25036", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77158", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77165", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77194", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77176", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77208", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77217", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77245", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77223", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.7722", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.7726", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25036" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954782", "reference_id": "1954782", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954782" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1853", "reference_id": "RHSA-2021:1853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0632", "reference_id": "RHSA-2022:0632", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0632" }, { "reference_url": "https://usn.ubuntu.com/4938-1/", "reference_id": "USN-4938-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4938-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049646?format=api", "purl": "pkg:deb/debian/unbound@1.13.1-1%2Bdeb11u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4etu-cddt-sbfm" }, { "vulnerability": "VCID-4sax-ynvh-abed" }, { "vulnerability": "VCID-b7b8-guvx-3bhy" }, { "vulnerability": "VCID-cjha-wacb-mqds" }, { "vulnerability": "VCID-pc5g-wqzg-rfhu" }, { "vulnerability": "VCID-zjjk-kfsd-e7ck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.13.1-1%252Bdeb11u2" } ], "aliases": [ "CVE-2019-25036" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dnkp-t2z3-gbcm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81253?format=api", "vulnerability_id": "VCID-e25c-xfn1-1bhn", "summary": "unbound: infinite loop via malformed DNS answers received from upstream servers", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12663.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12663.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12663", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09083", "scoring_system": "epss", "scoring_elements": "0.92621", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.09083", "scoring_system": "epss", "scoring_elements": "0.92669", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.09083", "scoring_system": "epss", "scoring_elements": "0.9265", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.09083", "scoring_system": "epss", "scoring_elements": "0.92655", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.09083", "scoring_system": "epss", "scoring_elements": "0.92628", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.09083", "scoring_system": "epss", "scoring_elements": "0.92634", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.09083", "scoring_system": "epss", "scoring_elements": "0.92635", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.09083", "scoring_system": "epss", "scoring_elements": "0.92645", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12663" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12662", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12662" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12663", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12663" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1837604", "reference_id": "1837604", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1837604" }, { "reference_url": "https://security.archlinux.org/ASA-202005-14", "reference_id": "ASA-202005-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202005-14" }, { "reference_url": "https://security.archlinux.org/AVG-1164", "reference_id": "AVG-1164", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1164" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2414", "reference_id": "RHSA-2020:2414", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2414" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2416", "reference_id": "RHSA-2020:2416", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2416" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2418", "reference_id": "RHSA-2020:2418", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2418" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2419", "reference_id": "RHSA-2020:2419", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2419" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2640", "reference_id": "RHSA-2020:2640", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2640" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4181", "reference_id": "RHSA-2020:4181", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4181" }, { "reference_url": "https://usn.ubuntu.com/4374-1/", "reference_id": "USN-4374-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4374-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038109?format=api", "purl": "pkg:deb/debian/unbound@1.9.0-2%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d5q-y4tv-ukgb" }, { "vulnerability": "VCID-3e4q-7bsf-fyh2" }, { "vulnerability": "VCID-4etu-cddt-sbfm" }, { "vulnerability": "VCID-4sax-ynvh-abed" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-6wjx-c9v1-nqf9" }, { "vulnerability": "VCID-a58b-qqsv-9fec" }, { "vulnerability": "VCID-am4a-hwtd-uybh" }, { "vulnerability": "VCID-awc5-73ya-6faa" }, { "vulnerability": "VCID-b7b8-guvx-3bhy" }, { "vulnerability": "VCID-cjha-wacb-mqds" }, { "vulnerability": "VCID-dc9g-bdph-9qa3" }, { "vulnerability": "VCID-dnkp-t2z3-gbcm" }, { "vulnerability": "VCID-e25c-xfn1-1bhn" }, { "vulnerability": "VCID-e3w8-8bks-rbg6" }, { "vulnerability": "VCID-f23u-dymp-63c9" }, { "vulnerability": "VCID-fwbt-2wnn-p3cw" }, { "vulnerability": "VCID-kzmv-f7dr-uqcm" }, { "vulnerability": "VCID-nrbr-ruhk-8khx" }, { "vulnerability": "VCID-pb7a-j1ff-dbf7" }, { "vulnerability": "VCID-pc5g-wqzg-rfhu" }, { "vulnerability": "VCID-pquu-mx3q-2bay" }, { "vulnerability": "VCID-qtvr-wfa9-qke6" }, { "vulnerability": "VCID-twch-y9hk-ybew" }, { "vulnerability": "VCID-u811-711b-87c4" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-ywzz-4ya4-cyh9" }, { "vulnerability": "VCID-zjjk-kfsd-e7ck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.9.0-2%252Bdeb10u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049646?format=api", "purl": "pkg:deb/debian/unbound@1.13.1-1%2Bdeb11u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4etu-cddt-sbfm" }, { "vulnerability": "VCID-4sax-ynvh-abed" }, { "vulnerability": "VCID-b7b8-guvx-3bhy" }, { "vulnerability": "VCID-cjha-wacb-mqds" }, { "vulnerability": "VCID-pc5g-wqzg-rfhu" }, { "vulnerability": "VCID-zjjk-kfsd-e7ck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.13.1-1%252Bdeb11u2" } ], "aliases": [ "CVE-2020-12663" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e25c-xfn1-1bhn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33755?format=api", "vulnerability_id": "VCID-e3w8-8bks-rbg6", "summary": "A vulnerability was discovered in NSD which could allow a local\n attacker to cause a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28935.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28935.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28935", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20304", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20233", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20449", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20508", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20313", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20372", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20402", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22287", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22228", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.2223", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28935" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28935", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28935" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1878761", "reference_id": "1878761", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1878761" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977165", "reference_id": "977165", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977165" }, { "reference_url": "https://security.archlinux.org/ASA-202012-17", "reference_id": "ASA-202012-17", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202012-17" }, { "reference_url": "https://security.archlinux.org/ASA-202012-18", "reference_id": "ASA-202012-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202012-18" }, { "reference_url": "https://security.archlinux.org/AVG-1326", "reference_id": "AVG-1326", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1326" }, { "reference_url": "https://security.archlinux.org/AVG-1327", "reference_id": "AVG-1327", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1327" }, { "reference_url": "https://security.gentoo.org/glsa/202101-38", "reference_id": "GLSA-202101-38", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202101-38" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1853", "reference_id": "RHSA-2021:1853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0632", "reference_id": "RHSA-2022:0632", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0632" }, { "reference_url": "https://usn.ubuntu.com/4938-1/", "reference_id": "USN-4938-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4938-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049646?format=api", "purl": "pkg:deb/debian/unbound@1.13.1-1%2Bdeb11u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4etu-cddt-sbfm" }, { "vulnerability": "VCID-4sax-ynvh-abed" }, { "vulnerability": "VCID-b7b8-guvx-3bhy" }, { "vulnerability": "VCID-cjha-wacb-mqds" }, { "vulnerability": "VCID-pc5g-wqzg-rfhu" }, { "vulnerability": "VCID-zjjk-kfsd-e7ck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.13.1-1%252Bdeb11u2" } ], "aliases": [ "CVE-2020-28935" ], "risk_score": 2.0, "exploitability": "0.5", "weighted_severity": "4.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e3w8-8bks-rbg6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81756?format=api", "vulnerability_id": "VCID-f23u-dymp-63c9", "summary": "unbound: configuration injection in create_unbound_ad_servers.sh upon a successful man-in-the-middle attack against a cleartext HTTP session", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25031.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25031.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25031", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00811", "scoring_system": "epss", "scoring_elements": "0.74183", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00811", "scoring_system": "epss", "scoring_elements": "0.74188", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00811", "scoring_system": "epss", "scoring_elements": "0.74216", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00811", "scoring_system": "epss", "scoring_elements": "0.74221", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00811", "scoring_system": "epss", "scoring_elements": "0.74236", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00811", "scoring_system": "epss", "scoring_elements": "0.74257", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00811", "scoring_system": "epss", "scoring_elements": "0.74238", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00811", "scoring_system": "epss", "scoring_elements": "0.74231", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00811", "scoring_system": "epss", "scoring_elements": "0.74269", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25031" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25031", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25031" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954809", "reference_id": "1954809", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954809" }, { "reference_url": "https://usn.ubuntu.com/4938-1/", "reference_id": "USN-4938-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4938-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049646?format=api", "purl": "pkg:deb/debian/unbound@1.13.1-1%2Bdeb11u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4etu-cddt-sbfm" }, { "vulnerability": "VCID-4sax-ynvh-abed" }, { "vulnerability": "VCID-b7b8-guvx-3bhy" }, { "vulnerability": "VCID-cjha-wacb-mqds" }, { "vulnerability": "VCID-pc5g-wqzg-rfhu" }, { "vulnerability": "VCID-zjjk-kfsd-e7ck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.13.1-1%252Bdeb11u2" } ], "aliases": [ "CVE-2019-25031" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f23u-dymp-63c9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81745?format=api", "vulnerability_id": "VCID-fwbt-2wnn-p3cw", "summary": "unbound: integer overflow in the regional allocator via regional_alloc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25032.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25032.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25032", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.72917", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.72929", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.72948", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.72925", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.72962", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.72975", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.73", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.7298", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.72973", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.73014", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25032" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25032", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25032" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954772", "reference_id": "1954772", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954772" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1853", "reference_id": "RHSA-2021:1853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0632", "reference_id": "RHSA-2022:0632", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0632" }, { "reference_url": "https://usn.ubuntu.com/4938-1/", "reference_id": "USN-4938-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4938-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049646?format=api", "purl": "pkg:deb/debian/unbound@1.13.1-1%2Bdeb11u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4etu-cddt-sbfm" }, { "vulnerability": "VCID-4sax-ynvh-abed" }, { "vulnerability": "VCID-b7b8-guvx-3bhy" }, { "vulnerability": "VCID-cjha-wacb-mqds" }, { "vulnerability": "VCID-pc5g-wqzg-rfhu" }, { "vulnerability": "VCID-zjjk-kfsd-e7ck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.13.1-1%252Bdeb11u2" } ], "aliases": [ "CVE-2019-25032" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fwbt-2wnn-p3cw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/58865?format=api", "vulnerability_id": "VCID-gbja-rskm-j3bb", "summary": "Multiple Denial of Service vulnerabilities were found in Unbound.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061243.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061243.html" }, { "reference_url": "http://osvdb.org/72750", "reference_id": "", "reference_type": "", "scores": [], "url": "http://osvdb.org/72750" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1922", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01218", "scoring_system": "epss", "scoring_elements": "0.79072", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01218", "scoring_system": "epss", "scoring_elements": "0.78997", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01218", "scoring_system": "epss", "scoring_elements": "0.79003", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01218", "scoring_system": "epss", "scoring_elements": "0.7903", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01218", "scoring_system": "epss", "scoring_elements": "0.79014", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01218", "scoring_system": "epss", "scoring_elements": "0.79038", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01218", "scoring_system": "epss", "scoring_elements": "0.79045", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01218", "scoring_system": "epss", "scoring_elements": "0.79069", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01218", "scoring_system": "epss", "scoring_elements": "0.79054", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01218", "scoring_system": "epss", "scoring_elements": "0.79044", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1922" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1922", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1922" }, { "reference_url": "http://secunia.com/advisories/44865", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/44865" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67645", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67645" }, { "reference_url": "http://unbound.nlnetlabs.nl/downloads/CVE-2011-1922.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://unbound.nlnetlabs.nl/downloads/CVE-2011-1922.txt" }, { "reference_url": "http://www.kb.cert.org/vuls/id/531342", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.kb.cert.org/vuls/id/531342" }, { "reference_url": "http://www.securityfocus.com/bid/47986", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/47986" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:nlnetlabs:unbound:1.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:nlnetlabs:unbound:1.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:nlnetlabs:unbound:1.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:nlnetlabs:unbound:1.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:nlnetlabs:unbound:1.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:nlnetlabs:unbound:1.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:nlnetlabs:unbound:1.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:nlnetlabs:unbound:1.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:nlnetlabs:unbound:1.3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.3.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:nlnetlabs:unbound:1.3.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.3.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:nlnetlabs:unbound:1.3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.3.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:nlnetlabs:unbound:1.3.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.3.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:nlnetlabs:unbound:1.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:nlnetlabs:unbound:1.4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:nlnetlabs:unbound:1.4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.4.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:nlnetlabs:unbound:1.4.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.4.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.4.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:nlnetlabs:unbound:1.4.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.4.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.4.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:nlnetlabs:unbound:1.4.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.4.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.4.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:nlnetlabs:unbound:1.4.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.4.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.4.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:nlnetlabs:unbound:1.4.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.4.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.4.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:nlnetlabs:unbound:1.4.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.4.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.4.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:nlnetlabs:unbound:1.4.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:1.4.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1922", "reference_id": "CVE-2011-1922", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1922" }, { "reference_url": "https://security.gentoo.org/glsa/201110-12", "reference_id": "GLSA-201110-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201110-12" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035237?format=api", "purl": "pkg:deb/debian/unbound@1.4.17-3%2Bdeb7u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d5q-y4tv-ukgb" }, { "vulnerability": "VCID-3e4q-7bsf-fyh2" }, { "vulnerability": "VCID-4etu-cddt-sbfm" }, { "vulnerability": "VCID-4sax-ynvh-abed" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-6wjx-c9v1-nqf9" }, { "vulnerability": "VCID-a58b-qqsv-9fec" }, { "vulnerability": "VCID-am4a-hwtd-uybh" }, { "vulnerability": "VCID-awc5-73ya-6faa" }, { "vulnerability": "VCID-b7b8-guvx-3bhy" }, { "vulnerability": "VCID-cjha-wacb-mqds" }, { "vulnerability": "VCID-dc9g-bdph-9qa3" }, { "vulnerability": "VCID-dnkp-t2z3-gbcm" }, { "vulnerability": "VCID-e25c-xfn1-1bhn" }, { "vulnerability": "VCID-e3w8-8bks-rbg6" }, { "vulnerability": "VCID-f23u-dymp-63c9" }, { "vulnerability": "VCID-fwbt-2wnn-p3cw" }, { "vulnerability": "VCID-kzmv-f7dr-uqcm" }, { "vulnerability": "VCID-nrbr-ruhk-8khx" }, { "vulnerability": "VCID-pb7a-j1ff-dbf7" }, { "vulnerability": "VCID-pc5g-wqzg-rfhu" }, { "vulnerability": "VCID-pquu-mx3q-2bay" }, { "vulnerability": "VCID-qtvr-wfa9-qke6" }, { "vulnerability": "VCID-ta1t-nmud-eudt" }, { "vulnerability": "VCID-twch-y9hk-ybew" }, { "vulnerability": "VCID-u811-711b-87c4" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-ynr4-2ksj-hqf1" }, { "vulnerability": "VCID-ywzz-4ya4-cyh9" }, { "vulnerability": "VCID-zjjk-kfsd-e7ck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.4.17-3%252Bdeb7u2" } ], "aliases": [ "CVE-2011-1922" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gbja-rskm-j3bb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81252?format=api", "vulnerability_id": "VCID-kzmv-f7dr-uqcm", "summary": "unbound: amplification of an incoming query into a large number of queries directed to a target", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12662.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12662.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12662", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.15507", "scoring_system": "epss", "scoring_elements": "0.9463", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.15507", "scoring_system": "epss", "scoring_elements": "0.94677", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.15507", "scoring_system": "epss", "scoring_elements": "0.94668", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.15507", "scoring_system": "epss", "scoring_elements": "0.94669", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.15507", "scoring_system": "epss", "scoring_elements": "0.94637", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.15507", "scoring_system": "epss", "scoring_elements": "0.94644", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.15507", "scoring_system": "epss", "scoring_elements": "0.94646", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.15507", "scoring_system": "epss", "scoring_elements": "0.94656", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.15507", "scoring_system": "epss", "scoring_elements": "0.94661", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.15507", "scoring_system": "epss", "scoring_elements": "0.94665", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12662" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12662", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12662" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12663", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12663" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1837597", "reference_id": "1837597", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1837597" }, { "reference_url": "https://security.archlinux.org/ASA-202005-14", "reference_id": "ASA-202005-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202005-14" }, { "reference_url": "https://security.archlinux.org/AVG-1164", "reference_id": "AVG-1164", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1164" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2414", "reference_id": "RHSA-2020:2414", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2414" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2416", "reference_id": "RHSA-2020:2416", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2416" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2418", "reference_id": "RHSA-2020:2418", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2418" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2419", "reference_id": "RHSA-2020:2419", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2419" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2640", "reference_id": "RHSA-2020:2640", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2640" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4181", "reference_id": "RHSA-2020:4181", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4181" }, { "reference_url": "https://usn.ubuntu.com/4374-1/", "reference_id": "USN-4374-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4374-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038109?format=api", "purl": "pkg:deb/debian/unbound@1.9.0-2%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d5q-y4tv-ukgb" }, { "vulnerability": "VCID-3e4q-7bsf-fyh2" }, { "vulnerability": "VCID-4etu-cddt-sbfm" }, { "vulnerability": "VCID-4sax-ynvh-abed" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-6wjx-c9v1-nqf9" }, { "vulnerability": "VCID-a58b-qqsv-9fec" }, { "vulnerability": "VCID-am4a-hwtd-uybh" }, { "vulnerability": "VCID-awc5-73ya-6faa" }, { "vulnerability": "VCID-b7b8-guvx-3bhy" }, { "vulnerability": "VCID-cjha-wacb-mqds" }, { "vulnerability": "VCID-dc9g-bdph-9qa3" }, { "vulnerability": "VCID-dnkp-t2z3-gbcm" }, { "vulnerability": "VCID-e25c-xfn1-1bhn" }, { "vulnerability": "VCID-e3w8-8bks-rbg6" }, { "vulnerability": "VCID-f23u-dymp-63c9" }, { "vulnerability": "VCID-fwbt-2wnn-p3cw" }, { "vulnerability": "VCID-kzmv-f7dr-uqcm" }, { "vulnerability": "VCID-nrbr-ruhk-8khx" }, { "vulnerability": "VCID-pb7a-j1ff-dbf7" }, { "vulnerability": "VCID-pc5g-wqzg-rfhu" }, { "vulnerability": "VCID-pquu-mx3q-2bay" }, { "vulnerability": "VCID-qtvr-wfa9-qke6" }, { "vulnerability": "VCID-twch-y9hk-ybew" }, { "vulnerability": "VCID-u811-711b-87c4" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-ywzz-4ya4-cyh9" }, { "vulnerability": "VCID-zjjk-kfsd-e7ck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.9.0-2%252Bdeb10u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049646?format=api", "purl": "pkg:deb/debian/unbound@1.13.1-1%2Bdeb11u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4etu-cddt-sbfm" }, { "vulnerability": "VCID-4sax-ynvh-abed" }, { "vulnerability": "VCID-b7b8-guvx-3bhy" }, { "vulnerability": "VCID-cjha-wacb-mqds" }, { "vulnerability": "VCID-pc5g-wqzg-rfhu" }, { "vulnerability": "VCID-zjjk-kfsd-e7ck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.13.1-1%252Bdeb11u2" } ], "aliases": [ "CVE-2020-12662" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kzmv-f7dr-uqcm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48881?format=api", "vulnerability_id": "VCID-mf5b-6b5g-yybj", "summary": "Multiple Denial of Service vulnerabilities have been found in\n Unbound.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4869", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02083", "scoring_system": "epss", "scoring_elements": "0.83929", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02083", "scoring_system": "epss", "scoring_elements": "0.83943", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02083", "scoring_system": "epss", "scoring_elements": "0.83959", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02083", "scoring_system": "epss", "scoring_elements": "0.83961", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02083", "scoring_system": "epss", "scoring_elements": "0.83984", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02083", "scoring_system": "epss", "scoring_elements": "0.83991", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02083", "scoring_system": "epss", "scoring_elements": "0.84007", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02083", "scoring_system": "epss", "scoring_elements": "0.84001", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02083", "scoring_system": "epss", "scoring_elements": "0.83997", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02083", "scoring_system": "epss", "scoring_elements": "0.84021", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4869" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4869", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4869" }, { "reference_url": "https://security.gentoo.org/glsa/201311-18", "reference_id": "GLSA-201311-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201311-18" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035237?format=api", "purl": "pkg:deb/debian/unbound@1.4.17-3%2Bdeb7u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d5q-y4tv-ukgb" }, { "vulnerability": "VCID-3e4q-7bsf-fyh2" }, { "vulnerability": "VCID-4etu-cddt-sbfm" }, { "vulnerability": "VCID-4sax-ynvh-abed" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-6wjx-c9v1-nqf9" }, { "vulnerability": "VCID-a58b-qqsv-9fec" }, { "vulnerability": "VCID-am4a-hwtd-uybh" }, { "vulnerability": "VCID-awc5-73ya-6faa" }, { "vulnerability": "VCID-b7b8-guvx-3bhy" }, { "vulnerability": "VCID-cjha-wacb-mqds" }, { "vulnerability": "VCID-dc9g-bdph-9qa3" }, { "vulnerability": "VCID-dnkp-t2z3-gbcm" }, { "vulnerability": "VCID-e25c-xfn1-1bhn" }, { "vulnerability": "VCID-e3w8-8bks-rbg6" }, { "vulnerability": "VCID-f23u-dymp-63c9" }, { "vulnerability": "VCID-fwbt-2wnn-p3cw" }, { "vulnerability": "VCID-kzmv-f7dr-uqcm" }, { "vulnerability": "VCID-nrbr-ruhk-8khx" }, { "vulnerability": "VCID-pb7a-j1ff-dbf7" }, { "vulnerability": "VCID-pc5g-wqzg-rfhu" }, { "vulnerability": "VCID-pquu-mx3q-2bay" }, { "vulnerability": "VCID-qtvr-wfa9-qke6" }, { "vulnerability": "VCID-ta1t-nmud-eudt" }, { "vulnerability": "VCID-twch-y9hk-ybew" }, { "vulnerability": "VCID-u811-711b-87c4" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-ynr4-2ksj-hqf1" }, { "vulnerability": "VCID-ywzz-4ya4-cyh9" }, { "vulnerability": "VCID-zjjk-kfsd-e7ck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.4.17-3%252Bdeb7u2" } ], "aliases": [ "CVE-2011-4869" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mf5b-6b5g-yybj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81750?format=api", "vulnerability_id": "VCID-nrbr-ruhk-8khx", "summary": "unbound: assertion failure and denial of service in dname_pkt_copy via an invalid packet", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25037.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25037.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25037", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77217", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77223", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77319", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77275", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77302", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77282", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77279", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77252", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77235", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77266", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25037" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25037", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25037" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954794", "reference_id": "1954794", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954794" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html", "reference_id": "msg00007.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T14:58:32Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210507-0007/", "reference_id": "ntap-20210507-0007", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T14:58:32Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210507-0007/" }, { "reference_url": "https://ostif.org/our-audit-of-unbound-dns-by-x41-d-sec-full-results/", "reference_id": "our-audit-of-unbound-dns-by-x41-d-sec-full-results", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T14:58:32Z/" } ], "url": "https://ostif.org/our-audit-of-unbound-dns-by-x41-d-sec-full-results/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1853", "reference_id": "RHSA-2021:1853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0632", "reference_id": "RHSA-2022:0632", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0632" }, { "reference_url": "https://usn.ubuntu.com/4938-1/", "reference_id": "USN-4938-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4938-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049646?format=api", "purl": "pkg:deb/debian/unbound@1.13.1-1%2Bdeb11u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4etu-cddt-sbfm" }, { "vulnerability": "VCID-4sax-ynvh-abed" }, { "vulnerability": "VCID-b7b8-guvx-3bhy" }, { "vulnerability": "VCID-cjha-wacb-mqds" }, { "vulnerability": "VCID-pc5g-wqzg-rfhu" }, { "vulnerability": "VCID-zjjk-kfsd-e7ck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.13.1-1%252Bdeb11u2" } ], "aliases": [ "CVE-2019-25037" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nrbr-ruhk-8khx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81755?format=api", "vulnerability_id": "VCID-pb7a-j1ff-dbf7", "summary": "unbound: out-of-bounds write via a compressed name in rdata_copy", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25042.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25042.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25042", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72792", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72799", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72819", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72795", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72833", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72847", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72872", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72855", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72848", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.7289", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25042" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25042", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25042" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954804", "reference_id": "1954804", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954804" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1853", "reference_id": "RHSA-2021:1853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0632", "reference_id": "RHSA-2022:0632", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0632" }, { "reference_url": "https://usn.ubuntu.com/4938-1/", "reference_id": "USN-4938-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4938-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049646?format=api", "purl": "pkg:deb/debian/unbound@1.13.1-1%2Bdeb11u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4etu-cddt-sbfm" }, { "vulnerability": "VCID-4sax-ynvh-abed" }, { "vulnerability": "VCID-b7b8-guvx-3bhy" }, { "vulnerability": "VCID-cjha-wacb-mqds" }, { "vulnerability": "VCID-pc5g-wqzg-rfhu" }, { "vulnerability": "VCID-zjjk-kfsd-e7ck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.13.1-1%252Bdeb11u2" } ], "aliases": [ "CVE-2019-25042" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pb7a-j1ff-dbf7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66759?format=api", "vulnerability_id": "VCID-pc5g-wqzg-rfhu", "summary": "unbound: Unbound domain hijacking via promiscuous records", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11411.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11411.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11411", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21928", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21793", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21879", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.2189", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21851", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21981", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21745", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21823", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11411" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11411", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11411" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2405706", "reference_id": "2405706", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2405706" }, { "reference_url": "https://www.nlnetlabs.nl/downloads/unbound/CVE-2025-11411.txt", "reference_id": "CVE-2025-11411.txt", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:H/E:P" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-22T13:20:48Z/" } ], "url": "https://www.nlnetlabs.nl/downloads/unbound/CVE-2025-11411.txt" }, { "reference_url": "https://usn.ubuntu.com/7855-1/", "reference_id": "USN-7855-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7855-1/" }, { "reference_url": "https://usn.ubuntu.com/7855-2/", "reference_id": "USN-7855-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7855-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049672?format=api", "purl": "pkg:deb/debian/unbound@1.17.1-2%2Bdeb12u4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.17.1-2%252Bdeb12u4" } ], "aliases": [ "CVE-2025-11411" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pc5g-wqzg-rfhu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81797?format=api", "vulnerability_id": "VCID-pquu-mx3q-2bay", "summary": "unbound: command injection with data coming from a specially crafted IPSECKEY answer", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00067.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00067.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00069.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00069.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18934.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18934.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-18934", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00671", "scoring_system": "epss", "scoring_elements": "0.713", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00671", "scoring_system": "epss", "scoring_elements": "0.71391", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00671", "scoring_system": "epss", "scoring_elements": "0.71377", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00671", "scoring_system": "epss", "scoring_elements": "0.71362", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00671", "scoring_system": "epss", "scoring_elements": "0.71345", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00671", "scoring_system": "epss", "scoring_elements": "0.71308", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00671", "scoring_system": "epss", "scoring_elements": "0.71326", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00671", "scoring_system": "epss", "scoring_elements": "0.71341", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00671", "scoring_system": "epss", "scoring_elements": "0.71355", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-18934" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18934", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18934" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/NLnetLabs/unbound/blob/release-1.9.5/doc/Changelog", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/NLnetLabs/unbound/blob/release-1.9.5/doc/Changelog" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MOCR6JP7MSRARTOGEHGST64G4FJGX5VK/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MOCR6JP7MSRARTOGEHGST64G4FJGX5VK/" }, { "reference_url": "https://www.nlnetlabs.nl/downloads/unbound/CVE-2019-18934.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.nlnetlabs.nl/downloads/unbound/CVE-2019-18934.txt" }, { "reference_url": "https://www.nlnetlabs.nl/news/2019/Nov/19/unbound-1.9.5-released/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.nlnetlabs.nl/news/2019/Nov/19/unbound-1.9.5-released/" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/11/19/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2019/11/19/1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1776762", "reference_id": "1776762", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1776762" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:nlnetlabs:unbound:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-18934", "reference_id": "CVE-2019-18934", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-18934" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1716", "reference_id": "RHSA-2020:1716", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1716" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049646?format=api", "purl": "pkg:deb/debian/unbound@1.13.1-1%2Bdeb11u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4etu-cddt-sbfm" }, { "vulnerability": "VCID-4sax-ynvh-abed" }, { "vulnerability": "VCID-b7b8-guvx-3bhy" }, { "vulnerability": "VCID-cjha-wacb-mqds" }, { "vulnerability": "VCID-pc5g-wqzg-rfhu" }, { "vulnerability": "VCID-zjjk-kfsd-e7ck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.13.1-1%252Bdeb11u2" } ], "aliases": [ "CVE-2019-18934" ], "risk_score": 3.3, "exploitability": "0.5", "weighted_severity": "6.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pquu-mx3q-2bay" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81751?format=api", "vulnerability_id": "VCID-qtvr-wfa9-qke6", "summary": "unbound: integer overflow in a size calculation in dnscrypt/dnscrypt.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25038.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25038.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25038", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72792", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72799", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.7289", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72847", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72872", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72855", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72848", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72819", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72795", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72833", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25038" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25038", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25038" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954796", "reference_id": "1954796", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954796" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html", "reference_id": "msg00007.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-06-11T14:42:51Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210507-0007/", "reference_id": "ntap-20210507-0007", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-06-11T14:42:51Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210507-0007/" }, { "reference_url": "https://ostif.org/our-audit-of-unbound-dns-by-x41-d-sec-full-results/", "reference_id": "our-audit-of-unbound-dns-by-x41-d-sec-full-results", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-06-11T14:42:51Z/" } ], "url": "https://ostif.org/our-audit-of-unbound-dns-by-x41-d-sec-full-results/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1853", "reference_id": "RHSA-2021:1853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0632", "reference_id": "RHSA-2022:0632", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0632" }, { "reference_url": "https://usn.ubuntu.com/4938-1/", "reference_id": "USN-4938-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4938-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049646?format=api", "purl": "pkg:deb/debian/unbound@1.13.1-1%2Bdeb11u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4etu-cddt-sbfm" }, { "vulnerability": "VCID-4sax-ynvh-abed" }, { "vulnerability": "VCID-b7b8-guvx-3bhy" }, { "vulnerability": "VCID-cjha-wacb-mqds" }, { "vulnerability": "VCID-pc5g-wqzg-rfhu" }, { "vulnerability": "VCID-zjjk-kfsd-e7ck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.13.1-1%252Bdeb11u2" } ], "aliases": [ "CVE-2019-25038" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qtvr-wfa9-qke6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83718?format=api", "vulnerability_id": "VCID-ta1t-nmud-eudt", "summary": "unbound: Improper validation of wildcard synthesized NSEC records", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15105.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15105.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15105", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00686", "scoring_system": "epss", "scoring_elements": "0.71652", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00686", "scoring_system": "epss", "scoring_elements": "0.71659", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00686", "scoring_system": "epss", "scoring_elements": "0.71677", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00686", "scoring_system": "epss", "scoring_elements": "0.7165", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00686", "scoring_system": "epss", "scoring_elements": "0.71689", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00686", "scoring_system": "epss", "scoring_elements": "0.717", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00686", "scoring_system": "epss", "scoring_elements": "0.71724", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00686", "scoring_system": "epss", "scoring_elements": "0.71707", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00686", "scoring_system": "epss", "scoring_elements": "0.71733", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15105" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15105", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15105" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1507049", "reference_id": "1507049", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1507049" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=887733", "reference_id": "887733", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=887733" }, { "reference_url": "https://usn.ubuntu.com/3673-1/", "reference_id": "USN-3673-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3673-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038109?format=api", "purl": "pkg:deb/debian/unbound@1.9.0-2%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d5q-y4tv-ukgb" }, { "vulnerability": "VCID-3e4q-7bsf-fyh2" }, { "vulnerability": "VCID-4etu-cddt-sbfm" }, { "vulnerability": "VCID-4sax-ynvh-abed" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-6wjx-c9v1-nqf9" }, { "vulnerability": "VCID-a58b-qqsv-9fec" }, { "vulnerability": "VCID-am4a-hwtd-uybh" }, { "vulnerability": "VCID-awc5-73ya-6faa" }, { "vulnerability": "VCID-b7b8-guvx-3bhy" }, { "vulnerability": "VCID-cjha-wacb-mqds" }, { "vulnerability": "VCID-dc9g-bdph-9qa3" }, { "vulnerability": "VCID-dnkp-t2z3-gbcm" }, { "vulnerability": "VCID-e25c-xfn1-1bhn" }, { "vulnerability": "VCID-e3w8-8bks-rbg6" }, { "vulnerability": "VCID-f23u-dymp-63c9" }, { "vulnerability": "VCID-fwbt-2wnn-p3cw" }, { "vulnerability": "VCID-kzmv-f7dr-uqcm" }, { "vulnerability": "VCID-nrbr-ruhk-8khx" }, { "vulnerability": "VCID-pb7a-j1ff-dbf7" }, { "vulnerability": "VCID-pc5g-wqzg-rfhu" }, { "vulnerability": "VCID-pquu-mx3q-2bay" }, { "vulnerability": "VCID-qtvr-wfa9-qke6" }, { "vulnerability": "VCID-twch-y9hk-ybew" }, { "vulnerability": "VCID-u811-711b-87c4" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-ywzz-4ya4-cyh9" }, { "vulnerability": "VCID-zjjk-kfsd-e7ck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.9.0-2%252Bdeb10u2" } ], "aliases": [ "CVE-2017-15105" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ta1t-nmud-eudt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81752?format=api", "vulnerability_id": "VCID-twch-y9hk-ybew", "summary": "unbound: integer overflow in a size calculation in respip/respip.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25039.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25039.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25039", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72792", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72799", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72819", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72795", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72833", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72847", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72872", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72855", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72848", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.7289", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25039" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25039", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25039" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954797", "reference_id": "1954797", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954797" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1853", "reference_id": "RHSA-2021:1853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0632", "reference_id": "RHSA-2022:0632", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0632" }, { "reference_url": "https://usn.ubuntu.com/4938-1/", "reference_id": "USN-4938-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4938-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049646?format=api", "purl": "pkg:deb/debian/unbound@1.13.1-1%2Bdeb11u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4etu-cddt-sbfm" }, { "vulnerability": "VCID-4sax-ynvh-abed" }, { "vulnerability": "VCID-b7b8-guvx-3bhy" }, { "vulnerability": "VCID-cjha-wacb-mqds" }, { "vulnerability": "VCID-pc5g-wqzg-rfhu" }, { "vulnerability": "VCID-zjjk-kfsd-e7ck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.13.1-1%252Bdeb11u2" } ], "aliases": [ "CVE-2019-25039" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-twch-y9hk-ybew" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81747?format=api", "vulnerability_id": "VCID-u811-711b-87c4", "summary": "unbound: integer overflow in sldns_str2wire_dname_buf_origin can lead to an out-of-bounds write", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25034.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25034.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25034", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72792", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72799", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72819", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72795", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72833", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72847", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72872", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72855", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72848", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.7289", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25034" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25034", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25034" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954778", "reference_id": "1954778", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954778" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1853", "reference_id": "RHSA-2021:1853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0632", "reference_id": "RHSA-2022:0632", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0632" }, { "reference_url": "https://usn.ubuntu.com/4938-1/", "reference_id": "USN-4938-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4938-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049646?format=api", "purl": "pkg:deb/debian/unbound@1.13.1-1%2Bdeb11u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4etu-cddt-sbfm" }, { "vulnerability": "VCID-4sax-ynvh-abed" }, { "vulnerability": "VCID-b7b8-guvx-3bhy" }, { "vulnerability": "VCID-cjha-wacb-mqds" }, { "vulnerability": "VCID-pc5g-wqzg-rfhu" }, { "vulnerability": "VCID-zjjk-kfsd-e7ck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.13.1-1%252Bdeb11u2" } ], "aliases": [ "CVE-2019-25034" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u811-711b-87c4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61412?format=api", "vulnerability_id": "VCID-vprj-j7u6-zbe7", "summary": "Multiple vulnerabilities have been discovered in Dnsmasq, the worst of which could lead to a denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50868.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50868.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50868", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.11802", "scoring_system": "epss", "scoring_elements": "0.93713", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.11802", "scoring_system": "epss", "scoring_elements": "0.93712", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.11802", "scoring_system": "epss", "scoring_elements": "0.93708", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.11802", "scoring_system": "epss", "scoring_elements": "0.93694", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.11802", "scoring_system": "epss", "scoring_elements": "0.93684", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.11802", "scoring_system": "epss", "scoring_elements": "0.9373", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.11802", "scoring_system": "epss", "scoring_elements": "0.93706", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.11802", "scoring_system": "epss", "scoring_elements": "0.93696", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50868" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html", "reference_id": "017430.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845", "reference_id": "1063845", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852", "reference_id": "1063852", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077751", "reference_id": "1077751", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077751" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/02/16/2", "reference_id": "2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/02/16/2" }, { "reference_url": "https://www.isc.org/blogs/2024-bind-security-release/", "reference_id": "2024-bind-security-release", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://www.isc.org/blogs/2024-bind-security-release/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263917", "reference_id": "2263917", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263917" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/02/16/3", "reference_id": "3", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/02/16/3" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/", "reference_id": "6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/", "reference_id": "BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/" }, { "reference_url": "https://kb.isc.org/docs/cve-2023-50868", "reference_id": "cve-2023-50868", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://kb.isc.org/docs/cve-2023-50868" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-50868", "reference_id": "CVE-2023-50868", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2023-50868" }, { "reference_url": "https://security.gentoo.org/glsa/202412-10", "reference_id": "GLSA-202412-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-10" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/", "reference_id": "HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/", "reference_id": "IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html", "reference_id": "msg00006.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html", "reference_id": "msg00011.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240307-0008/", "reference_id": "ntap-20240307-0008", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240307-0008/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/", "reference_id": "PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/" }, { "reference_url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html", "reference_id": "powerdns-advisory-2024-01.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html" }, { "reference_url": "https://datatracker.ietf.org/doc/html/rfc5155", "reference_id": "rfc5155", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://datatracker.ietf.org/doc/html/rfc5155" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/", "reference_id": "RGS7JN6FZXUSTC2XKQHH27574XOULYYJ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0965", "reference_id": "RHSA-2024:0965", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0965" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0977", "reference_id": "RHSA-2024:0977", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0977" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0981", "reference_id": "RHSA-2024:0981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0982", "reference_id": "RHSA-2024:0982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11003", "reference_id": "RHSA-2024:11003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1334", "reference_id": "RHSA-2024:1334", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1334" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1335", "reference_id": "RHSA-2024:1335", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1335" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1522", "reference_id": "RHSA-2024:1522", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1522" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1543", "reference_id": "RHSA-2024:1543", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1543" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1544", "reference_id": "RHSA-2024:1544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1545", "reference_id": "RHSA-2024:1545", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1545" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1647", "reference_id": "RHSA-2024:1647", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1647" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1648", "reference_id": "RHSA-2024:1648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1648" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1781", "reference_id": "RHSA-2024:1781", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1781" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1782", "reference_id": "RHSA-2024:1782", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1782" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1789", "reference_id": "RHSA-2024:1789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1800", "reference_id": "RHSA-2024:1800", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1800" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1801", "reference_id": "RHSA-2024:1801", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1801" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1803", "reference_id": "RHSA-2024:1803", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1803" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1804", "reference_id": "RHSA-2024:1804", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1804" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2551", "reference_id": "RHSA-2024:2551", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2551" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2587", "reference_id": "RHSA-2024:2587", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2587" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2696", "reference_id": "RHSA-2024:2696", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2696" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2720", "reference_id": "RHSA-2024:2720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2721", "reference_id": "RHSA-2024:2721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2821", "reference_id": "RHSA-2024:2821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2890", "reference_id": "RHSA-2024:2890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3271", "reference_id": "RHSA-2024:3271", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3271" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3741", "reference_id": "RHSA-2024:3741", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3741" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3877", "reference_id": "RHSA-2024:3877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3929", "reference_id": "RHSA-2024:3929", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3929" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0039", "reference_id": "RHSA-2025:0039", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0039" }, { "reference_url": "https://bugzilla.suse.com/show_bug.cgi?id=1219826", "reference_id": "show_bug.cgi?id=1219826", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1219826" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/", "reference_id": "SVYA42BLXUCIDLD35YIJPJSHDIADNYMP", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/", "reference_id": "TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/" }, { "reference_url": "https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/", "reference_id": "unbound-1.19.1-released", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/", "reference_id": "UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/" }, { "reference_url": "https://usn.ubuntu.com/6633-1/", "reference_id": "USN-6633-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6633-1/" }, { "reference_url": "https://usn.ubuntu.com/6642-1/", "reference_id": "USN-6642-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6642-1/" }, { "reference_url": "https://usn.ubuntu.com/6657-1/", "reference_id": "USN-6657-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6657-1/" }, { "reference_url": "https://usn.ubuntu.com/6657-2/", "reference_id": "USN-6657-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6657-2/" }, { "reference_url": "https://usn.ubuntu.com/6665-1/", "reference_id": "USN-6665-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6665-1/" }, { "reference_url": "https://usn.ubuntu.com/6723-1/", "reference_id": "USN-6723-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6723-1/" }, { "reference_url": "https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1", "reference_id": "v5.7.1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/", "reference_id": "ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049646?format=api", "purl": "pkg:deb/debian/unbound@1.13.1-1%2Bdeb11u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4etu-cddt-sbfm" }, { "vulnerability": "VCID-4sax-ynvh-abed" }, { "vulnerability": "VCID-b7b8-guvx-3bhy" }, { "vulnerability": "VCID-cjha-wacb-mqds" }, { "vulnerability": "VCID-pc5g-wqzg-rfhu" }, { "vulnerability": "VCID-zjjk-kfsd-e7ck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.13.1-1%252Bdeb11u2" } ], "aliases": [ "CVE-2023-50868" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vprj-j7u6-zbe7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/58185?format=api", "vulnerability_id": "VCID-ynr4-2ksj-hqf1", "summary": "security update", "references": [ { "reference_url": "http://cert.ssi.gouv.fr/site/CERTFR-2014-AVI-512/index.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://cert.ssi.gouv.fr/site/CERTFR-2014-AVI-512/index.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8602.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8602.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8602", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0756", "scoring_system": "epss", "scoring_elements": "0.91853", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0756", "scoring_system": "epss", "scoring_elements": "0.9179", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0756", "scoring_system": "epss", "scoring_elements": "0.91799", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0756", "scoring_system": "epss", "scoring_elements": "0.91804", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0756", "scoring_system": "epss", "scoring_elements": "0.91812", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0756", "scoring_system": "epss", "scoring_elements": "0.91825", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0756", "scoring_system": "epss", "scoring_elements": "0.91831", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0756", "scoring_system": "epss", "scoring_elements": "0.91835", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0756", "scoring_system": "epss", "scoring_elements": "0.91837", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0756", "scoring_system": "epss", "scoring_elements": "0.91833", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8602" }, { "reference_url": "https://unbound.net/downloads/CVE-2014-8602.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://unbound.net/downloads/CVE-2014-8602.txt" }, { "reference_url": "http://unbound.net/downloads/patch_cve_2014_8602.diff", "reference_id": "", "reference_type": "", "scores": [], "url": "http://unbound.net/downloads/patch_cve_2014_8602.diff" }, { "reference_url": "http://www.debian.org/security/2014/dsa-3097", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2014/dsa-3097" }, { "reference_url": "http://www.kb.cert.org/vuls/id/264212", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.kb.cert.org/vuls/id/264212" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "reference_url": "http://www.securityfocus.com/bid/71589", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/71589" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2484-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2484-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1172065", "reference_id": "1172065", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1172065" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=772622", "reference_id": "772622", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=772622" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:nlnetlabs:unbound:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-8602", "reference_id": "CVE-2014-8602", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-8602" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2455", "reference_id": "RHSA-2015:2455", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2455" }, { "reference_url": "https://usn.ubuntu.com/2484-1/", "reference_id": "USN-2484-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2484-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035237?format=api", "purl": "pkg:deb/debian/unbound@1.4.17-3%2Bdeb7u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d5q-y4tv-ukgb" }, { "vulnerability": "VCID-3e4q-7bsf-fyh2" }, { "vulnerability": "VCID-4etu-cddt-sbfm" }, { "vulnerability": "VCID-4sax-ynvh-abed" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-6wjx-c9v1-nqf9" }, { "vulnerability": "VCID-a58b-qqsv-9fec" }, { "vulnerability": "VCID-am4a-hwtd-uybh" }, { "vulnerability": "VCID-awc5-73ya-6faa" }, { "vulnerability": "VCID-b7b8-guvx-3bhy" }, { "vulnerability": "VCID-cjha-wacb-mqds" }, { "vulnerability": "VCID-dc9g-bdph-9qa3" }, { "vulnerability": "VCID-dnkp-t2z3-gbcm" }, { "vulnerability": "VCID-e25c-xfn1-1bhn" }, { "vulnerability": "VCID-e3w8-8bks-rbg6" }, { "vulnerability": "VCID-f23u-dymp-63c9" }, { "vulnerability": "VCID-fwbt-2wnn-p3cw" }, { "vulnerability": "VCID-kzmv-f7dr-uqcm" }, { "vulnerability": "VCID-nrbr-ruhk-8khx" }, { "vulnerability": "VCID-pb7a-j1ff-dbf7" }, { "vulnerability": "VCID-pc5g-wqzg-rfhu" }, { "vulnerability": "VCID-pquu-mx3q-2bay" }, { "vulnerability": "VCID-qtvr-wfa9-qke6" }, { "vulnerability": "VCID-ta1t-nmud-eudt" }, { "vulnerability": "VCID-twch-y9hk-ybew" }, { "vulnerability": "VCID-u811-711b-87c4" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-ynr4-2ksj-hqf1" }, { "vulnerability": "VCID-ywzz-4ya4-cyh9" }, { "vulnerability": "VCID-zjjk-kfsd-e7ck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.4.17-3%252Bdeb7u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038105?format=api", "purl": "pkg:deb/debian/unbound@1.4.22-3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d5q-y4tv-ukgb" }, { "vulnerability": "VCID-3e4q-7bsf-fyh2" }, { "vulnerability": "VCID-4etu-cddt-sbfm" }, { "vulnerability": "VCID-4sax-ynvh-abed" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-6wjx-c9v1-nqf9" }, { "vulnerability": "VCID-a58b-qqsv-9fec" }, { "vulnerability": "VCID-am4a-hwtd-uybh" }, { "vulnerability": "VCID-awc5-73ya-6faa" }, { "vulnerability": "VCID-b7b8-guvx-3bhy" }, { "vulnerability": "VCID-cjha-wacb-mqds" }, { "vulnerability": "VCID-dc9g-bdph-9qa3" }, { "vulnerability": "VCID-dnkp-t2z3-gbcm" }, { "vulnerability": "VCID-e25c-xfn1-1bhn" }, { "vulnerability": "VCID-e3w8-8bks-rbg6" }, { "vulnerability": "VCID-f23u-dymp-63c9" }, { "vulnerability": "VCID-fwbt-2wnn-p3cw" }, { "vulnerability": "VCID-kzmv-f7dr-uqcm" }, { "vulnerability": "VCID-nrbr-ruhk-8khx" }, { "vulnerability": "VCID-pb7a-j1ff-dbf7" }, { "vulnerability": "VCID-pc5g-wqzg-rfhu" }, { "vulnerability": "VCID-pquu-mx3q-2bay" }, { "vulnerability": "VCID-qtvr-wfa9-qke6" }, { "vulnerability": "VCID-ta1t-nmud-eudt" }, { "vulnerability": "VCID-twch-y9hk-ybew" }, { "vulnerability": "VCID-u811-711b-87c4" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-ywzz-4ya4-cyh9" }, { "vulnerability": "VCID-zjjk-kfsd-e7ck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.4.22-3" } ], "aliases": [ "CVE-2014-8602" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ynr4-2ksj-hqf1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31262?format=api", "vulnerability_id": "VCID-ywzz-4ya4-cyh9", "summary": "Multiple vulnerabilities have been discovered in Unbound, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3204.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3204.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3204", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00356", "scoring_system": "epss", "scoring_elements": "0.57844", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00356", "scoring_system": "epss", "scoring_elements": "0.57897", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00356", "scoring_system": "epss", "scoring_elements": "0.57864", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00356", "scoring_system": "epss", "scoring_elements": "0.57839", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00356", "scoring_system": "epss", "scoring_elements": "0.57894", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00356", "scoring_system": "epss", "scoring_elements": "0.57895", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00356", "scoring_system": "epss", "scoring_elements": "0.57911", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00356", "scoring_system": "epss", "scoring_elements": "0.57888", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00356", "scoring_system": "epss", "scoring_elements": "0.57867", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3204" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3204", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3204" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2128947", "reference_id": "2128947", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2128947" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/35QGS5FBQTG3DBSK7QV67PA64P24ABHY/", "reference_id": "35QGS5FBQTG3DBSK7QV67PA64P24ABHY", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:58Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/35QGS5FBQTG3DBSK7QV67PA64P24ABHY/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3G2HS6CYPSIGAKO6QLEZPG3RD6AMPB7B/", "reference_id": "3G2HS6CYPSIGAKO6QLEZPG3RD6AMPB7B", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:58Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3G2HS6CYPSIGAKO6QLEZPG3RD6AMPB7B/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4S4EU6DMJXQFMAIE6SLAH4H5RNRU6VQL/", "reference_id": "4S4EU6DMJXQFMAIE6SLAH4H5RNRU6VQL", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:58Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4S4EU6DMJXQFMAIE6SLAH4H5RNRU6VQL/" }, { "reference_url": "https://www.nlnetlabs.nl/downloads/unbound/CVE-2022-3204.txt", "reference_id": "CVE-2022-3204.txt", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:58Z/" } ], "url": "https://www.nlnetlabs.nl/downloads/unbound/CVE-2022-3204.txt" }, { "reference_url": "https://security.gentoo.org/glsa/202212-02", "reference_id": "GLSA-202212-02", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:58Z/" } ], "url": "https://security.gentoo.org/glsa/202212-02" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00024.html", "reference_id": "msg00024.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:58Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00024.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2370", "reference_id": "RHSA-2023:2370", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2370" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2771", "reference_id": "RHSA-2023:2771", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2771" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2045", "reference_id": "RHSA-2024:2045", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2045" }, { "reference_url": "https://usn.ubuntu.com/5732-1/", "reference_id": "USN-5732-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5732-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049646?format=api", "purl": "pkg:deb/debian/unbound@1.13.1-1%2Bdeb11u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4etu-cddt-sbfm" }, { "vulnerability": "VCID-4sax-ynvh-abed" }, { "vulnerability": "VCID-b7b8-guvx-3bhy" }, { "vulnerability": "VCID-cjha-wacb-mqds" }, { "vulnerability": "VCID-pc5g-wqzg-rfhu" }, { "vulnerability": "VCID-zjjk-kfsd-e7ck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.13.1-1%252Bdeb11u2" } ], "aliases": [ "CVE-2022-3204" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ywzz-4ya4-cyh9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74432?format=api", "vulnerability_id": "VCID-zjjk-kfsd-e7ck", "summary": "unbound: NULL Pointer Dereference in Unbound", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43167.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43167.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43167", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07114", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07139", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07116", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07169", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.072", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07198", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07187", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07177", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.0709", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43167" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43167", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43167" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/NLnetLabs/unbound/issues/1072", "reference_id": "1072", "reference_type": "", "scores": [ { "value": "2.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-09T12:53:54Z/" } ], "url": "https://github.com/NLnetLabs/unbound/issues/1072" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078647", "reference_id": "1078647", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078647" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303456", "reference_id": "2303456", "reference_type": "", "scores": [ { "value": "2.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-09T12:53:54Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303456" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4", "reference_id": "cpe:/a:redhat:openshift:4", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:16.2", "reference_id": "cpe:/a:redhat:openstack:16.2", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:16.2" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:17.1", "reference_id": "cpe:/a:redhat:openstack:17.1", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:17.1" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:18.0", "reference_id": "cpe:/a:redhat:openstack:18.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:18.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2024-43167", "reference_id": "CVE-2024-43167", "reference_type": "", "scores": [ { "value": "2.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-09T12:53:54Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2024-43167" }, { "reference_url": "https://github.com/NLnetLabs/unbound/pull/1073/files", "reference_id": "files", "reference_type": "", "scores": [ { "value": "2.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-09T12:53:54Z/" } ], "url": "https://github.com/NLnetLabs/unbound/pull/1073/files" }, { "reference_url": "https://usn.ubuntu.com/6998-1/", "reference_id": "USN-6998-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6998-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049672?format=api", "purl": "pkg:deb/debian/unbound@1.17.1-2%2Bdeb12u4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.17.1-2%252Bdeb12u4" } ], "aliases": [ "CVE-2024-43167" ], "risk_score": 1.2, "exploitability": "0.5", "weighted_severity": "2.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zjjk-kfsd-e7ck" } ], "fixing_vulnerabilities": [], "risk_score": "4.4", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.4.6-1%252Bsqueeze3" }