Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1035487?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1035487?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "type": "deb", "namespace": "debian", "name": "icu", "version": "52.1-8+deb8u7", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "72.1-3+deb12u1", "latest_non_vulnerable_version": "72.1-3+deb12u1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80437?format=api", "vulnerability_id": "VCID-2bgz-463n-rbg4", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9911.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9911.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9911", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01804", "scoring_system": "epss", "scoring_elements": "0.82745", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01804", "scoring_system": "epss", "scoring_elements": "0.82761", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01804", "scoring_system": "epss", "scoring_elements": "0.82774", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01804", "scoring_system": "epss", "scoring_elements": "0.82771", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01804", "scoring_system": "epss", "scoring_elements": "0.82797", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01804", "scoring_system": "epss", "scoring_elements": "0.82802", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01804", "scoring_system": "epss", "scoring_elements": "0.82819", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01804", "scoring_system": "epss", "scoring_elements": "0.82814", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01804", "scoring_system": "epss", "scoring_elements": "0.82809", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01804", "scoring_system": "epss", "scoring_elements": "0.82848", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01804", "scoring_system": "epss", "scoring_elements": "0.8285", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1383569", "reference_id": "1383569", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1383569" }, { "reference_url": "https://usn.ubuntu.com/3227-1/", "reference_id": "USN-3227-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3227-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036847?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2014-9911" ], "risk_score": 3.8, "exploitability": "0.5", "weighted_severity": "7.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2bgz-463n-rbg4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84057?format=api", "vulnerability_id": "VCID-5es3-zr94-dfcm", "summary": "icu: Double free in i18n/zonemeta.cpp", "references": [ { "reference_url": "http://bugs.icu-project.org/trac/changeset/40324/trunk/icu4c/source/i18n/zonemeta.cpp", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.icu-project.org/trac/changeset/40324/trunk/icu4c/source/i18n/zonemeta.cpp" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14952.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14952.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14952", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02941", "scoring_system": "epss", "scoring_elements": "0.86373", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02941", "scoring_system": "epss", "scoring_elements": "0.86453", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02941", "scoring_system": "epss", "scoring_elements": "0.86431", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02941", "scoring_system": "epss", "scoring_elements": "0.86445", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02941", "scoring_system": "epss", "scoring_elements": "0.86444", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02941", "scoring_system": "epss", "scoring_elements": "0.86438", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02941", "scoring_system": "epss", "scoring_elements": "0.86455", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02941", "scoring_system": "epss", "scoring_elements": "0.86459", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02941", "scoring_system": "epss", "scoring_elements": "0.86384", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02941", "scoring_system": "epss", "scoring_elements": "0.86401", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02941", "scoring_system": "epss", "scoring_elements": "0.86402", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02941", "scoring_system": "epss", "scoring_elements": "0.86421", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14952" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14952" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html" }, { "reference_url": "http://www.sourcebrella.com/blog/double-free-vulnerability-international-components-unicode-icu/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.sourcebrella.com/blog/double-free-vulnerability-international-components-unicode-icu/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1510930", "reference_id": "1510930", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1510930" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878840", "reference_id": "878840", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878840" }, { "reference_url": "https://security.archlinux.org/ASA-201711-25", "reference_id": "ASA-201711-25", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-25" }, { "reference_url": "https://security.archlinux.org/ASA-201711-26", "reference_id": "ASA-201711-26", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-26" }, { "reference_url": "https://security.archlinux.org/AVG-504", "reference_id": "AVG-504", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-504" }, { "reference_url": "https://security.archlinux.org/AVG-507", "reference_id": "AVG-507", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-507" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:icu-project:international_components_for_unicode:*:*:*:*:*:c\\/c\\+\\+:*:*", "reference_id": "cpe:2.3:a:icu-project:international_components_for_unicode:*:*:*:*:*:c\\/c\\+\\+:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:icu-project:international_components_for_unicode:*:*:*:*:*:c\\/c\\+\\+:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14952", "reference_id": "CVE-2017-14952", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14952" }, { "reference_url": "https://usn.ubuntu.com/3458-1/", "reference_id": "USN-3458-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3458-1/" }, { "reference_url": "https://usn.ubuntu.com/3458-2/", "reference_id": "USN-3458-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3458-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038268?format=api", "purl": "pkg:deb/debian/icu@63.1-6%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-v547-6z4g-kba3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@63.1-6%252Bdeb10u3" } ], "aliases": [ "CVE-2017-14952" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5es3-zr94-dfcm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41877?format=api", "vulnerability_id": "VCID-5ht5-3ffs-mbe6", "summary": "An integer overflow flaw in ICU could possibly allow for the\n execution of arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00004.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10531.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10531.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10531", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0079", "scoring_system": "epss", "scoring_elements": "0.73823", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0079", "scoring_system": "epss", "scoring_elements": "0.73921", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0079", "scoring_system": "epss", "scoring_elements": "0.73878", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0079", "scoring_system": "epss", "scoring_elements": "0.7387", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0079", "scoring_system": "epss", "scoring_elements": "0.73913", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0079", "scoring_system": "epss", "scoring_elements": "0.73832", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0079", "scoring_system": "epss", "scoring_elements": "0.73857", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0079", "scoring_system": "epss", "scoring_elements": "0.73827", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0079", "scoring_system": "epss", "scoring_elements": "0.73862", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0079", "scoring_system": "epss", "scoring_elements": "0.73875", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0079", "scoring_system": "epss", "scoring_elements": "0.73897", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10531" }, { "reference_url": "https://bugs.chromium.org/p/chromium/issues/detail?id=1044570", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.chromium.org/p/chromium/issues/detail?id=1044570" }, { "reference_url": "https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_24.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_24.html" }, { "reference_url": "https://chromium.googlesource.com/chromium/deps/icu/+/9f4020916eb1f28f3666f018fdcbe6c9a37f0e08", "reference_id": "", "reference_type": "", "scores": [], "url": "https://chromium.googlesource.com/chromium/deps/icu/+/9f4020916eb1f28f3666f018fdcbe6c9a37f0e08" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10531", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10531" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/unicode-org/icu/commit/b7d08bc04a4296982fcef8b6b8a354a9e4e7afca", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/unicode-org/icu/commit/b7d08bc04a4296982fcef8b6b8a354a9e4e7afca" }, { "reference_url": "https://github.com/unicode-org/icu/pull/971", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/unicode-org/icu/pull/971" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00024.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00024.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4OOYAMJVLLCLXDTHW3V5UXNULZBBK4O6/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4OOYAMJVLLCLXDTHW3V5UXNULZBBK4O6/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IOHSO6BUKC6I66J5PZOMAGFVJ66ZS57/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IOHSO6BUKC6I66J5PZOMAGFVJ66ZS57/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X3B5RWJQD5LA45MYLLR55KZJOJ5NVZGP/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X3B5RWJQD5LA45MYLLR55KZJOJ5NVZGP/" }, { "reference_url": "https://unicode-org.atlassian.net/browse/ICU-20958", "reference_id": "", "reference_type": "", "scores": [], "url": "https://unicode-org.atlassian.net/browse/ICU-20958" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4646", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4646" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2021.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpujan2021.html" }, { "reference_url": "https://www.oracle.com//security-alerts/cpujul2021.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1807349", "reference_id": "1807349", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1807349" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953747", "reference_id": "953747", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953747" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:icu-project:international_components_for_unicode:*:*:*:*:*:c\\/c\\+\\+:*:*", "reference_id": "cpe:2.3:a:icu-project:international_components_for_unicode:*:*:*:*:*:c\\/c\\+\\+:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:icu-project:international_components_for_unicode:*:*:*:*:*:c\\/c\\+\\+:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_extensibility_workbench:14.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:banking_extensibility_workbench:14.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_extensibility_workbench:14.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_extensibility_workbench:14.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:banking_extensibility_workbench:14.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_extensibility_workbench:14.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10531", "reference_id": "CVE-2020-10531", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10531" }, { "reference_url": "https://security.gentoo.org/glsa/202003-15", "reference_id": "GLSA-202003-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-15" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0738", "reference_id": "RHSA-2020:0738", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0738" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0896", "reference_id": "RHSA-2020:0896", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0896" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0897", "reference_id": "RHSA-2020:0897", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0897" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0901", "reference_id": "RHSA-2020:0901", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0901" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0902", "reference_id": "RHSA-2020:0902", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0902" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1293", "reference_id": "RHSA-2020:1293", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1293" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1317", "reference_id": "RHSA-2020:1317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1343", "reference_id": "RHSA-2020:1343", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1343" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2895", "reference_id": "RHSA-2020:2895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2895" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3084", "reference_id": "RHSA-2020:3084", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3084" }, { "reference_url": "https://usn.ubuntu.com/4305-1/", "reference_id": "USN-4305-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4305-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036847?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038268?format=api", "purl": "pkg:deb/debian/icu@63.1-6%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-v547-6z4g-kba3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@63.1-6%252Bdeb10u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1052610?format=api", "purl": "pkg:deb/debian/icu@67.1-7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ec4s-1rb3-muhf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@67.1-7" } ], "aliases": [ "CVE-2020-10531" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5ht5-3ffs-mbe6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56853?format=api", "vulnerability_id": "VCID-9ma9-pt7u-e3gv", "summary": "Multiple vulnerabilities have been found in ICU, the worst of which\n could cause a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7415.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7415.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7415", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02161", "scoring_system": "epss", "scoring_elements": "0.84215", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02161", "scoring_system": "epss", "scoring_elements": "0.84227", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02161", "scoring_system": "epss", "scoring_elements": "0.84246", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02161", "scoring_system": "epss", "scoring_elements": "0.84247", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02161", "scoring_system": "epss", "scoring_elements": "0.84269", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02161", "scoring_system": "epss", "scoring_elements": "0.84275", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02161", "scoring_system": "epss", "scoring_elements": "0.84292", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02161", "scoring_system": "epss", "scoring_elements": "0.84287", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02161", "scoring_system": "epss", "scoring_elements": "0.84283", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02161", "scoring_system": "epss", "scoring_elements": "0.84305", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02161", "scoring_system": "epss", "scoring_elements": "0.84307", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02161", "scoring_system": "epss", "scoring_elements": "0.8431", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7415" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377361", "reference_id": "1377361", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377361" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=838694", "reference_id": "838694", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=838694" }, { "reference_url": "https://security.gentoo.org/glsa/201701-58", "reference_id": "GLSA-201701-58", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-58" }, { "reference_url": "https://usn.ubuntu.com/3227-1/", "reference_id": "USN-3227-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3227-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036847?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2016-7415" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9ma9-pt7u-e3gv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31296?format=api", "vulnerability_id": "VCID-ajy9-yfsa-5bc5", "summary": "Multiple vulnerabilities have been found in IcedTea allowing remote\n attackers to affect confidentiality, integrity, and availability through\n various vectors.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4760.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4760.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4760", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09071", "scoring_system": "epss", "scoring_elements": "0.92615", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.09071", "scoring_system": "epss", "scoring_elements": "0.92622", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.09071", "scoring_system": "epss", "scoring_elements": "0.92628", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.09071", "scoring_system": "epss", "scoring_elements": "0.92639", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.09071", "scoring_system": "epss", "scoring_elements": "0.92645", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.09071", "scoring_system": "epss", "scoring_elements": "0.92649", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.09071", "scoring_system": "epss", "scoring_elements": "0.92663", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.09071", "scoring_system": "epss", "scoring_elements": "0.92666", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8147" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8873", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8873" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1242447", "reference_id": "1242447", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1242447" }, { "reference_url": "https://security.gentoo.org/glsa/201603-11", "reference_id": "GLSA-201603-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-11" }, { "reference_url": "https://security.gentoo.org/glsa/201603-14", "reference_id": "GLSA-201603-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-14" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1228", "reference_id": "RHSA-2015:1228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1229", "reference_id": "RHSA-2015:1229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1230", "reference_id": "RHSA-2015:1230", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1230" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1241", "reference_id": "RHSA-2015:1241", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1242", "reference_id": "RHSA-2015:1242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1242" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1243", "reference_id": "RHSA-2015:1243", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1243" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1485", "reference_id": "RHSA-2015:1485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1486", "reference_id": "RHSA-2015:1486", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1486" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1488", "reference_id": "RHSA-2015:1488", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1488" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1526", "reference_id": "RHSA-2015:1526", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1526" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1544", "reference_id": "RHSA-2015:1544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1604", "reference_id": "RHSA-2015:1604", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1604" }, { "reference_url": "https://usn.ubuntu.com/2696-1/", "reference_id": "USN-2696-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2696-1/" }, { "reference_url": "https://usn.ubuntu.com/2706-1/", "reference_id": "USN-2706-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2706-1/" }, { "reference_url": "https://usn.ubuntu.com/2740-1/", "reference_id": "USN-2740-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2740-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036847?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2015-4760" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ajy9-yfsa-5bc5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72800?format=api", "vulnerability_id": "VCID-ec4s-1rb3-muhf", "summary": "icu: Stack buffer overflow in the SRBRoot::addTag function", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5222.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5222.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5222", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14232", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14142", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14086", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.13978", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.13979", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14058", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14291", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14103", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14184", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14237", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5222" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5222", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5222" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106684", "reference_id": "1106684", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106684" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368600", "reference_id": "2368600", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T13:49:29Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368600" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4", "reference_id": "cpe:/a:redhat:openshift:4", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:9::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:9.0::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:9.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:9.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-5222", "reference_id": "CVE-2025-5222", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T13:49:29Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-5222" }, { "reference_url": "https://unicode-org.atlassian.net/jira/software/c/projects/ICU/issues/ICU-22957", "reference_id": "ICU-22957", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T13:49:29Z/" } ], "url": "https://unicode-org.atlassian.net/jira/software/c/projects/ICU/issues/ICU-22957" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11888", "reference_id": "RHSA-2025:11888", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T13:49:29Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:11888" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12083", "reference_id": "RHSA-2025:12083", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T13:49:29Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12083" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12331", "reference_id": "RHSA-2025:12331", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T13:49:29Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12331" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12332", "reference_id": "RHSA-2025:12332", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T13:49:29Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12332" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12333", "reference_id": "RHSA-2025:12333", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T13:49:29Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12333" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1057329?format=api", "purl": "pkg:deb/debian/icu@72.1-3%2Bdeb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@72.1-3%252Bdeb12u1" } ], "aliases": [ "CVE-2025-5222" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ec4s-1rb3-muhf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43396?format=api", "vulnerability_id": "VCID-fsdr-jdyv-tqed", "summary": "Multiple vulnerabilities have been found in ICU, the worst of which\n could allow remote code execution.", "references": [ { "reference_url": "http://bugs.icu-project.org/trac/changeset/39671", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.icu-project.org/trac/changeset/39671" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7867.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7867.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7867", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00745", "scoring_system": "epss", "scoring_elements": "0.72987", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00745", "scoring_system": "epss", "scoring_elements": "0.73086", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00745", "scoring_system": "epss", "scoring_elements": "0.73047", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00745", "scoring_system": "epss", "scoring_elements": "0.73041", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00745", "scoring_system": "epss", "scoring_elements": "0.73084", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00745", "scoring_system": "epss", "scoring_elements": "0.73094", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00745", "scoring_system": "epss", "scoring_elements": "0.72997", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00745", "scoring_system": "epss", "scoring_elements": "0.73017", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00745", "scoring_system": "epss", "scoring_elements": "0.72993", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00745", "scoring_system": "epss", "scoring_elements": "0.7303", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00745", "scoring_system": "epss", "scoring_elements": "0.73044", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00745", "scoring_system": "epss", "scoring_elements": "0.73068", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7867" }, { "reference_url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=213", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=213" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7867", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7867" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7868", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7868" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html" }, { "reference_url": "http://www.debian.org/security/2017/dsa-3830", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2017/dsa-3830" }, { "reference_url": "http://www.securityfocus.com/bid/97672", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/97672" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444097", "reference_id": "1444097", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444097" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860314", "reference_id": "860314", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860314" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:icu-project:international_components_for_unicode:*:*:*:*:*:c\\/c\\+\\+:*:*", "reference_id": "cpe:2.3:a:icu-project:international_components_for_unicode:*:*:*:*:*:c\\/c\\+\\+:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:icu-project:international_components_for_unicode:*:*:*:*:*:c\\/c\\+\\+:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7867", "reference_id": "CVE-2017-7867", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7867" }, { "reference_url": "https://security.gentoo.org/glsa/201710-03", "reference_id": "GLSA-201710-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-03" }, { "reference_url": "https://usn.ubuntu.com/3274-1/", "reference_id": "USN-3274-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3274-1/" }, { "reference_url": "https://usn.ubuntu.com/3274-2/", "reference_id": "USN-3274-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3274-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036847?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2017-7867" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fsdr-jdyv-tqed" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31325?format=api", "vulnerability_id": "VCID-gted-bme5-r7gf", "summary": "Multiple vulnerabilities have been found in IcedTea allowing remote\n attackers to affect confidentiality, integrity, and availability through\n various vectors.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0049.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0049.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0050.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0050.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0053.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0053.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0054.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0054.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0056.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0056.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0057.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0057.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0067.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0067.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0494.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0494.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0867", "scoring_system": "epss", "scoring_elements": "0.92474", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0867", "scoring_system": "epss", "scoring_elements": "0.92471", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0867", "scoring_system": "epss", "scoring_elements": "0.9242", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0867", "scoring_system": "epss", "scoring_elements": "0.92426", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0867", "scoring_system": "epss", "scoring_elements": "0.92435", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0867", "scoring_system": "epss", "scoring_elements": "0.92437", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0867", "scoring_system": "epss", "scoring_elements": "0.92449", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0867", "scoring_system": "epss", "scoring_elements": "0.92454", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0867", "scoring_system": "epss", "scoring_elements": "0.9246", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0867", "scoring_system": "epss", "scoring_elements": "0.92463", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0867", "scoring_system": "epss", "scoring_elements": "0.92461", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0867", "scoring_system": "epss", "scoring_elements": "0.92472", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3458", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3458" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3465", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3465" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "reference_url": "http://www.securitytracker.com/id/1034715", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034715" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2884-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2884-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2885-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2885-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1298906", "reference_id": "1298906", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1298906" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:update105:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.6.0:update105:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:update105:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update91:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.7.0:update91:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update91:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update66:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.8.0:update66:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update66:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.6.0:update105:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.6.0:update105:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.6.0:update105:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update91:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.7.0:update91:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update91:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update66:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.8.0:update66:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update66:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0494", "reference_id": "CVE-2016-0494", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0494" }, { "reference_url": "https://security.gentoo.org/glsa/201603-14", "reference_id": "GLSA-201603-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-14" }, { "reference_url": "https://security.gentoo.org/glsa/201610-08", "reference_id": "GLSA-201610-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201610-08" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0049", "reference_id": "RHSA-2016:0049", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0049" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0050", "reference_id": "RHSA-2016:0050", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0050" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0053", "reference_id": "RHSA-2016:0053", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0053" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0054", "reference_id": "RHSA-2016:0054", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0054" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0055", "reference_id": "RHSA-2016:0055", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0055" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0056", "reference_id": "RHSA-2016:0056", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0056" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0057", "reference_id": "RHSA-2016:0057", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0057" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0067", "reference_id": "RHSA-2016:0067", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0067" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0098", "reference_id": "RHSA-2016:0098", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0098" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0099", "reference_id": "RHSA-2016:0099", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0099" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0100", "reference_id": "RHSA-2016:0100", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0100" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0101", "reference_id": "RHSA-2016:0101", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0101" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1430", "reference_id": "RHSA-2016:1430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1430" }, { "reference_url": "https://usn.ubuntu.com/2884-1/", "reference_id": "USN-2884-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2884-1/" }, { "reference_url": "https://usn.ubuntu.com/2885-1/", "reference_id": "USN-2885-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2885-1/" }, { "reference_url": "https://usn.ubuntu.com/3227-1/", "reference_id": "USN-3227-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3227-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036847?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2016-0494" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gted-bme5-r7gf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36569?format=api", "vulnerability_id": "VCID-hghm-mfvp-1ufk", "summary": "Multiple vulnerabilities have been found in International\n Components for Unicode, allowing attackers to execute arbitrary code or\n cause a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8146.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8146.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8146", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.25808", "scoring_system": "epss", "scoring_elements": "0.9622", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.25808", "scoring_system": "epss", "scoring_elements": "0.96228", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.25808", "scoring_system": "epss", "scoring_elements": "0.96235", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.25808", "scoring_system": "epss", "scoring_elements": "0.96239", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.25808", "scoring_system": "epss", "scoring_elements": "0.96248", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.25808", "scoring_system": "epss", "scoring_elements": "0.96251", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.25808", "scoring_system": "epss", "scoring_elements": "0.96255", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.25808", "scoring_system": "epss", "scoring_elements": "0.96256", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.25808", "scoring_system": "epss", "scoring_elements": "0.96265", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.25808", "scoring_system": "epss", "scoring_elements": "0.96269", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.25808", "scoring_system": "epss", "scoring_elements": "0.96271", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8146" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8147" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1176197", "reference_id": "1176197", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1176197" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784773", "reference_id": "784773", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784773" }, { "reference_url": "https://github.com/pedrib/PoC/blob/a2842a650de88c582e963493d5e2711aa4a1b747/advisories/i-c-u-fail.txt", "reference_id": "CVE-2014-8147;CVE-2014-8146", "reference_type": "exploit", "scores": [], "url": "https://github.com/pedrib/PoC/blob/a2842a650de88c582e963493d5e2711aa4a1b747/advisories/i-c-u-fail.txt" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/43887.txt", "reference_id": "CVE-2014-8147;CVE-2014-8146", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/43887.txt" }, { "reference_url": "https://security.gentoo.org/glsa/201507-04", "reference_id": "GLSA-201507-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201507-04" }, { "reference_url": "https://usn.ubuntu.com/2605-1/", "reference_id": "USN-2605-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2605-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036847?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2014-8146" ], "risk_score": 0.4, "exploitability": "2.0", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hghm-mfvp-1ufk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80026?format=api", "vulnerability_id": "VCID-hjda-t6dj-3baj", "summary": "icu: Use after free in pkg_createWithAssemblyCode function in tools/pkgdata/pkgdata.cpp", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-21913.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-21913.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-21913", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27793", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27844", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27886", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27677", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27745", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27788", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27794", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27752", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27693", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27703", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27676", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27638", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-21913" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-21913", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-21913" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2006950", "reference_id": "2006950", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2006950" }, { "reference_url": "https://usn.ubuntu.com/5133-1/", "reference_id": "USN-5133-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5133-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038268?format=api", "purl": "pkg:deb/debian/icu@63.1-6%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-v547-6z4g-kba3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@63.1-6%252Bdeb10u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1052610?format=api", "purl": "pkg:deb/debian/icu@67.1-7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ec4s-1rb3-muhf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@67.1-7" } ], "aliases": [ "CVE-2020-21913" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hjda-t6dj-3baj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43398?format=api", "vulnerability_id": "VCID-hzxp-wau2-nyck", "summary": "Multiple vulnerabilities have been found in ICU, the worst of which\n could allow remote code execution.", "references": [ { "reference_url": "http://bugs.icu-project.org/trac/changeset/39671", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.icu-project.org/trac/changeset/39671" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7868.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7868.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7868", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0209", "scoring_system": "epss", "scoring_elements": "0.83958", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0209", "scoring_system": "epss", "scoring_elements": "0.84053", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0209", "scoring_system": "epss", "scoring_elements": "0.84031", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0209", "scoring_system": "epss", "scoring_elements": "0.84027", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0209", "scoring_system": "epss", "scoring_elements": "0.8405", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0209", "scoring_system": "epss", "scoring_elements": "0.84052", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0209", "scoring_system": "epss", "scoring_elements": "0.83972", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0209", "scoring_system": "epss", "scoring_elements": "0.83988", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0209", "scoring_system": "epss", "scoring_elements": "0.83991", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0209", "scoring_system": "epss", "scoring_elements": "0.84015", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0209", "scoring_system": "epss", "scoring_elements": "0.84021", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0209", "scoring_system": "epss", "scoring_elements": "0.84038", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7868" }, { "reference_url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=437", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=437" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7867", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7867" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7868", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7868" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html" }, { "reference_url": "http://www.debian.org/security/2017/dsa-3830", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2017/dsa-3830" }, { "reference_url": "http://www.securityfocus.com/bid/97674", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/97674" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444098", "reference_id": "1444098", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444098" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860314", "reference_id": "860314", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860314" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:icu-project:international_components_for_unicode:*:*:*:*:*:c\\/c\\+\\+:*:*", "reference_id": "cpe:2.3:a:icu-project:international_components_for_unicode:*:*:*:*:*:c\\/c\\+\\+:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:icu-project:international_components_for_unicode:*:*:*:*:*:c\\/c\\+\\+:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7868", "reference_id": "CVE-2017-7868", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7868" }, { "reference_url": "https://security.gentoo.org/glsa/201710-03", "reference_id": "GLSA-201710-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-03" }, { "reference_url": "https://usn.ubuntu.com/3274-1/", "reference_id": "USN-3274-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3274-1/" }, { "reference_url": "https://usn.ubuntu.com/3274-2/", "reference_id": "USN-3274-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3274-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036847?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2017-7868" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hzxp-wau2-nyck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36570?format=api", "vulnerability_id": "VCID-ndem-w1mb-h7gj", "summary": "Multiple vulnerabilities have been found in International\n Components for Unicode, allowing attackers to execute arbitrary code or\n cause a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8147.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8147.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8147", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.41904", "scoring_system": "epss", "scoring_elements": "0.97402", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.41904", "scoring_system": "epss", "scoring_elements": "0.97408", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.41904", "scoring_system": "epss", "scoring_elements": "0.97413", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.41904", "scoring_system": "epss", "scoring_elements": "0.97415", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.41904", "scoring_system": "epss", "scoring_elements": "0.97422", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.41904", "scoring_system": "epss", "scoring_elements": "0.97423", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.41904", "scoring_system": "epss", "scoring_elements": "0.97425", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.41904", "scoring_system": "epss", "scoring_elements": "0.97427", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.41904", "scoring_system": "epss", "scoring_elements": "0.97428", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.41904", "scoring_system": "epss", "scoring_elements": "0.97436", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.41904", "scoring_system": "epss", "scoring_elements": "0.9744", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8147" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8147" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1176200", "reference_id": "1176200", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1176200" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784773", "reference_id": "784773", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784773" }, { "reference_url": "https://security.gentoo.org/glsa/201507-04", "reference_id": "GLSA-201507-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201507-04" }, { "reference_url": "https://usn.ubuntu.com/2605-1/", "reference_id": "USN-2605-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2605-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036847?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2014-8147" ], "risk_score": 0.8, "exploitability": "2.0", "weighted_severity": "0.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ndem-w1mb-h7gj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31305?format=api", "vulnerability_id": "VCID-qb56-zfz8-4bev", "summary": "Multiple vulnerabilities have been found in IcedTea allowing remote\n attackers to affect confidentiality, integrity, and availability through\n various vectors.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1919.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-1919.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1920.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-1920.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1921.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-1921.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1926.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-1926.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1927.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-1927.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1928.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-1928.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2506.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-2506.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2507.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-2507.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2508.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-2508.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2509.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-2509.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2518.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-2518.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4844.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4844.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4844", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10364", "scoring_system": "epss", "scoring_elements": "0.9323", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.10364", "scoring_system": "epss", "scoring_elements": "0.93173", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.10364", "scoring_system": "epss", "scoring_elements": "0.93183", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.10364", "scoring_system": "epss", "scoring_elements": "0.93187", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.10364", "scoring_system": "epss", "scoring_elements": "0.93185", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.10364", "scoring_system": "epss", "scoring_elements": "0.93194", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.10364", "scoring_system": "epss", "scoring_elements": "0.93198", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.10364", "scoring_system": "epss", "scoring_elements": "0.93203", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.10364", "scoring_system": "epss", "scoring_elements": "0.932", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.10364", "scoring_system": "epss", "scoring_elements": "0.93202", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.10364", "scoring_system": "epss", "scoring_elements": "0.93217", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.10364", "scoring_system": "epss", "scoring_elements": "0.93222", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3381", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2015/dsa-3381" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "reference_url": "http://www.securityfocus.com/bid/77164", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/77164" }, { "reference_url": "http://www.securitytracker.com/id/1033884", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1033884" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2784-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2784-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2827-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2827-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273318", "reference_id": "1273318", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273318" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:update101:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.6.0:update101:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:update101:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update85:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.7.0:update85:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update85:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update51:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.8.0:update51:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update51:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update60:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.8.0:update60:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update60:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.6.0:update_101:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.6.0:update_101:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.6.0:update_101:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update_85:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.7.0:update_85:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update_85:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update_51:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.8.0:update_51:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update_51:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update_60:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.8.0:update_60:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update_60:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4844", "reference_id": "CVE-2015-4844", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4844" }, { "reference_url": "https://security.gentoo.org/glsa/201603-11", "reference_id": "GLSA-201603-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-11" }, { "reference_url": "https://security.gentoo.org/glsa/201603-14", "reference_id": "GLSA-201603-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-14" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1919", "reference_id": "RHSA-2015:1919", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1919" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1920", "reference_id": "RHSA-2015:1920", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1920" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1921", "reference_id": "RHSA-2015:1921", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1921" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1926", "reference_id": "RHSA-2015:1926", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1926" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1927", "reference_id": "RHSA-2015:1927", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1927" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1928", "reference_id": "RHSA-2015:1928", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1928" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2086", "reference_id": "RHSA-2015:2086", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2086" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2506", "reference_id": "RHSA-2015:2506", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2506" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2507", "reference_id": "RHSA-2015:2507", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2507" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2508", "reference_id": "RHSA-2015:2508", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2508" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2509", "reference_id": "RHSA-2015:2509", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2509" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2518", "reference_id": "RHSA-2015:2518", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2518" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1430", "reference_id": "RHSA-2016:1430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1430" }, { "reference_url": "https://usn.ubuntu.com/2784-1/", "reference_id": "USN-2784-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2784-1/" }, { "reference_url": "https://usn.ubuntu.com/2827-1/", "reference_id": "USN-2827-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2827-1/" }, { "reference_url": "https://usn.ubuntu.com/3227-1/", "reference_id": "USN-3227-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3227-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036847?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2015-4844" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qb56-zfz8-4bev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31286?format=api", "vulnerability_id": "VCID-uwxq-bbum-1yhw", "summary": "Multiple vulnerabilities have been found in IcedTea allowing remote\n attackers to affect confidentiality, integrity, and availability through\n various vectors.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2632.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2632.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01988", "scoring_system": "epss", "scoring_elements": "0.83534", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01988", "scoring_system": "epss", "scoring_elements": "0.83546", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01988", "scoring_system": "epss", "scoring_elements": "0.83561", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01988", "scoring_system": "epss", "scoring_elements": "0.83562", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01988", "scoring_system": "epss", "scoring_elements": "0.83586", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01988", "scoring_system": "epss", "scoring_elements": "0.83595", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01988", "scoring_system": "epss", "scoring_elements": "0.8361", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01988", "scoring_system": "epss", "scoring_elements": "0.83603", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01988", "scoring_system": "epss", "scoring_elements": "0.83599", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01988", "scoring_system": "epss", "scoring_elements": "0.83634", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01988", "scoring_system": "epss", "scoring_elements": "0.83635", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8873", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8873" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1242394", "reference_id": "1242394", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1242394" }, { "reference_url": "https://security.gentoo.org/glsa/201603-11", "reference_id": "GLSA-201603-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-11" }, { "reference_url": "https://security.gentoo.org/glsa/201603-14", "reference_id": "GLSA-201603-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-14" }, { "reference_url": "https://security.gentoo.org/glsa/201701-58", "reference_id": "GLSA-201701-58", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-58" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1228", "reference_id": "RHSA-2015:1228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1229", "reference_id": "RHSA-2015:1229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1230", "reference_id": "RHSA-2015:1230", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1230" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1241", "reference_id": "RHSA-2015:1241", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1242", "reference_id": "RHSA-2015:1242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1242" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1243", "reference_id": "RHSA-2015:1243", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1243" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1485", "reference_id": "RHSA-2015:1485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1486", "reference_id": "RHSA-2015:1486", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1486" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1488", "reference_id": "RHSA-2015:1488", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1488" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1526", "reference_id": "RHSA-2015:1526", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1526" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1544", "reference_id": "RHSA-2015:1544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1604", "reference_id": "RHSA-2015:1604", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1604" }, { "reference_url": "https://usn.ubuntu.com/2696-1/", "reference_id": "USN-2696-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2696-1/" }, { "reference_url": "https://usn.ubuntu.com/2706-1/", "reference_id": "USN-2706-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2706-1/" }, { "reference_url": "https://usn.ubuntu.com/2740-1/", "reference_id": "USN-2740-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2740-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036847?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2015-2632" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uwxq-bbum-1yhw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94722?format=api", "vulnerability_id": "VCID-v547-6z4g-kba3", "summary": "Double free in ICU in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-30535", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68266", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68286", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68173", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68196", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68214", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.6819", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68241", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68256", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68281", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68269", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68235", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68275", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-30535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30535" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990079", "reference_id": "990079", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990079" }, { "reference_url": "https://security.archlinux.org/ASA-202106-2", "reference_id": "ASA-202106-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-2" }, { "reference_url": "https://security.archlinux.org/AVG-1990", "reference_id": "AVG-1990", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1990" }, { "reference_url": "https://security.archlinux.org/AVG-1991", "reference_id": "AVG-1991", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1991" }, { "reference_url": "https://usn.ubuntu.com/5156-1/", "reference_id": "USN-5156-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5156-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1052610?format=api", "purl": "pkg:deb/debian/icu@67.1-7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ec4s-1rb3-muhf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@67.1-7" } ], "aliases": [ "CVE-2021-30535" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v547-6z4g-kba3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62061?format=api", "vulnerability_id": "VCID-vcxf-zjrp-e3cg", "summary": "Multiple vulnerabilities have been found in the Chromium web\n browser, the worst of which allows remote attackers to execute arbitrary\n code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1270.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1270.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1270", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01188", "scoring_system": "epss", "scoring_elements": "0.78763", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01188", "scoring_system": "epss", "scoring_elements": "0.7877", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01188", "scoring_system": "epss", "scoring_elements": "0.78802", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01188", "scoring_system": "epss", "scoring_elements": "0.78784", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01188", "scoring_system": "epss", "scoring_elements": "0.78809", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01188", "scoring_system": "epss", "scoring_elements": "0.78817", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01188", "scoring_system": "epss", "scoring_elements": "0.7884", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01188", "scoring_system": "epss", "scoring_elements": "0.78823", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01188", "scoring_system": "epss", "scoring_elements": "0.78814", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01188", "scoring_system": "epss", "scoring_elements": "0.78842", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01188", "scoring_system": "epss", "scoring_elements": "0.78839", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01188", "scoring_system": "epss", "scoring_elements": "0.78837", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1270" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1266", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1266" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1267", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1267" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1268", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1268" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1269", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1269" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1270", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1270" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1271", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1271" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1272", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1272" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1273", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1273" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1274", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1274" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1276", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1276" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1278", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1278" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1279", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1279" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1280", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1280" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1281", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1281" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1284", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1284" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1287", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1287" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1288", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1288" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1289", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1289" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1245574", "reference_id": "1245574", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1245574" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=798647", "reference_id": "798647", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=798647" }, { "reference_url": "https://security.gentoo.org/glsa/201603-09", "reference_id": "GLSA-201603-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1499", "reference_id": "RHSA-2015:1499", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1499" }, { "reference_url": "https://usn.ubuntu.com/2677-1/", "reference_id": "USN-2677-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2677-1/" }, { "reference_url": "https://usn.ubuntu.com/2740-1/", "reference_id": "USN-2740-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2740-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036847?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2015-1270" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vcxf-zjrp-e3cg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83026?format=api", "vulnerability_id": "VCID-w5th-khuv-mkek", "summary": "icu: integer overflow in number::impl::DecimalQuantity::toScientificString() in i18n/number_decimalquantity.cpp", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18928.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18928.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-18928", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02103", "scoring_system": "epss", "scoring_elements": "0.84006", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02103", "scoring_system": "epss", "scoring_elements": "0.84021", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02103", "scoring_system": "epss", "scoring_elements": "0.84037", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02103", "scoring_system": "epss", "scoring_elements": "0.8404", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02103", "scoring_system": "epss", "scoring_elements": "0.84063", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02103", "scoring_system": "epss", "scoring_elements": "0.84069", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02103", "scoring_system": "epss", "scoring_elements": "0.84086", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02103", "scoring_system": "epss", "scoring_elements": "0.84079", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02103", "scoring_system": "epss", "scoring_elements": "0.84075", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02103", "scoring_system": "epss", "scoring_elements": "0.84098", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02103", "scoring_system": "epss", "scoring_elements": "0.841", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02103", "scoring_system": "epss", "scoring_elements": "0.84101", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-18928" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18928", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18928" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1646702", "reference_id": "1646702", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1646702" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038268?format=api", "purl": "pkg:deb/debian/icu@63.1-6%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-v547-6z4g-kba3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@63.1-6%252Bdeb10u3" } ], "aliases": [ "CVE-2018-18928" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w5th-khuv-mkek" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56852?format=api", "vulnerability_id": "VCID-wzc2-4mje-qfhf", "summary": "Multiple vulnerabilities have been found in ICU, the worst of which\n could cause a Denial of Service condition.", "references": [ { "reference_url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=aa82e99ed8003c01f1ef4f0940e56b85c5b032d4", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=aa82e99ed8003c01f1ef4f0940e56b85c5b032d4" }, { "reference_url": "http://openwall.com/lists/oss-security/2016/07/24/2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2016/07/24/2" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6293.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6293.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6293", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03557", "scoring_system": "epss", "scoring_elements": "0.87647", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03557", "scoring_system": "epss", "scoring_elements": "0.87712", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03557", "scoring_system": "epss", "scoring_elements": "0.87703", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03557", "scoring_system": "epss", "scoring_elements": "0.87701", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03557", "scoring_system": "epss", "scoring_elements": "0.87716", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03557", "scoring_system": "epss", "scoring_elements": "0.87657", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03557", "scoring_system": "epss", "scoring_elements": "0.8767", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03557", "scoring_system": "epss", "scoring_elements": "0.87671", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03557", "scoring_system": "epss", "scoring_elements": "0.87692", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03557", "scoring_system": "epss", "scoring_elements": "0.87698", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03557", "scoring_system": "epss", "scoring_elements": "0.8771", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6293" }, { "reference_url": "https://bugs.php.net/72533", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.php.net/72533" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html" }, { "reference_url": "http://www.securityfocus.com/bid/92127", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/92127" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1360339", "reference_id": "1360339", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1360339" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:icu-project:international_components_for_unicode:*:*:*:*:*:c\\/c\\+\\+:*:*", "reference_id": "cpe:2.3:a:icu-project:international_components_for_unicode:*:*:*:*:*:c\\/c\\+\\+:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:icu-project:international_components_for_unicode:*:*:*:*:*:c\\/c\\+\\+:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6293", "reference_id": "CVE-2016-6293", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6293" }, { "reference_url": "https://security.gentoo.org/glsa/201701-58", "reference_id": "GLSA-201701-58", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-58" }, { "reference_url": "https://usn.ubuntu.com/3227-1/", "reference_id": "USN-3227-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3227-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036847?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2016-6293" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wzc2-4mje-qfhf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49911?format=api", "vulnerability_id": "VCID-xg8u-dvmc-t3ft", "summary": "Multiple vulnerabilities have been found in Chromium and Google\n Chrome, the worst of which could result in the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15422.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15422.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15422", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02003", "scoring_system": "epss", "scoring_elements": "0.83601", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02003", "scoring_system": "epss", "scoring_elements": "0.83654", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02003", "scoring_system": "epss", "scoring_elements": "0.83613", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02003", "scoring_system": "epss", "scoring_elements": "0.83628", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02003", "scoring_system": "epss", "scoring_elements": "0.8363", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02598", "scoring_system": "epss", "scoring_elements": "0.85634", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02598", "scoring_system": "epss", "scoring_elements": "0.85628", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02598", "scoring_system": "epss", "scoring_elements": "0.8563", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02598", "scoring_system": "epss", "scoring_elements": "0.85599", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02598", "scoring_system": "epss", "scoring_elements": "0.85613", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02598", "scoring_system": "epss", "scoring_elements": "0.8561", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02598", "scoring_system": "epss", "scoring_elements": "0.85606", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15422" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15422", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15422" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523136", "reference_id": "1523136", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523136" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892766", "reference_id": "892766", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892766" }, { "reference_url": "https://security.archlinux.org/ASA-201712-5", "reference_id": "ASA-201712-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201712-5" }, { "reference_url": "https://security.archlinux.org/AVG-544", "reference_id": "AVG-544", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-544" }, { "reference_url": "https://security.gentoo.org/glsa/201801-03", "reference_id": "GLSA-201801-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201801-03" }, { "reference_url": "https://usn.ubuntu.com/3610-1/", "reference_id": "USN-3610-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3610-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036847?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038268?format=api", "purl": "pkg:deb/debian/icu@63.1-6%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-v547-6z4g-kba3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@63.1-6%252Bdeb10u3" } ], "aliases": [ "CVE-2017-15422" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xg8u-dvmc-t3ft" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80437?format=api", "vulnerability_id": "VCID-2bgz-463n-rbg4", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9911.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9911.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9911", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01804", "scoring_system": "epss", "scoring_elements": "0.82745", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01804", "scoring_system": "epss", "scoring_elements": "0.82761", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01804", "scoring_system": "epss", "scoring_elements": "0.82774", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01804", "scoring_system": "epss", "scoring_elements": "0.82771", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01804", "scoring_system": "epss", "scoring_elements": "0.82797", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01804", "scoring_system": "epss", "scoring_elements": "0.82802", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01804", "scoring_system": "epss", "scoring_elements": "0.82819", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01804", "scoring_system": "epss", "scoring_elements": "0.82814", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01804", "scoring_system": "epss", "scoring_elements": "0.82809", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01804", "scoring_system": "epss", "scoring_elements": "0.82848", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01804", "scoring_system": "epss", "scoring_elements": "0.8285", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1383569", "reference_id": "1383569", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1383569" }, { "reference_url": "https://usn.ubuntu.com/3227-1/", "reference_id": "USN-3227-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3227-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035487?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2bgz-463n-rbg4" }, { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-9ma9-pt7u-e3gv" }, { "vulnerability": "VCID-ajy9-yfsa-5bc5" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-fsdr-jdyv-tqed" }, { "vulnerability": "VCID-gted-bme5-r7gf" }, { "vulnerability": "VCID-hghm-mfvp-1ufk" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-hzxp-wau2-nyck" }, { "vulnerability": "VCID-ndem-w1mb-h7gj" }, { "vulnerability": "VCID-qb56-zfz8-4bev" }, { "vulnerability": "VCID-uwxq-bbum-1yhw" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-vcxf-zjrp-e3cg" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-wzc2-4mje-qfhf" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036847?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2014-9911" ], "risk_score": 3.8, "exploitability": "0.5", "weighted_severity": "7.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2bgz-463n-rbg4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56853?format=api", "vulnerability_id": "VCID-9ma9-pt7u-e3gv", "summary": "Multiple vulnerabilities have been found in ICU, the worst of which\n could cause a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7415.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7415.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7415", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02161", "scoring_system": "epss", "scoring_elements": "0.84215", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02161", "scoring_system": "epss", "scoring_elements": "0.84227", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02161", "scoring_system": "epss", "scoring_elements": "0.84246", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02161", "scoring_system": "epss", "scoring_elements": "0.84247", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02161", "scoring_system": "epss", "scoring_elements": "0.84269", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02161", "scoring_system": "epss", "scoring_elements": "0.84275", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02161", "scoring_system": "epss", "scoring_elements": "0.84292", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02161", "scoring_system": "epss", "scoring_elements": "0.84287", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02161", "scoring_system": "epss", "scoring_elements": "0.84283", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02161", "scoring_system": "epss", "scoring_elements": "0.84305", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02161", "scoring_system": "epss", "scoring_elements": "0.84307", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02161", "scoring_system": "epss", "scoring_elements": "0.8431", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7415" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377361", "reference_id": "1377361", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377361" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=838694", "reference_id": "838694", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=838694" }, { "reference_url": "https://security.gentoo.org/glsa/201701-58", "reference_id": "GLSA-201701-58", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-58" }, { "reference_url": "https://usn.ubuntu.com/3227-1/", "reference_id": "USN-3227-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3227-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035487?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2bgz-463n-rbg4" }, { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-9ma9-pt7u-e3gv" }, { "vulnerability": "VCID-ajy9-yfsa-5bc5" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-fsdr-jdyv-tqed" }, { "vulnerability": "VCID-gted-bme5-r7gf" }, { "vulnerability": "VCID-hghm-mfvp-1ufk" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-hzxp-wau2-nyck" }, { "vulnerability": "VCID-ndem-w1mb-h7gj" }, { "vulnerability": "VCID-qb56-zfz8-4bev" }, { "vulnerability": "VCID-uwxq-bbum-1yhw" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-vcxf-zjrp-e3cg" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-wzc2-4mje-qfhf" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036847?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2016-7415" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9ma9-pt7u-e3gv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31296?format=api", "vulnerability_id": "VCID-ajy9-yfsa-5bc5", "summary": "Multiple vulnerabilities have been found in IcedTea allowing remote\n attackers to affect confidentiality, integrity, and availability through\n various vectors.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4760.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4760.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4760", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09071", "scoring_system": "epss", "scoring_elements": "0.92615", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.09071", "scoring_system": "epss", "scoring_elements": "0.92622", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.09071", "scoring_system": "epss", "scoring_elements": "0.92628", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.09071", "scoring_system": "epss", "scoring_elements": "0.92639", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.09071", "scoring_system": "epss", "scoring_elements": "0.92645", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.09071", "scoring_system": "epss", "scoring_elements": "0.92649", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.09071", "scoring_system": "epss", "scoring_elements": "0.92663", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.09071", "scoring_system": "epss", "scoring_elements": "0.92666", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8147" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8873", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8873" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1242447", "reference_id": "1242447", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1242447" }, { "reference_url": "https://security.gentoo.org/glsa/201603-11", "reference_id": "GLSA-201603-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-11" }, { "reference_url": "https://security.gentoo.org/glsa/201603-14", "reference_id": "GLSA-201603-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-14" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1228", "reference_id": "RHSA-2015:1228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1229", "reference_id": "RHSA-2015:1229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1230", "reference_id": "RHSA-2015:1230", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1230" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1241", "reference_id": "RHSA-2015:1241", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1242", "reference_id": "RHSA-2015:1242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1242" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1243", "reference_id": "RHSA-2015:1243", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1243" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1485", "reference_id": "RHSA-2015:1485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1486", "reference_id": "RHSA-2015:1486", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1486" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1488", "reference_id": "RHSA-2015:1488", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1488" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1526", "reference_id": "RHSA-2015:1526", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1526" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1544", "reference_id": "RHSA-2015:1544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1604", "reference_id": "RHSA-2015:1604", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1604" }, { "reference_url": "https://usn.ubuntu.com/2696-1/", "reference_id": "USN-2696-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2696-1/" }, { "reference_url": "https://usn.ubuntu.com/2706-1/", "reference_id": "USN-2706-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2706-1/" }, { "reference_url": "https://usn.ubuntu.com/2740-1/", "reference_id": "USN-2740-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2740-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571057?format=api", "purl": "pkg:deb/debian/icu@4.8.1.1-12%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bcb-5gab-9kde" }, { "vulnerability": "VCID-2bgz-463n-rbg4" }, { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-8jtg-kntk-zuhp" }, { "vulnerability": "VCID-9ma9-pt7u-e3gv" }, { "vulnerability": "VCID-ajy9-yfsa-5bc5" }, { "vulnerability": "VCID-dr2n-9pz1-gfd5" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-faut-x7vy-g3dq" }, { "vulnerability": "VCID-fsdr-jdyv-tqed" }, { "vulnerability": "VCID-gted-bme5-r7gf" }, { "vulnerability": "VCID-hghm-mfvp-1ufk" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-hzxp-wau2-nyck" }, { "vulnerability": "VCID-jm8s-9gr6-ebax" }, { "vulnerability": "VCID-kct4-fj4c-7kgv" }, { "vulnerability": "VCID-mebk-ymrs-wkd2" }, { "vulnerability": "VCID-mzjf-ej5z-57eh" }, { "vulnerability": "VCID-ndem-w1mb-h7gj" }, { "vulnerability": "VCID-nyhx-9tes-9ygr" }, { "vulnerability": "VCID-pf5g-cuwm-7bey" }, { "vulnerability": "VCID-qb56-zfz8-4bev" }, { "vulnerability": "VCID-uwxq-bbum-1yhw" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-vcxf-zjrp-e3cg" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-wzc2-4mje-qfhf" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" }, { "vulnerability": "VCID-yz8d-49gf-u3bw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@4.8.1.1-12%252Bdeb7u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035487?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2bgz-463n-rbg4" }, { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-9ma9-pt7u-e3gv" }, { "vulnerability": "VCID-ajy9-yfsa-5bc5" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-fsdr-jdyv-tqed" }, { "vulnerability": "VCID-gted-bme5-r7gf" }, { "vulnerability": "VCID-hghm-mfvp-1ufk" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-hzxp-wau2-nyck" }, { "vulnerability": "VCID-ndem-w1mb-h7gj" }, { "vulnerability": "VCID-qb56-zfz8-4bev" }, { "vulnerability": "VCID-uwxq-bbum-1yhw" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-vcxf-zjrp-e3cg" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-wzc2-4mje-qfhf" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036847?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2015-4760" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ajy9-yfsa-5bc5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43396?format=api", "vulnerability_id": "VCID-fsdr-jdyv-tqed", "summary": "Multiple vulnerabilities have been found in ICU, the worst of which\n could allow remote code execution.", "references": [ { "reference_url": "http://bugs.icu-project.org/trac/changeset/39671", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.icu-project.org/trac/changeset/39671" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7867.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7867.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7867", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00745", "scoring_system": "epss", "scoring_elements": "0.72987", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00745", "scoring_system": "epss", "scoring_elements": "0.73086", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00745", "scoring_system": "epss", "scoring_elements": "0.73047", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00745", "scoring_system": "epss", "scoring_elements": "0.73041", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00745", "scoring_system": "epss", "scoring_elements": "0.73084", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00745", "scoring_system": "epss", "scoring_elements": "0.73094", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00745", "scoring_system": "epss", "scoring_elements": "0.72997", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00745", "scoring_system": "epss", "scoring_elements": "0.73017", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00745", "scoring_system": "epss", "scoring_elements": "0.72993", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00745", "scoring_system": "epss", "scoring_elements": "0.7303", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00745", "scoring_system": "epss", "scoring_elements": "0.73044", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00745", "scoring_system": "epss", "scoring_elements": "0.73068", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7867" }, { "reference_url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=213", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=213" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7867", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7867" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7868", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7868" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html" }, { "reference_url": "http://www.debian.org/security/2017/dsa-3830", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2017/dsa-3830" }, { "reference_url": "http://www.securityfocus.com/bid/97672", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/97672" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444097", "reference_id": "1444097", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444097" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860314", "reference_id": "860314", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860314" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:icu-project:international_components_for_unicode:*:*:*:*:*:c\\/c\\+\\+:*:*", "reference_id": "cpe:2.3:a:icu-project:international_components_for_unicode:*:*:*:*:*:c\\/c\\+\\+:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:icu-project:international_components_for_unicode:*:*:*:*:*:c\\/c\\+\\+:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7867", "reference_id": "CVE-2017-7867", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7867" }, { "reference_url": "https://security.gentoo.org/glsa/201710-03", "reference_id": "GLSA-201710-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-03" }, { "reference_url": "https://usn.ubuntu.com/3274-1/", "reference_id": "USN-3274-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3274-1/" }, { "reference_url": "https://usn.ubuntu.com/3274-2/", "reference_id": "USN-3274-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3274-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035487?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2bgz-463n-rbg4" }, { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-9ma9-pt7u-e3gv" }, { "vulnerability": "VCID-ajy9-yfsa-5bc5" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-fsdr-jdyv-tqed" }, { "vulnerability": "VCID-gted-bme5-r7gf" }, { "vulnerability": "VCID-hghm-mfvp-1ufk" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-hzxp-wau2-nyck" }, { "vulnerability": "VCID-ndem-w1mb-h7gj" }, { "vulnerability": "VCID-qb56-zfz8-4bev" }, { "vulnerability": "VCID-uwxq-bbum-1yhw" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-vcxf-zjrp-e3cg" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-wzc2-4mje-qfhf" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036847?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2017-7867" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fsdr-jdyv-tqed" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31325?format=api", "vulnerability_id": "VCID-gted-bme5-r7gf", "summary": "Multiple vulnerabilities have been found in IcedTea allowing remote\n attackers to affect confidentiality, integrity, and availability through\n various vectors.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0049.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0049.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0050.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0050.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0053.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0053.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0054.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0054.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0056.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0056.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0057.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0057.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0067.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0067.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0494.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0494.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0867", "scoring_system": "epss", "scoring_elements": "0.92474", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0867", "scoring_system": "epss", "scoring_elements": "0.92471", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0867", "scoring_system": "epss", "scoring_elements": "0.9242", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0867", "scoring_system": "epss", "scoring_elements": "0.92426", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0867", "scoring_system": "epss", "scoring_elements": "0.92435", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0867", "scoring_system": "epss", "scoring_elements": "0.92437", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0867", "scoring_system": "epss", "scoring_elements": "0.92449", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0867", "scoring_system": "epss", "scoring_elements": "0.92454", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0867", "scoring_system": "epss", "scoring_elements": "0.9246", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0867", "scoring_system": "epss", "scoring_elements": "0.92463", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0867", "scoring_system": "epss", "scoring_elements": "0.92461", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0867", "scoring_system": "epss", "scoring_elements": "0.92472", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3458", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3458" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3465", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3465" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "reference_url": "http://www.securitytracker.com/id/1034715", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034715" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2884-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2884-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2885-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2885-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1298906", "reference_id": "1298906", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1298906" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:update105:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.6.0:update105:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:update105:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update91:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.7.0:update91:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update91:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update66:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.8.0:update66:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update66:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.6.0:update105:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.6.0:update105:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.6.0:update105:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update91:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.7.0:update91:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update91:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update66:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.8.0:update66:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update66:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0494", "reference_id": "CVE-2016-0494", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0494" }, { "reference_url": "https://security.gentoo.org/glsa/201603-14", "reference_id": "GLSA-201603-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-14" }, { "reference_url": "https://security.gentoo.org/glsa/201610-08", "reference_id": "GLSA-201610-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201610-08" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0049", "reference_id": "RHSA-2016:0049", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0049" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0050", "reference_id": "RHSA-2016:0050", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0050" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0053", "reference_id": "RHSA-2016:0053", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0053" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0054", "reference_id": "RHSA-2016:0054", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0054" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0055", "reference_id": "RHSA-2016:0055", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0055" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0056", "reference_id": "RHSA-2016:0056", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0056" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0057", "reference_id": "RHSA-2016:0057", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0057" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0067", "reference_id": "RHSA-2016:0067", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0067" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0098", "reference_id": "RHSA-2016:0098", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0098" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0099", "reference_id": "RHSA-2016:0099", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0099" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0100", "reference_id": "RHSA-2016:0100", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0100" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0101", "reference_id": "RHSA-2016:0101", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0101" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1430", "reference_id": "RHSA-2016:1430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1430" }, { "reference_url": "https://usn.ubuntu.com/2884-1/", "reference_id": "USN-2884-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2884-1/" }, { "reference_url": "https://usn.ubuntu.com/2885-1/", "reference_id": "USN-2885-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2885-1/" }, { "reference_url": "https://usn.ubuntu.com/3227-1/", "reference_id": "USN-3227-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3227-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035487?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2bgz-463n-rbg4" }, { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-9ma9-pt7u-e3gv" }, { "vulnerability": "VCID-ajy9-yfsa-5bc5" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-fsdr-jdyv-tqed" }, { "vulnerability": "VCID-gted-bme5-r7gf" }, { "vulnerability": "VCID-hghm-mfvp-1ufk" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-hzxp-wau2-nyck" }, { "vulnerability": "VCID-ndem-w1mb-h7gj" }, { "vulnerability": "VCID-qb56-zfz8-4bev" }, { "vulnerability": "VCID-uwxq-bbum-1yhw" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-vcxf-zjrp-e3cg" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-wzc2-4mje-qfhf" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036847?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2016-0494" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gted-bme5-r7gf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36569?format=api", "vulnerability_id": "VCID-hghm-mfvp-1ufk", "summary": "Multiple vulnerabilities have been found in International\n Components for Unicode, allowing attackers to execute arbitrary code or\n cause a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8146.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8146.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8146", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.25808", "scoring_system": "epss", "scoring_elements": "0.9622", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.25808", "scoring_system": "epss", "scoring_elements": "0.96228", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.25808", "scoring_system": "epss", "scoring_elements": "0.96235", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.25808", "scoring_system": "epss", "scoring_elements": "0.96239", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.25808", "scoring_system": "epss", "scoring_elements": "0.96248", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.25808", "scoring_system": "epss", "scoring_elements": "0.96251", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.25808", "scoring_system": "epss", "scoring_elements": "0.96255", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.25808", "scoring_system": "epss", "scoring_elements": "0.96256", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.25808", "scoring_system": "epss", "scoring_elements": "0.96265", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.25808", "scoring_system": "epss", "scoring_elements": "0.96269", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.25808", "scoring_system": "epss", "scoring_elements": "0.96271", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8146" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8147" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1176197", "reference_id": "1176197", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1176197" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784773", "reference_id": "784773", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784773" }, { "reference_url": "https://github.com/pedrib/PoC/blob/a2842a650de88c582e963493d5e2711aa4a1b747/advisories/i-c-u-fail.txt", "reference_id": "CVE-2014-8147;CVE-2014-8146", "reference_type": "exploit", "scores": [], "url": "https://github.com/pedrib/PoC/blob/a2842a650de88c582e963493d5e2711aa4a1b747/advisories/i-c-u-fail.txt" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/43887.txt", "reference_id": "CVE-2014-8147;CVE-2014-8146", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/43887.txt" }, { "reference_url": "https://security.gentoo.org/glsa/201507-04", "reference_id": "GLSA-201507-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201507-04" }, { "reference_url": "https://usn.ubuntu.com/2605-1/", "reference_id": "USN-2605-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2605-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571057?format=api", "purl": "pkg:deb/debian/icu@4.8.1.1-12%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bcb-5gab-9kde" }, { "vulnerability": "VCID-2bgz-463n-rbg4" }, { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-8jtg-kntk-zuhp" }, { "vulnerability": "VCID-9ma9-pt7u-e3gv" }, { "vulnerability": "VCID-ajy9-yfsa-5bc5" }, { "vulnerability": "VCID-dr2n-9pz1-gfd5" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-faut-x7vy-g3dq" }, { "vulnerability": "VCID-fsdr-jdyv-tqed" }, { "vulnerability": "VCID-gted-bme5-r7gf" }, { "vulnerability": "VCID-hghm-mfvp-1ufk" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-hzxp-wau2-nyck" }, { "vulnerability": "VCID-jm8s-9gr6-ebax" }, { "vulnerability": "VCID-kct4-fj4c-7kgv" }, { "vulnerability": "VCID-mebk-ymrs-wkd2" }, { "vulnerability": "VCID-mzjf-ej5z-57eh" }, { "vulnerability": "VCID-ndem-w1mb-h7gj" }, { "vulnerability": "VCID-nyhx-9tes-9ygr" }, { "vulnerability": "VCID-pf5g-cuwm-7bey" }, { "vulnerability": "VCID-qb56-zfz8-4bev" }, { "vulnerability": "VCID-uwxq-bbum-1yhw" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-vcxf-zjrp-e3cg" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-wzc2-4mje-qfhf" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" }, { "vulnerability": "VCID-yz8d-49gf-u3bw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@4.8.1.1-12%252Bdeb7u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035487?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2bgz-463n-rbg4" }, { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-9ma9-pt7u-e3gv" }, { "vulnerability": "VCID-ajy9-yfsa-5bc5" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-fsdr-jdyv-tqed" }, { "vulnerability": "VCID-gted-bme5-r7gf" }, { "vulnerability": "VCID-hghm-mfvp-1ufk" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-hzxp-wau2-nyck" }, { "vulnerability": "VCID-ndem-w1mb-h7gj" }, { "vulnerability": "VCID-qb56-zfz8-4bev" }, { "vulnerability": "VCID-uwxq-bbum-1yhw" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-vcxf-zjrp-e3cg" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-wzc2-4mje-qfhf" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036847?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2014-8146" ], "risk_score": 0.4, "exploitability": "2.0", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hghm-mfvp-1ufk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43398?format=api", "vulnerability_id": "VCID-hzxp-wau2-nyck", "summary": "Multiple vulnerabilities have been found in ICU, the worst of which\n could allow remote code execution.", "references": [ { "reference_url": "http://bugs.icu-project.org/trac/changeset/39671", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.icu-project.org/trac/changeset/39671" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7868.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7868.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7868", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0209", "scoring_system": "epss", "scoring_elements": "0.83958", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0209", "scoring_system": "epss", "scoring_elements": "0.84053", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0209", "scoring_system": "epss", "scoring_elements": "0.84031", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0209", "scoring_system": "epss", "scoring_elements": "0.84027", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0209", "scoring_system": "epss", "scoring_elements": "0.8405", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0209", "scoring_system": "epss", "scoring_elements": "0.84052", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0209", "scoring_system": "epss", "scoring_elements": "0.83972", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0209", "scoring_system": "epss", "scoring_elements": "0.83988", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0209", "scoring_system": "epss", "scoring_elements": "0.83991", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0209", "scoring_system": "epss", "scoring_elements": "0.84015", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0209", "scoring_system": "epss", "scoring_elements": "0.84021", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0209", "scoring_system": "epss", "scoring_elements": "0.84038", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7868" }, { "reference_url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=437", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=437" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7867", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7867" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7868", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7868" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html" }, { "reference_url": "http://www.debian.org/security/2017/dsa-3830", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2017/dsa-3830" }, { "reference_url": "http://www.securityfocus.com/bid/97674", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/97674" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444098", "reference_id": "1444098", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444098" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860314", "reference_id": "860314", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860314" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:icu-project:international_components_for_unicode:*:*:*:*:*:c\\/c\\+\\+:*:*", "reference_id": "cpe:2.3:a:icu-project:international_components_for_unicode:*:*:*:*:*:c\\/c\\+\\+:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:icu-project:international_components_for_unicode:*:*:*:*:*:c\\/c\\+\\+:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7868", "reference_id": "CVE-2017-7868", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7868" }, { "reference_url": "https://security.gentoo.org/glsa/201710-03", "reference_id": "GLSA-201710-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-03" }, { "reference_url": "https://usn.ubuntu.com/3274-1/", "reference_id": "USN-3274-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3274-1/" }, { "reference_url": "https://usn.ubuntu.com/3274-2/", "reference_id": "USN-3274-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3274-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035487?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2bgz-463n-rbg4" }, { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-9ma9-pt7u-e3gv" }, { "vulnerability": "VCID-ajy9-yfsa-5bc5" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-fsdr-jdyv-tqed" }, { "vulnerability": "VCID-gted-bme5-r7gf" }, { "vulnerability": "VCID-hghm-mfvp-1ufk" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-hzxp-wau2-nyck" }, { "vulnerability": "VCID-ndem-w1mb-h7gj" }, { "vulnerability": "VCID-qb56-zfz8-4bev" }, { "vulnerability": "VCID-uwxq-bbum-1yhw" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-vcxf-zjrp-e3cg" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-wzc2-4mje-qfhf" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036847?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2017-7868" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hzxp-wau2-nyck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36570?format=api", "vulnerability_id": "VCID-ndem-w1mb-h7gj", "summary": "Multiple vulnerabilities have been found in International\n Components for Unicode, allowing attackers to execute arbitrary code or\n cause a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8147.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8147.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8147", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.41904", "scoring_system": "epss", "scoring_elements": "0.97402", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.41904", "scoring_system": "epss", "scoring_elements": "0.97408", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.41904", "scoring_system": "epss", "scoring_elements": "0.97413", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.41904", "scoring_system": "epss", "scoring_elements": "0.97415", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.41904", "scoring_system": "epss", "scoring_elements": "0.97422", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.41904", "scoring_system": "epss", "scoring_elements": "0.97423", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.41904", "scoring_system": "epss", "scoring_elements": "0.97425", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.41904", "scoring_system": "epss", "scoring_elements": "0.97427", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.41904", "scoring_system": "epss", "scoring_elements": "0.97428", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.41904", "scoring_system": "epss", "scoring_elements": "0.97436", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.41904", "scoring_system": "epss", "scoring_elements": "0.9744", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8147" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8147" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1176200", "reference_id": "1176200", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1176200" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784773", "reference_id": "784773", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784773" }, { "reference_url": "https://security.gentoo.org/glsa/201507-04", "reference_id": "GLSA-201507-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201507-04" }, { "reference_url": "https://usn.ubuntu.com/2605-1/", "reference_id": "USN-2605-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2605-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571057?format=api", "purl": "pkg:deb/debian/icu@4.8.1.1-12%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bcb-5gab-9kde" }, { "vulnerability": "VCID-2bgz-463n-rbg4" }, { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-8jtg-kntk-zuhp" }, { "vulnerability": "VCID-9ma9-pt7u-e3gv" }, { "vulnerability": "VCID-ajy9-yfsa-5bc5" }, { "vulnerability": "VCID-dr2n-9pz1-gfd5" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-faut-x7vy-g3dq" }, { "vulnerability": "VCID-fsdr-jdyv-tqed" }, { "vulnerability": "VCID-gted-bme5-r7gf" }, { "vulnerability": "VCID-hghm-mfvp-1ufk" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-hzxp-wau2-nyck" }, { "vulnerability": "VCID-jm8s-9gr6-ebax" }, { "vulnerability": "VCID-kct4-fj4c-7kgv" }, { "vulnerability": "VCID-mebk-ymrs-wkd2" }, { "vulnerability": "VCID-mzjf-ej5z-57eh" }, { "vulnerability": "VCID-ndem-w1mb-h7gj" }, { "vulnerability": "VCID-nyhx-9tes-9ygr" }, { "vulnerability": "VCID-pf5g-cuwm-7bey" }, { "vulnerability": "VCID-qb56-zfz8-4bev" }, { "vulnerability": "VCID-uwxq-bbum-1yhw" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-vcxf-zjrp-e3cg" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-wzc2-4mje-qfhf" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" }, { "vulnerability": "VCID-yz8d-49gf-u3bw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@4.8.1.1-12%252Bdeb7u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035487?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2bgz-463n-rbg4" }, { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-9ma9-pt7u-e3gv" }, { "vulnerability": "VCID-ajy9-yfsa-5bc5" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-fsdr-jdyv-tqed" }, { "vulnerability": "VCID-gted-bme5-r7gf" }, { "vulnerability": "VCID-hghm-mfvp-1ufk" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-hzxp-wau2-nyck" }, { "vulnerability": "VCID-ndem-w1mb-h7gj" }, { "vulnerability": "VCID-qb56-zfz8-4bev" }, { "vulnerability": "VCID-uwxq-bbum-1yhw" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-vcxf-zjrp-e3cg" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-wzc2-4mje-qfhf" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036847?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2014-8147" ], "risk_score": 0.8, "exploitability": "2.0", "weighted_severity": "0.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ndem-w1mb-h7gj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31305?format=api", "vulnerability_id": "VCID-qb56-zfz8-4bev", "summary": "Multiple vulnerabilities have been found in IcedTea allowing remote\n attackers to affect confidentiality, integrity, and availability through\n various vectors.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1919.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-1919.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1920.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-1920.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1921.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-1921.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1926.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-1926.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1927.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-1927.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1928.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-1928.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2506.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-2506.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2507.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-2507.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2508.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-2508.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2509.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-2509.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2518.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-2518.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4844.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4844.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4844", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10364", "scoring_system": "epss", "scoring_elements": "0.9323", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.10364", "scoring_system": "epss", "scoring_elements": "0.93173", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.10364", "scoring_system": "epss", "scoring_elements": "0.93183", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.10364", "scoring_system": "epss", "scoring_elements": "0.93187", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.10364", "scoring_system": "epss", "scoring_elements": "0.93185", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.10364", "scoring_system": "epss", "scoring_elements": "0.93194", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.10364", "scoring_system": "epss", "scoring_elements": "0.93198", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.10364", "scoring_system": "epss", "scoring_elements": "0.93203", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.10364", "scoring_system": "epss", "scoring_elements": "0.932", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.10364", "scoring_system": "epss", "scoring_elements": "0.93202", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.10364", "scoring_system": "epss", "scoring_elements": "0.93217", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.10364", "scoring_system": "epss", "scoring_elements": "0.93222", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3381", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2015/dsa-3381" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "reference_url": "http://www.securityfocus.com/bid/77164", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/77164" }, { "reference_url": "http://www.securitytracker.com/id/1033884", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1033884" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2784-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2784-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2827-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2827-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273318", "reference_id": "1273318", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273318" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:update101:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.6.0:update101:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:update101:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update85:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.7.0:update85:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update85:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update51:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.8.0:update51:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update51:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update60:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.8.0:update60:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update60:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.6.0:update_101:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.6.0:update_101:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.6.0:update_101:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update_85:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.7.0:update_85:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update_85:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update_51:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.8.0:update_51:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update_51:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update_60:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.8.0:update_60:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update_60:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4844", "reference_id": "CVE-2015-4844", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4844" }, { "reference_url": "https://security.gentoo.org/glsa/201603-11", "reference_id": "GLSA-201603-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-11" }, { "reference_url": "https://security.gentoo.org/glsa/201603-14", "reference_id": "GLSA-201603-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-14" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1919", "reference_id": "RHSA-2015:1919", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1919" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1920", "reference_id": "RHSA-2015:1920", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1920" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1921", "reference_id": "RHSA-2015:1921", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1921" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1926", "reference_id": "RHSA-2015:1926", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1926" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1927", "reference_id": "RHSA-2015:1927", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1927" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1928", "reference_id": "RHSA-2015:1928", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1928" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2086", "reference_id": "RHSA-2015:2086", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2086" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2506", "reference_id": "RHSA-2015:2506", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2506" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2507", "reference_id": "RHSA-2015:2507", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2507" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2508", "reference_id": "RHSA-2015:2508", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2508" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2509", "reference_id": "RHSA-2015:2509", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2509" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2518", "reference_id": "RHSA-2015:2518", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2518" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1430", "reference_id": "RHSA-2016:1430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1430" }, { "reference_url": "https://usn.ubuntu.com/2784-1/", "reference_id": "USN-2784-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2784-1/" }, { "reference_url": "https://usn.ubuntu.com/2827-1/", "reference_id": "USN-2827-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2827-1/" }, { "reference_url": "https://usn.ubuntu.com/3227-1/", "reference_id": "USN-3227-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3227-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035487?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2bgz-463n-rbg4" }, { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-9ma9-pt7u-e3gv" }, { "vulnerability": "VCID-ajy9-yfsa-5bc5" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-fsdr-jdyv-tqed" }, { "vulnerability": "VCID-gted-bme5-r7gf" }, { "vulnerability": "VCID-hghm-mfvp-1ufk" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-hzxp-wau2-nyck" }, { "vulnerability": "VCID-ndem-w1mb-h7gj" }, { "vulnerability": "VCID-qb56-zfz8-4bev" }, { "vulnerability": "VCID-uwxq-bbum-1yhw" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-vcxf-zjrp-e3cg" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-wzc2-4mje-qfhf" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036847?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2015-4844" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qb56-zfz8-4bev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31286?format=api", "vulnerability_id": "VCID-uwxq-bbum-1yhw", "summary": "Multiple vulnerabilities have been found in IcedTea allowing remote\n attackers to affect confidentiality, integrity, and availability through\n various vectors.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2632.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2632.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01988", "scoring_system": "epss", "scoring_elements": "0.83534", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01988", "scoring_system": "epss", "scoring_elements": "0.83546", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01988", "scoring_system": "epss", "scoring_elements": "0.83561", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01988", "scoring_system": "epss", "scoring_elements": "0.83562", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01988", "scoring_system": "epss", "scoring_elements": "0.83586", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01988", "scoring_system": "epss", "scoring_elements": "0.83595", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01988", "scoring_system": "epss", "scoring_elements": "0.8361", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01988", "scoring_system": "epss", "scoring_elements": "0.83603", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01988", "scoring_system": "epss", "scoring_elements": "0.83599", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01988", "scoring_system": "epss", "scoring_elements": "0.83634", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01988", "scoring_system": "epss", "scoring_elements": "0.83635", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8873", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8873" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1242394", "reference_id": "1242394", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1242394" }, { "reference_url": "https://security.gentoo.org/glsa/201603-11", "reference_id": "GLSA-201603-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-11" }, { "reference_url": "https://security.gentoo.org/glsa/201603-14", "reference_id": "GLSA-201603-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-14" }, { "reference_url": "https://security.gentoo.org/glsa/201701-58", "reference_id": "GLSA-201701-58", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-58" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1228", "reference_id": "RHSA-2015:1228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1229", "reference_id": "RHSA-2015:1229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1230", "reference_id": "RHSA-2015:1230", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1230" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1241", "reference_id": "RHSA-2015:1241", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1242", "reference_id": "RHSA-2015:1242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1242" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1243", "reference_id": "RHSA-2015:1243", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1243" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1485", "reference_id": "RHSA-2015:1485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1486", "reference_id": "RHSA-2015:1486", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1486" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1488", "reference_id": "RHSA-2015:1488", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1488" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1526", "reference_id": "RHSA-2015:1526", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1526" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1544", "reference_id": "RHSA-2015:1544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1604", "reference_id": "RHSA-2015:1604", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1604" }, { "reference_url": "https://usn.ubuntu.com/2696-1/", "reference_id": "USN-2696-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2696-1/" }, { "reference_url": "https://usn.ubuntu.com/2706-1/", "reference_id": "USN-2706-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2706-1/" }, { "reference_url": "https://usn.ubuntu.com/2740-1/", "reference_id": "USN-2740-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2740-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035487?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2bgz-463n-rbg4" }, { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-9ma9-pt7u-e3gv" }, { "vulnerability": "VCID-ajy9-yfsa-5bc5" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-fsdr-jdyv-tqed" }, { "vulnerability": "VCID-gted-bme5-r7gf" }, { "vulnerability": "VCID-hghm-mfvp-1ufk" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-hzxp-wau2-nyck" }, { "vulnerability": "VCID-ndem-w1mb-h7gj" }, { "vulnerability": "VCID-qb56-zfz8-4bev" }, { "vulnerability": "VCID-uwxq-bbum-1yhw" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-vcxf-zjrp-e3cg" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-wzc2-4mje-qfhf" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036847?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2015-2632" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uwxq-bbum-1yhw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62061?format=api", "vulnerability_id": "VCID-vcxf-zjrp-e3cg", "summary": "Multiple vulnerabilities have been found in the Chromium web\n browser, the worst of which allows remote attackers to execute arbitrary\n code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1270.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1270.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1270", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01188", "scoring_system": "epss", "scoring_elements": "0.78763", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01188", "scoring_system": "epss", "scoring_elements": "0.7877", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01188", "scoring_system": "epss", "scoring_elements": "0.78802", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01188", "scoring_system": "epss", "scoring_elements": "0.78784", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01188", "scoring_system": "epss", "scoring_elements": "0.78809", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01188", "scoring_system": "epss", "scoring_elements": "0.78817", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01188", "scoring_system": "epss", "scoring_elements": "0.7884", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01188", "scoring_system": "epss", "scoring_elements": "0.78823", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01188", "scoring_system": "epss", "scoring_elements": "0.78814", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01188", "scoring_system": "epss", "scoring_elements": "0.78842", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01188", "scoring_system": "epss", "scoring_elements": "0.78839", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01188", "scoring_system": "epss", "scoring_elements": "0.78837", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1270" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1266", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1266" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1267", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1267" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1268", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1268" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1269", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1269" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1270", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1270" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1271", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1271" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1272", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1272" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1273", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1273" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1274", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1274" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1276", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1276" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1278", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1278" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1279", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1279" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1280", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1280" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1281", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1281" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1284", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1284" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1287", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1287" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1288", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1288" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1289", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1289" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1245574", "reference_id": "1245574", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1245574" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=798647", "reference_id": "798647", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=798647" }, { "reference_url": "https://security.gentoo.org/glsa/201603-09", "reference_id": "GLSA-201603-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1499", "reference_id": "RHSA-2015:1499", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1499" }, { "reference_url": "https://usn.ubuntu.com/2677-1/", "reference_id": "USN-2677-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2677-1/" }, { "reference_url": "https://usn.ubuntu.com/2740-1/", "reference_id": "USN-2740-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2740-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035487?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2bgz-463n-rbg4" }, { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-9ma9-pt7u-e3gv" }, { "vulnerability": "VCID-ajy9-yfsa-5bc5" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-fsdr-jdyv-tqed" }, { "vulnerability": "VCID-gted-bme5-r7gf" }, { "vulnerability": "VCID-hghm-mfvp-1ufk" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-hzxp-wau2-nyck" }, { "vulnerability": "VCID-ndem-w1mb-h7gj" }, { "vulnerability": "VCID-qb56-zfz8-4bev" }, { "vulnerability": "VCID-uwxq-bbum-1yhw" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-vcxf-zjrp-e3cg" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-wzc2-4mje-qfhf" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036847?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2015-1270" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vcxf-zjrp-e3cg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56852?format=api", "vulnerability_id": "VCID-wzc2-4mje-qfhf", "summary": "Multiple vulnerabilities have been found in ICU, the worst of which\n could cause a Denial of Service condition.", "references": [ { "reference_url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=aa82e99ed8003c01f1ef4f0940e56b85c5b032d4", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=aa82e99ed8003c01f1ef4f0940e56b85c5b032d4" }, { "reference_url": "http://openwall.com/lists/oss-security/2016/07/24/2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2016/07/24/2" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6293.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6293.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6293", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03557", "scoring_system": "epss", "scoring_elements": "0.87647", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03557", "scoring_system": "epss", "scoring_elements": "0.87712", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03557", "scoring_system": "epss", "scoring_elements": "0.87703", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03557", "scoring_system": "epss", "scoring_elements": "0.87701", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03557", "scoring_system": "epss", "scoring_elements": "0.87716", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03557", "scoring_system": "epss", "scoring_elements": "0.87657", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03557", "scoring_system": "epss", "scoring_elements": "0.8767", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03557", "scoring_system": "epss", "scoring_elements": "0.87671", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03557", "scoring_system": "epss", "scoring_elements": "0.87692", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03557", "scoring_system": "epss", "scoring_elements": "0.87698", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03557", "scoring_system": "epss", "scoring_elements": "0.8771", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6293" }, { "reference_url": "https://bugs.php.net/72533", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.php.net/72533" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html" }, { "reference_url": "http://www.securityfocus.com/bid/92127", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/92127" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1360339", "reference_id": "1360339", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1360339" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:icu-project:international_components_for_unicode:*:*:*:*:*:c\\/c\\+\\+:*:*", "reference_id": "cpe:2.3:a:icu-project:international_components_for_unicode:*:*:*:*:*:c\\/c\\+\\+:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:icu-project:international_components_for_unicode:*:*:*:*:*:c\\/c\\+\\+:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6293", "reference_id": "CVE-2016-6293", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6293" }, { "reference_url": "https://security.gentoo.org/glsa/201701-58", "reference_id": "GLSA-201701-58", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-58" }, { "reference_url": "https://usn.ubuntu.com/3227-1/", "reference_id": "USN-3227-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3227-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035487?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2bgz-463n-rbg4" }, { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-9ma9-pt7u-e3gv" }, { "vulnerability": "VCID-ajy9-yfsa-5bc5" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-fsdr-jdyv-tqed" }, { "vulnerability": "VCID-gted-bme5-r7gf" }, { "vulnerability": "VCID-hghm-mfvp-1ufk" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-hzxp-wau2-nyck" }, { "vulnerability": "VCID-ndem-w1mb-h7gj" }, { "vulnerability": "VCID-qb56-zfz8-4bev" }, { "vulnerability": "VCID-uwxq-bbum-1yhw" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-vcxf-zjrp-e3cg" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-wzc2-4mje-qfhf" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036847?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2016-6293" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wzc2-4mje-qfhf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49911?format=api", "vulnerability_id": "VCID-xg8u-dvmc-t3ft", "summary": "Multiple vulnerabilities have been found in Chromium and Google\n Chrome, the worst of which could result in the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15422.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15422.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15422", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02003", "scoring_system": "epss", "scoring_elements": "0.83601", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02003", "scoring_system": "epss", "scoring_elements": "0.83654", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02003", "scoring_system": "epss", "scoring_elements": "0.83613", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02003", "scoring_system": "epss", "scoring_elements": "0.83628", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02003", "scoring_system": "epss", "scoring_elements": "0.8363", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02598", "scoring_system": "epss", "scoring_elements": "0.85634", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02598", "scoring_system": "epss", "scoring_elements": "0.85628", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02598", "scoring_system": "epss", "scoring_elements": "0.8563", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02598", "scoring_system": "epss", "scoring_elements": "0.85599", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02598", "scoring_system": "epss", "scoring_elements": "0.85613", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02598", "scoring_system": "epss", "scoring_elements": "0.8561", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02598", "scoring_system": "epss", "scoring_elements": "0.85606", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15422" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15422", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15422" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523136", "reference_id": "1523136", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523136" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892766", "reference_id": "892766", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892766" }, { "reference_url": "https://security.archlinux.org/ASA-201712-5", "reference_id": "ASA-201712-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201712-5" }, { "reference_url": "https://security.archlinux.org/AVG-544", "reference_id": "AVG-544", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-544" }, { "reference_url": "https://security.gentoo.org/glsa/201801-03", "reference_id": "GLSA-201801-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201801-03" }, { "reference_url": "https://usn.ubuntu.com/3610-1/", "reference_id": "USN-3610-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3610-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035487?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2bgz-463n-rbg4" }, { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-9ma9-pt7u-e3gv" }, { "vulnerability": "VCID-ajy9-yfsa-5bc5" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-fsdr-jdyv-tqed" }, { "vulnerability": "VCID-gted-bme5-r7gf" }, { "vulnerability": "VCID-hghm-mfvp-1ufk" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-hzxp-wau2-nyck" }, { "vulnerability": "VCID-ndem-w1mb-h7gj" }, { "vulnerability": "VCID-qb56-zfz8-4bev" }, { "vulnerability": "VCID-uwxq-bbum-1yhw" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-vcxf-zjrp-e3cg" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-wzc2-4mje-qfhf" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036847?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5es3-zr94-dfcm" }, { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-v547-6z4g-kba3" }, { "vulnerability": "VCID-w5th-khuv-mkek" }, { "vulnerability": "VCID-xg8u-dvmc-t3ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038268?format=api", "purl": "pkg:deb/debian/icu@63.1-6%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5ht5-3ffs-mbe6" }, { "vulnerability": "VCID-ec4s-1rb3-muhf" }, { "vulnerability": "VCID-hjda-t6dj-3baj" }, { "vulnerability": "VCID-v547-6z4g-kba3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@63.1-6%252Bdeb10u3" } ], "aliases": [ "CVE-2017-15422" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xg8u-dvmc-t3ft" } ], "risk_score": "4.5", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }