Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1036929?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1036929?format=api", "purl": "pkg:deb/debian/glibc@2.24-11%2Bdeb9u3", "type": "deb", "namespace": "debian", "name": "glibc", "version": "2.24-11+deb9u3", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "2.36-8", "latest_non_vulnerable_version": "2.42-15", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43777?format=api", "vulnerability_id": "VCID-13gq-1x22-skhy", "summary": "Multiple vulnerabilities in glibc could result in Denial of\n Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27618.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27618.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27618", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.1686", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16849", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17028", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17082", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16863", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16952", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.1701", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16985", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16939", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16881", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16817", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16819", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1893708", "reference_id": "1893708", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1893708" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973914", "reference_id": "973914", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973914" }, { "reference_url": "https://security.archlinux.org/ASA-202102-16", "reference_id": "ASA-202102-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202102-16" }, { "reference_url": "https://security.archlinux.org/ASA-202102-17", "reference_id": "ASA-202102-17", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202102-17" }, { "reference_url": "https://security.archlinux.org/AVG-1320", "reference_id": "AVG-1320", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1320" }, { "reference_url": "https://security.gentoo.org/glsa/202107-07", "reference_id": "GLSA-202107-07", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:14:58Z/" } ], "url": "https://security.gentoo.org/glsa/202107-07" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210401-0006/", "reference_id": "ntap-20210401-0006", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:14:58Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210401-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1585", "reference_id": "RHSA-2021:1585", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1585" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", "reference_id": "show_bug.cgi?id=19519#c21", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:14:58Z/" } ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", "reference_id": "show_bug.cgi?id=26224", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:14:58Z/" } ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224" }, { "reference_url": "https://usn.ubuntu.com/5310-1/", "reference_id": "USN-5310-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5310-1/" }, { "reference_url": "https://usn.ubuntu.com/5768-1/", "reference_id": "USN-5768-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5768-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049939?format=api", "purl": "pkg:deb/debian/glibc@2.31-9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-9" } ], "aliases": [ "CVE-2020-27618" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-13gq-1x22-skhy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62168?format=api", "vulnerability_id": "VCID-2gmq-64e3-c7db", "summary": "Multiple vulnerabilities have been discovered in the GNU C Library, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23218.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23218.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23218", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00379", "scoring_system": "epss", "scoring_elements": "0.59469", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00379", "scoring_system": "epss", "scoring_elements": "0.5946", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00379", "scoring_system": "epss", "scoring_elements": "0.59476", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.65785", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.65815", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66934", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66886", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66885", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66947", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66967", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66912", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23218" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042013", "reference_id": "2042013", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042013" }, { "reference_url": "https://security.gentoo.org/glsa/202208-24", "reference_id": "GLSA-202208-24", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:31:43Z/" } ], "url": "https://security.gentoo.org/glsa/202208-24" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0896", "reference_id": "RHSA-2022:0896", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0896" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28768", "reference_id": "show_bug.cgi?id=28768", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:31:43Z/" } ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28768" }, { "reference_url": "https://usn.ubuntu.com/5310-1/", "reference_id": "USN-5310-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5310-1/" }, { "reference_url": "https://usn.ubuntu.com/5310-2/", "reference_id": "USN-5310-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5310-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050172?format=api", "purl": "pkg:deb/debian/glibc@2.31-13%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u3" } ], "aliases": [ "CVE-2022-23218" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2gmq-64e3-c7db" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43040?format=api", "vulnerability_id": "VCID-3hqs-jns2-puf2", "summary": "Multiple vulnerabilities have been discovered in glibc, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33599.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33599.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-33599", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70102", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70116", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70094", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70141", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70157", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.7018", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70165", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70153", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70196", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70205", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0087", "scoring_system": "epss", "scoring_elements": "0.75216", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-33599" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277202", "reference_id": "2277202", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277202" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/07/22/5", "reference_id": "5", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-29T19:01:02Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/07/22/5" }, { "reference_url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0005", "reference_id": "GLIBC-SA-2024-0005", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-29T19:01:02Z/" } ], "url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0005" }, { "reference_url": "https://security.gentoo.org/glsa/202405-17", "reference_id": "GLSA-202405-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-17" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html", "reference_id": "msg00026.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-29T19:01:02Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240524-0011/", "reference_id": "ntap-20240524-0011", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-29T19:01:02Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240524-0011/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2799", "reference_id": "RHSA-2024:2799", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2799" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3309", "reference_id": "RHSA-2024:3309", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3309" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3312", "reference_id": "RHSA-2024:3312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3339", "reference_id": "RHSA-2024:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3344", "reference_id": "RHSA-2024:3344", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3344" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3411", "reference_id": "RHSA-2024:3411", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3411" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3423", "reference_id": "RHSA-2024:3423", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3423" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3464", "reference_id": "RHSA-2024:3464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3588", "reference_id": "RHSA-2024:3588", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3588" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4126", "reference_id": "RHSA-2024:4126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4126" }, { "reference_url": "https://usn.ubuntu.com/6804-1/", "reference_id": "USN-6804-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6804-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995125?format=api", "purl": "pkg:deb/debian/glibc@2.31-13%2Bdeb11u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3e43-r92j-hkd3" }, { "vulnerability": "VCID-9nqp-tfvr-ayen" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-jswq-6ru6-wybc" }, { "vulnerability": "VCID-kukb-s61t-pbc3" }, { "vulnerability": "VCID-nwfb-xnks-1kg7" }, { "vulnerability": "VCID-ssnc-wdcf-sfc9" }, { "vulnerability": "VCID-tcpv-4crc-zuap" }, { "vulnerability": "VCID-us68-psx5-zude" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zn6t-3mvb-wufm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u11" } ], "aliases": [ "CVE-2024-33599" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3hqs-jns2-puf2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81840?format=api", "vulnerability_id": "VCID-6kb1-yuq8-tfbs", "summary": "glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19126.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19126.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-19126", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03129", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06277", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06388", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06327", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06337", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.0631", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06344", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06321", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06369", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06412", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06404", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06399", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-19126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19126" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=25204", "reference_id": "", "reference_type": "", "scores": [], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=25204" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1774681", "reference_id": "1774681", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1774681" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945250", "reference_id": "945250", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945250" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:x64:*", "reference_id": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:x64:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:x64:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19126", "reference_id": "CVE-2019-19126", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1828", "reference_id": "RHSA-2020:1828", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1828" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3861", "reference_id": "RHSA-2020:3861", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3861" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0949", "reference_id": "RHSA-2021:0949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0949" }, { "reference_url": "https://usn.ubuntu.com/4416-1/", "reference_id": "USN-4416-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4416-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049939?format=api", "purl": "pkg:deb/debian/glibc@2.31-9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-9" } ], "aliases": [ "CVE-2019-19126" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6kb1-yuq8-tfbs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62165?format=api", "vulnerability_id": "VCID-6qa1-upks-g3dm", "summary": "Multiple vulnerabilities have been discovered in the GNU C Library, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3999", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00848", "scoring_system": "epss", "scoring_elements": "0.74883", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00848", "scoring_system": "epss", "scoring_elements": "0.74805", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00848", "scoring_system": "epss", "scoring_elements": "0.74806", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00848", "scoring_system": "epss", "scoring_elements": "0.74835", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00848", "scoring_system": "epss", "scoring_elements": "0.74808", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00848", "scoring_system": "epss", "scoring_elements": "0.74841", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00848", "scoring_system": "epss", "scoring_elements": "0.74855", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00848", "scoring_system": "epss", "scoring_elements": "0.74879", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00848", "scoring_system": "epss", "scoring_elements": "0.74858", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00848", "scoring_system": "epss", "scoring_elements": "0.74849", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00848", "scoring_system": "epss", "scoring_elements": "0.74885", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00848", "scoring_system": "epss", "scoring_elements": "0.74892", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", "reference_id": "2024637", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-02T20:54:28Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637" }, { "reference_url": "https://www.openwall.com/lists/oss-security/2022/01/24/4", "reference_id": "4", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-02T20:54:28Z/" } ], "url": "https://www.openwall.com/lists/oss-security/2022/01/24/4" }, { "reference_url": "https://security.archlinux.org/AVG-1621", "reference_id": "AVG-1621", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1621" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2021-3999", "reference_id": "CVE-2021-3999", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-02T20:54:28Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2021-3999" }, { "reference_url": "https://security-tracker.debian.org/tracker/CVE-2021-3999", "reference_id": "CVE-2021-3999", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-02T20:54:28Z/" } ], "url": "https://security-tracker.debian.org/tracker/CVE-2021-3999" }, { "reference_url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", "reference_id": "gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-02T20:54:28Z/" } ], "url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e" }, { "reference_url": "https://security.gentoo.org/glsa/202208-24", "reference_id": "GLSA-202208-24", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-24" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20221104-0001/", "reference_id": "ntap-20221104-0001", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-02T20:54:28Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20221104-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0896", "reference_id": "RHSA-2022:0896", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0896" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", "reference_id": "show_bug.cgi?id=28769", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-02T20:54:28Z/" } ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769" }, { "reference_url": "https://usn.ubuntu.com/5310-1/", "reference_id": "USN-5310-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5310-1/" }, { "reference_url": "https://usn.ubuntu.com/5310-2/", "reference_id": "USN-5310-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5310-2/" }, { "reference_url": "https://usn.ubuntu.com/6762-1/", "reference_id": "USN-6762-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6762-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050173?format=api", "purl": "pkg:deb/debian/glibc@2.31-13%2Bdeb11u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u5" } ], "aliases": [ "CVE-2021-3999" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6qa1-upks-g3dm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61415?format=api", "vulnerability_id": "VCID-75dc-1fd5-u3e2", "summary": "Multiple vulnerabilities have been found in glibc, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9169.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9169.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9169", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0708", "scoring_system": "epss", "scoring_elements": "0.91536", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0708", "scoring_system": "epss", "scoring_elements": "0.91541", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.12135", "scoring_system": "epss", "scoring_elements": "0.93818", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.13732", "scoring_system": "epss", "scoring_elements": "0.94228", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.13732", "scoring_system": "epss", "scoring_elements": "0.94238", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.13732", "scoring_system": "epss", "scoring_elements": "0.94249", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.13732", "scoring_system": "epss", "scoring_elements": "0.9425", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.13732", "scoring_system": "epss", "scoring_elements": "0.94259", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.13732", "scoring_system": "epss", "scoring_elements": "0.94264", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.13732", "scoring_system": "epss", "scoring_elements": "0.94268", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9169" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9169" }, { "reference_url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34140" }, { "reference_url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34142", "reference_id": "", "reference_type": "", "scores": [], "url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34142" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10278", "reference_id": "", "reference_type": "", "scores": [], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10278" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190315-0002/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190315-0002/" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=24114", "reference_id": "", "reference_type": "", "scores": [], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=24114" }, { "reference_url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=583dd860d5b833037175247230a328f0050dbfe9", "reference_id": "", "reference_type": "", "scores": [], "url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=583dd860d5b833037175247230a328f0050dbfe9" }, { "reference_url": "https://support.f5.com/csp/article/K54823184", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.f5.com/csp/article/K54823184" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "reference_url": "http://www.securityfocus.com/bid/107160", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/107160" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1684057", "reference_id": "1684057", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1684057" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924612", "reference_id": "924612", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924612" }, { "reference_url": "https://security.archlinux.org/ASA-201911-3", "reference_id": "ASA-201911-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201911-3" }, { "reference_url": "https://security.archlinux.org/AVG-855", "reference_id": "AVG-855", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-855" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_backup:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:netapp:cloud_backup:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_backup:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9169", "reference_id": "CVE-2019-9169", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9169" }, { "reference_url": "https://security.gentoo.org/glsa/202006-04", "reference_id": "GLSA-202006-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202006-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1585", "reference_id": "RHSA-2021:1585", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1585" }, { "reference_url": "https://usn.ubuntu.com/4416-1/", "reference_id": "USN-4416-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4416-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049937?format=api", "purl": "pkg:deb/debian/glibc@2.28-10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-13gq-1x22-skhy" }, { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6kb1-yuq8-tfbs" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-b6tp-a1qc-pfdw" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-hj77-4nfx-fuaa" }, { "vulnerability": "VCID-mqch-gxfq-zyhh" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-pyms-pya1-buck" }, { "vulnerability": "VCID-sbzq-gp2e-v7fy" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-v96m-se3g-8ydp" }, { "vulnerability": "VCID-vqyv-kf5w-vkch" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.28-10" } ], "aliases": [ "CVE-2019-9169" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-75dc-1fd5-u3e2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83798?format=api", "vulnerability_id": "VCID-8egr-f63v-3uht", "summary": "glibc: Buffer overflow triggerable via LD_LIBRARY_PATH", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000409.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000409.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000409", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.74681", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00883", "scoring_system": "epss", "scoring_elements": "0.75355", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00883", "scoring_system": "epss", "scoring_elements": "0.75388", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00883", "scoring_system": "epss", "scoring_elements": "0.75367", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00883", "scoring_system": "epss", "scoring_elements": "0.7541", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00883", "scoring_system": "epss", "scoring_elements": "0.75419", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00883", "scoring_system": "epss", "scoring_elements": "0.75439", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00883", "scoring_system": "epss", "scoring_elements": "0.75417", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00883", "scoring_system": "epss", "scoring_elements": "0.75406", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00883", "scoring_system": "epss", "scoring_elements": "0.75447", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00883", "scoring_system": "epss", "scoring_elements": "0.75454", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00883", "scoring_system": "epss", "scoring_elements": "0.75443", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000409" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000409", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000409" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1522830", "reference_id": "1522830", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1522830" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884133", "reference_id": "884133", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884133" }, { "reference_url": "https://usn.ubuntu.com/3534-1/", "reference_id": "USN-3534-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3534-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049095?format=api", "purl": "pkg:deb/debian/glibc@2.28-7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-13gq-1x22-skhy" }, { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6kb1-yuq8-tfbs" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-75dc-1fd5-u3e2" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-b6tp-a1qc-pfdw" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-hj77-4nfx-fuaa" }, { "vulnerability": "VCID-mqch-gxfq-zyhh" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-pyms-pya1-buck" }, { "vulnerability": "VCID-sbzq-gp2e-v7fy" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-v96m-se3g-8ydp" }, { "vulnerability": "VCID-vqyv-kf5w-vkch" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.28-7" } ], "aliases": [ "CVE-2017-1000409" ], "risk_score": 8.4, "exploitability": "2.0", "weighted_severity": "4.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8egr-f63v-3uht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43780?format=api", "vulnerability_id": "VCID-8p27-z2tz-4bbm", "summary": "Multiple vulnerabilities in glibc could result in Denial of\n Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33574.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33574.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-33574", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30847", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30818", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30873", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30852", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30973", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.3102", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30838", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30897", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30927", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30929", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30887", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30842", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-33574" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33574", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33574" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1965408", "reference_id": "1965408", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1965408" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989147", "reference_id": "989147", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989147" }, { "reference_url": "https://security.archlinux.org/AVG-1621", "reference_id": "AVG-1621", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1621" }, { "reference_url": "https://security.gentoo.org/glsa/202107-07", "reference_id": "GLSA-202107-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202107-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4358", "reference_id": "RHSA-2021:4358", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4358" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050172?format=api", "purl": "pkg:deb/debian/glibc@2.31-13%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u3" } ], "aliases": [ "CVE-2021-33574" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8p27-z2tz-4bbm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59737?format=api", "vulnerability_id": "VCID-b6tp-a1qc-pfdw", "summary": "Multiple vulnerabilities have been found in glibc, the worst of\n which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6096.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6096.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6096", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01904", "scoring_system": "epss", "scoring_elements": "0.8318", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01904", "scoring_system": "epss", "scoring_elements": "0.83283", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01904", "scoring_system": "epss", "scoring_elements": "0.83282", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01904", "scoring_system": "epss", "scoring_elements": "0.83245", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01904", "scoring_system": "epss", "scoring_elements": "0.83196", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01904", "scoring_system": "epss", "scoring_elements": "0.8325", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01904", "scoring_system": "epss", "scoring_elements": "0.83256", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01904", "scoring_system": "epss", "scoring_elements": "0.8324", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01904", "scoring_system": "epss", "scoring_elements": "0.83233", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01904", "scoring_system": "epss", "scoring_elements": "0.8321", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01904", "scoring_system": "epss", "scoring_elements": "0.83208", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0449", "scoring_system": "epss", "scoring_elements": "0.89128", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6096" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-13T20:06:27Z/" } ], "url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-13T20:06:27Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-13T20:06:27Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-13T20:06:27Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=25620", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-13T20:06:27Z/" } ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=25620" }, { "reference_url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-13T20:06:27Z/" } ], "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1820331", "reference_id": "1820331", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1820331" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961452", "reference_id": "961452", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961452" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6096", "reference_id": "CVE-2020-6096", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6096" }, { "reference_url": "https://security.gentoo.org/glsa/202101-20", "reference_id": "GLSA-202101-20", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-13T20:06:27Z/" } ], "url": "https://security.gentoo.org/glsa/202101-20" }, { "reference_url": "https://usn.ubuntu.com/4954-1/", "reference_id": "USN-4954-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4954-1/" }, { "reference_url": "https://usn.ubuntu.com/5310-1/", "reference_id": "USN-5310-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5310-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049939?format=api", "purl": "pkg:deb/debian/glibc@2.31-9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-9" } ], "aliases": [ "CVE-2020-6096" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b6tp-a1qc-pfdw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43041?format=api", "vulnerability_id": "VCID-bcuy-bbxf-x7hy", "summary": "Multiple vulnerabilities have been discovered in glibc, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33600.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33600.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-33600", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.4522", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.45242", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.45185", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.4524", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.45261", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.45229", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.45231", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.45282", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.45276", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00314", "scoring_system": "epss", "scoring_elements": "0.54576", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-33600" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277204", "reference_id": "2277204", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277204" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/07/22/5", "reference_id": "5", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-07T19:13:16Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/07/22/5" }, { "reference_url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0006", "reference_id": "GLIBC-SA-2024-0006", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-07T19:13:16Z/" } ], "url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0006" }, { "reference_url": "https://security.gentoo.org/glsa/202405-17", "reference_id": "GLSA-202405-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-17" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html", "reference_id": "msg00026.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-07T19:13:16Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240524-0013/", "reference_id": "ntap-20240524-0013", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-07T19:13:16Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240524-0013/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2799", "reference_id": "RHSA-2024:2799", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2799" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3309", "reference_id": "RHSA-2024:3309", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3309" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3312", "reference_id": "RHSA-2024:3312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3339", "reference_id": "RHSA-2024:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3344", "reference_id": "RHSA-2024:3344", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3344" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3411", "reference_id": "RHSA-2024:3411", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3411" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3423", "reference_id": "RHSA-2024:3423", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3423" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3464", "reference_id": "RHSA-2024:3464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3588", "reference_id": "RHSA-2024:3588", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3588" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4126", "reference_id": "RHSA-2024:4126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4126" }, { "reference_url": "https://usn.ubuntu.com/6804-1/", "reference_id": "USN-6804-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6804-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995125?format=api", "purl": "pkg:deb/debian/glibc@2.31-13%2Bdeb11u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3e43-r92j-hkd3" }, { "vulnerability": "VCID-9nqp-tfvr-ayen" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-jswq-6ru6-wybc" }, { "vulnerability": "VCID-kukb-s61t-pbc3" }, { "vulnerability": "VCID-nwfb-xnks-1kg7" }, { "vulnerability": "VCID-ssnc-wdcf-sfc9" }, { "vulnerability": "VCID-tcpv-4crc-zuap" }, { "vulnerability": "VCID-us68-psx5-zude" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zn6t-3mvb-wufm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u11" } ], "aliases": [ "CVE-2024-33600" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bcuy-bbxf-x7hy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43042?format=api", "vulnerability_id": "VCID-bsue-bznw-1ffe", "summary": "Multiple vulnerabilities have been discovered in glibc, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33601.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33601.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-33601", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28523", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28566", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28367", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28433", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28476", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28479", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28436", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28387", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28401", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28379", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34852", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-33601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277205", "reference_id": "2277205", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277205" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/07/22/5", "reference_id": "5", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-09T17:26:01Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/07/22/5" }, { "reference_url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0007", "reference_id": "GLIBC-SA-2024-0007", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-09T17:26:01Z/" } ], "url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0007" }, { "reference_url": "https://security.gentoo.org/glsa/202405-17", "reference_id": "GLSA-202405-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-17" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html", "reference_id": "msg00026.html", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-09T17:26:01Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240524-0014/", "reference_id": "ntap-20240524-0014", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-09T17:26:01Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240524-0014/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2799", "reference_id": "RHSA-2024:2799", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2799" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3309", "reference_id": "RHSA-2024:3309", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3309" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3312", "reference_id": "RHSA-2024:3312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3339", "reference_id": "RHSA-2024:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3344", "reference_id": "RHSA-2024:3344", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3344" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3411", "reference_id": "RHSA-2024:3411", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3411" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3423", "reference_id": "RHSA-2024:3423", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3423" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3464", "reference_id": "RHSA-2024:3464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3588", "reference_id": "RHSA-2024:3588", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3588" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4126", "reference_id": "RHSA-2024:4126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4126" }, { "reference_url": "https://usn.ubuntu.com/6804-1/", "reference_id": "USN-6804-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6804-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995125?format=api", "purl": "pkg:deb/debian/glibc@2.31-13%2Bdeb11u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3e43-r92j-hkd3" }, { "vulnerability": "VCID-9nqp-tfvr-ayen" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-jswq-6ru6-wybc" }, { "vulnerability": "VCID-kukb-s61t-pbc3" }, { "vulnerability": "VCID-nwfb-xnks-1kg7" }, { "vulnerability": "VCID-ssnc-wdcf-sfc9" }, { "vulnerability": "VCID-tcpv-4crc-zuap" }, { "vulnerability": "VCID-us68-psx5-zude" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zn6t-3mvb-wufm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u11" } ], "aliases": [ "CVE-2024-33601" ], "risk_score": 3.3, "exploitability": "0.5", "weighted_severity": "6.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bsue-bznw-1ffe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61414?format=api", "vulnerability_id": "VCID-c4w6-89qu-xkev", "summary": "Multiple vulnerabilities have been found in glibc, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7309.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7309.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7309", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37601", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37738", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37783", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37809", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37687", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.3775", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37765", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00217", "scoring_system": "epss", "scoring_elements": "0.44304", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00217", "scoring_system": "epss", "scoring_elements": "0.4428", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00217", "scoring_system": "epss", "scoring_elements": "0.44303", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00217", "scoring_system": "epss", "scoring_elements": "0.4436", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00217", "scoring_system": "epss", "scoring_elements": "0.44351", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7309" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=24155", "reference_id": "", "reference_type": "", "scores": [], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=24155" }, { "reference_url": "https://sourceware.org/ml/libc-alpha/2019-02/msg00041.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://sourceware.org/ml/libc-alpha/2019-02/msg00041.html" }, { "reference_url": "http://www.securityfocus.com/bid/106835", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106835" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672232", "reference_id": "1672232", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672232" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:x86:*", "reference_id": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:x86:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:x86:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7309", "reference_id": "CVE-2019-7309", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7309" }, { "reference_url": "https://security.gentoo.org/glsa/202006-04", "reference_id": "GLSA-202006-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202006-04" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049095?format=api", "purl": "pkg:deb/debian/glibc@2.28-7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-13gq-1x22-skhy" }, { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6kb1-yuq8-tfbs" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-75dc-1fd5-u3e2" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-b6tp-a1qc-pfdw" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-hj77-4nfx-fuaa" }, { "vulnerability": "VCID-mqch-gxfq-zyhh" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-pyms-pya1-buck" }, { "vulnerability": "VCID-sbzq-gp2e-v7fy" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-v96m-se3g-8ydp" }, { "vulnerability": "VCID-vqyv-kf5w-vkch" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.28-7" } ], "aliases": [ "CVE-2019-7309" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c4w6-89qu-xkev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31487?format=api", "vulnerability_id": "VCID-cv87-rxmr-cqhn", "summary": "Multiple vulnerabilities have been found in glibc, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15671.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15671.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15671", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.45897", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.45852", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.45908", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.45905", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.45928", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.45898", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.45957", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.45952", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60737", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.6081", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60839", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15671" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15671", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15671" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22325", "reference_id": "", "reference_type": "", "scores": [], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22325" }, { "reference_url": "http://www.securityfocus.com/bid/101517", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/101517" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1504806", "reference_id": "1504806", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1504806" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879500", "reference_id": "879500", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879500" }, { "reference_url": "https://security.archlinux.org/ASA-201801-8", "reference_id": "ASA-201801-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-8" }, { "reference_url": "https://security.archlinux.org/ASA-201801-9", "reference_id": "ASA-201801-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-9" }, { "reference_url": "https://security.archlinux.org/AVG-460", "reference_id": "AVG-460", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-460" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15671", "reference_id": "CVE-2017-15671", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15671" }, { "reference_url": "https://security.gentoo.org/glsa/201804-02", "reference_id": "GLSA-201804-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201804-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049095?format=api", "purl": "pkg:deb/debian/glibc@2.28-7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-13gq-1x22-skhy" }, { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6kb1-yuq8-tfbs" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-75dc-1fd5-u3e2" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-b6tp-a1qc-pfdw" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-hj77-4nfx-fuaa" }, { "vulnerability": "VCID-mqch-gxfq-zyhh" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-pyms-pya1-buck" }, { "vulnerability": "VCID-sbzq-gp2e-v7fy" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-v96m-se3g-8ydp" }, { "vulnerability": "VCID-vqyv-kf5w-vkch" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.28-7" } ], "aliases": [ "CVE-2017-15671" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cv87-rxmr-cqhn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43044?format=api", "vulnerability_id": "VCID-d5xx-af6p-2fhn", "summary": "Multiple vulnerabilities have been discovered in glibc, the worst of which could lead to execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4802.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4802.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4802", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13253", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.1313", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13218", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13181", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13129", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13031", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13033", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13319", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13117", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13198", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13249", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4802" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367468", "reference_id": "2367468", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367468" }, { "reference_url": "https://security.gentoo.org/glsa/202509-04", "reference_id": "GLSA-202509-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-04" }, { "reference_url": "https://sourceware.org/cgit/glibc/commit/?id=1e18586c5820e329f741d5c710275e165581380e", "reference_id": "?id=1e18586c5820e329f741d5c710275e165581380e", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-20T13:47:23Z/" } ], "url": "https://sourceware.org/cgit/glibc/commit/?id=1e18586c5820e329f741d5c710275e165581380e" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10219", "reference_id": "RHSA-2025:10219", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10219" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10220", "reference_id": "RHSA-2025:10220", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10220" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10294", "reference_id": "RHSA-2025:10294", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10294" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11487", "reference_id": "RHSA-2025:11487", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11487" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8655", "reference_id": "RHSA-2025:8655", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8686", "reference_id": "RHSA-2025:8686", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8686" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9028", "reference_id": "RHSA-2025:9028", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9028" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9336", "reference_id": "RHSA-2025:9336", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9336" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9725", "reference_id": "RHSA-2025:9725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9750", "reference_id": "RHSA-2025:9750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9750" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=32976", "reference_id": "show_bug.cgi?id=32976", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-20T13:47:23Z/" } ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=32976" }, { "reference_url": "https://usn.ubuntu.com/7541-1/", "reference_id": "USN-7541-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7541-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995126?format=api", "purl": "pkg:deb/debian/glibc@2.36-8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-8" } ], "aliases": [ "CVE-2025-4802" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d5xx-af6p-2fhn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43779?format=api", "vulnerability_id": "VCID-dqgn-fdxt-u3cc", "summary": "Multiple vulnerabilities in glibc could result in Denial of\n Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3326.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3326.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3326", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38447", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38471", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38545", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38607", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38548", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38501", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38527", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38565", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38631", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38494", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38554", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3326" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921916", "reference_id": "1921916", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921916" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2021/01/28/2", "reference_id": "2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:17:18Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2021/01/28/2" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=981198", "reference_id": "981198", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=981198" }, { "reference_url": "https://security.archlinux.org/ASA-202102-16", "reference_id": "ASA-202102-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202102-16" }, { "reference_url": "https://security.archlinux.org/ASA-202102-17", "reference_id": "ASA-202102-17", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202102-17" }, { "reference_url": "https://security.archlinux.org/AVG-1320", "reference_id": "AVG-1320", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1320" }, { "reference_url": "https://security.gentoo.org/glsa/202107-07", "reference_id": "GLSA-202107-07", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:17:18Z/" } ], "url": "https://security.gentoo.org/glsa/202107-07" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210304-0007/", "reference_id": "ntap-20210304-0007", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:17:18Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210304-0007/" }, { "reference_url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=7d88c6142c6efc160c0ee5e4f85cde382c072888", "reference_id": "?p=glibc.git%3Ba=commit%3Bh=7d88c6142c6efc160c0ee5e4f85cde382c072888", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:17:18Z/" } ], "url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=7d88c6142c6efc160c0ee5e4f85cde382c072888" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1585", "reference_id": "RHSA-2021:1585", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1585" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=27256", "reference_id": "show_bug.cgi?id=27256", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:17:18Z/" } ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=27256" }, { "reference_url": "https://usn.ubuntu.com/5310-1/", "reference_id": "USN-5310-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5310-1/" }, { "reference_url": "https://usn.ubuntu.com/5699-1/", "reference_id": "USN-5699-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5699-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050169?format=api", "purl": "pkg:deb/debian/glibc@2.31-11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-11" } ], "aliases": [ "CVE-2021-3326" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dqgn-fdxt-u3cc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83686?format=api", "vulnerability_id": "VCID-e27x-ufvw-cyec", "summary": "glibc: Integer overflow in stdlib/canonicalize.c on 32-bit architectures leading to stack-based buffer overflow", "references": [ { "reference_url": "https://access.redhat.com/errata/RHBA-2019:0327", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHBA-2019:0327" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11236.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11236.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-11236", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00965", "scoring_system": "epss", "scoring_elements": "0.76503", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00965", "scoring_system": "epss", "scoring_elements": "0.76595", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00965", "scoring_system": "epss", "scoring_elements": "0.76561", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00965", "scoring_system": "epss", "scoring_elements": "0.76603", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00965", "scoring_system": "epss", "scoring_elements": "0.76607", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00965", "scoring_system": "epss", "scoring_elements": "0.76508", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00965", "scoring_system": "epss", "scoring_elements": "0.76537", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00965", "scoring_system": "epss", "scoring_elements": "0.7652", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00965", "scoring_system": "epss", "scoring_elements": "0.76552", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00965", "scoring_system": "epss", "scoring_elements": "0.76563", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00965", "scoring_system": "epss", "scoring_elements": "0.76589", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00965", "scoring_system": "epss", "scoring_elements": "0.76568", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-11236" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11236", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11236" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190329-0001/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190329-0001/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190401-0001/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190401-0001/" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22786", "reference_id": "", "reference_type": "", "scores": [], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22786" }, { "reference_url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=5460617d1567657621107d895ee2dd83bc1f88f2", "reference_id": "", "reference_type": "", "scores": [], "url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=5460617d1567657621107d895ee2dd83bc1f88f2" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html" }, { "reference_url": "http://www.securityfocus.com/bid/104255", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/104255" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1581269", "reference_id": "1581269", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1581269" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=899071", "reference_id": "899071", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=899071" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:element_software_management:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:netapp:element_software_management:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:element_software_management:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_border_controller:8.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_session_border_controller:8.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_border_controller:8.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_border_controller:8.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_session_border_controller:8.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_border_controller:8.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_border_controller:8.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_session_border_controller:8.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_border_controller:8.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_communications_broker:3.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:enterprise_communications_broker:3.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_communications_broker:3.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_communications_broker:3.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:enterprise_communications_broker:3.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_communications_broker:3.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11236", "reference_id": "CVE-2018-11236", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11236" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3092", "reference_id": "RHSA-2018:3092", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3092" }, { "reference_url": "https://usn.ubuntu.com/4416-1/", "reference_id": "USN-4416-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4416-1/" }, { "reference_url": "https://usn.ubuntu.com/6762-1/", "reference_id": "USN-6762-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6762-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049095?format=api", "purl": "pkg:deb/debian/glibc@2.28-7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-13gq-1x22-skhy" }, { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6kb1-yuq8-tfbs" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-75dc-1fd5-u3e2" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-b6tp-a1qc-pfdw" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-hj77-4nfx-fuaa" }, { "vulnerability": "VCID-mqch-gxfq-zyhh" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-pyms-pya1-buck" }, { "vulnerability": "VCID-sbzq-gp2e-v7fy" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-v96m-se3g-8ydp" }, { "vulnerability": "VCID-vqyv-kf5w-vkch" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.28-7" } ], "aliases": [ "CVE-2018-11236" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e27x-ufvw-cyec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82700?format=api", "vulnerability_id": "VCID-evbv-ckb4-yybq", "summary": "glibc: parse_reg_exp in posix/regcomp.c misparses alternatives leading to denial of service or trigger incorrect result", "references": [ { "reference_url": "http://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=5513b40999149090987a0341c018d05d3eea1272", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=5513b40999149090987a0341c018d05d3eea1272" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-5155.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-5155.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-5155", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01348", "scoring_system": "epss", "scoring_elements": "0.80034", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01348", "scoring_system": "epss", "scoring_elements": "0.80113", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01348", "scoring_system": "epss", "scoring_elements": "0.80083", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01348", "scoring_system": "epss", "scoring_elements": "0.80111", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01348", "scoring_system": "epss", "scoring_elements": "0.80112", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01348", "scoring_system": "epss", "scoring_elements": "0.80041", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01348", "scoring_system": "epss", "scoring_elements": "0.80062", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01348", "scoring_system": "epss", "scoring_elements": "0.80051", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01348", "scoring_system": "epss", "scoring_elements": "0.80079", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01348", "scoring_system": "epss", "scoring_elements": "0.80087", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01348", "scoring_system": "epss", "scoring_elements": "0.80107", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01348", "scoring_system": "epss", "scoring_elements": "0.80091", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-5155" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5155", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5155" }, { "reference_url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=22793", "reference_id": "", "reference_type": "", "scores": [], "url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=22793" }, { "reference_url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=32806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=32806" }, { "reference_url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34238", "reference_id": "", "reference_type": "", "scores": [], "url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34238" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190315-0002/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190315-0002/" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=11053", "reference_id": "", "reference_type": "", "scores": [], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=11053" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18986", "reference_id": "", "reference_type": "", "scores": [], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18986" }, { "reference_url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=eb04c21373e2a2885f3d52ff192b0499afe3c672", "reference_id": "", "reference_type": "", "scores": [], "url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=eb04c21373e2a2885f3d52ff192b0499afe3c672" }, { "reference_url": "https://support.f5.com/csp/article/K64119434", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.f5.com/csp/article/K64119434" }, { "reference_url": "https://support.f5.com/csp/article/K64119434?utm_source=f5support&%3Butm_medium=RSS", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.f5.com/csp/article/K64119434?utm_source=f5support&%3Butm_medium=RSS" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1683683", "reference_id": "1683683", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1683683" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924613", "reference_id": "924613", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924613" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_backup:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:netapp:cloud_backup:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_backup:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2009-5155", "reference_id": "CVE-2009-5155", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-5155" }, { "reference_url": "https://usn.ubuntu.com/4954-1/", "reference_id": "USN-4954-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4954-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049095?format=api", "purl": "pkg:deb/debian/glibc@2.28-7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-13gq-1x22-skhy" }, { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6kb1-yuq8-tfbs" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-75dc-1fd5-u3e2" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-b6tp-a1qc-pfdw" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-hj77-4nfx-fuaa" }, { "vulnerability": "VCID-mqch-gxfq-zyhh" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-pyms-pya1-buck" }, { "vulnerability": "VCID-sbzq-gp2e-v7fy" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-v96m-se3g-8ydp" }, { "vulnerability": "VCID-vqyv-kf5w-vkch" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.28-7" } ], "aliases": [ "CVE-2009-5155" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-evbv-ckb4-yybq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83797?format=api", "vulnerability_id": "VCID-f9ts-xn57-6qa8", "summary": "glibc: Memory leak reachable via LD_HWCAP_MASK", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000408.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000408.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000408", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00761", "scoring_system": "epss", "scoring_elements": "0.73295", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00764", "scoring_system": "epss", "scoring_elements": "0.73386", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00764", "scoring_system": "epss", "scoring_elements": "0.73409", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00764", "scoring_system": "epss", "scoring_elements": "0.73381", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00764", "scoring_system": "epss", "scoring_elements": "0.73418", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00764", "scoring_system": "epss", "scoring_elements": "0.73432", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00764", "scoring_system": "epss", "scoring_elements": "0.73455", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00764", "scoring_system": "epss", "scoring_elements": "0.73435", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00764", "scoring_system": "epss", "scoring_elements": "0.73427", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00764", "scoring_system": "epss", "scoring_elements": "0.7347", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00764", "scoring_system": "epss", "scoring_elements": "0.73478", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00764", "scoring_system": "epss", "scoring_elements": "0.73472", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000408" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1522828", "reference_id": "1522828", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1522828" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884132", "reference_id": "884132", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884132" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/43331.txt", "reference_id": "CVE-2017-1000409;CVE-2017-1000408", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/43331.txt" }, { "reference_url": "https://usn.ubuntu.com/3534-1/", "reference_id": "USN-3534-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3534-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049095?format=api", "purl": "pkg:deb/debian/glibc@2.28-7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-13gq-1x22-skhy" }, { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6kb1-yuq8-tfbs" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-75dc-1fd5-u3e2" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-b6tp-a1qc-pfdw" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-hj77-4nfx-fuaa" }, { "vulnerability": "VCID-mqch-gxfq-zyhh" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-pyms-pya1-buck" }, { "vulnerability": "VCID-sbzq-gp2e-v7fy" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-v96m-se3g-8ydp" }, { "vulnerability": "VCID-vqyv-kf5w-vkch" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.28-7" } ], "aliases": [ "CVE-2017-1000408" ], "risk_score": 6.0, "exploitability": "2.0", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f9ts-xn57-6qa8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62166?format=api", "vulnerability_id": "VCID-ge24-a7a4-d3bn", "summary": "Multiple vulnerabilities have been discovered in the GNU C Library, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35942.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35942.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35942", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78075", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78154", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78083", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78128", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78123", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78113", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78096", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01598", "scoring_system": "epss", "scoring_elements": "0.81723", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01598", "scoring_system": "epss", "scoring_elements": "0.81688", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01598", "scoring_system": "epss", "scoring_elements": "0.81682", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01598", "scoring_system": "epss", "scoring_elements": "0.8172", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35942" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1977975", "reference_id": "1977975", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1977975" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990542", "reference_id": "990542", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990542" }, { "reference_url": "https://security.archlinux.org/AVG-1621", "reference_id": "AVG-1621", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1621" }, { "reference_url": "https://security.gentoo.org/glsa/202208-24", "reference_id": "GLSA-202208-24", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T20:00:35Z/" } ], "url": "https://security.gentoo.org/glsa/202208-24" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210827-0005/", "reference_id": "ntap-20210827-0005", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T20:00:35Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210827-0005/" }, { "reference_url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=5adda61f62b77384718b4c0d8336ade8f2b4b35c", "reference_id": "?p=glibc.git%3Ba=commit%3Bh=5adda61f62b77384718b4c0d8336ade8f2b4b35c", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T20:00:35Z/" } ], "url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=5adda61f62b77384718b4c0d8336ade8f2b4b35c" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4358", "reference_id": "RHSA-2021:4358", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4358" }, { "reference_url": "https://sourceware.org/glibc/wiki/Security%20Exceptions", "reference_id": "Security%20Exceptions", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T20:00:35Z/" } ], "url": "https://sourceware.org/glibc/wiki/Security%20Exceptions" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28011", "reference_id": "show_bug.cgi?id=28011", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T20:00:35Z/" } ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28011" }, { "reference_url": "https://usn.ubuntu.com/5310-1/", "reference_id": "USN-5310-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5310-1/" }, { "reference_url": "https://usn.ubuntu.com/5699-1/", "reference_id": "USN-5699-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5699-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050170?format=api", "purl": "pkg:deb/debian/glibc@2.31-13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13" } ], "aliases": [ "CVE-2021-35942" ], "risk_score": 4.1, "exploitability": "0.5", "weighted_severity": "8.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ge24-a7a4-d3bn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34316?format=api", "vulnerability_id": "VCID-gv4u-g36a-w3cf", "summary": "Multiple vulnerabilities in glibc could result in Local Privilege Escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4911.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4911.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4911", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.59128", "scoring_system": "epss", "scoring_elements": "0.9822", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.59128", "scoring_system": "epss", "scoring_elements": "0.98223", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.67392", "scoring_system": "epss", "scoring_elements": "0.98574", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.72535", "scoring_system": "epss", "scoring_elements": "0.98763", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.72771", "scoring_system": "epss", "scoring_elements": "0.98771", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.74256", "scoring_system": "epss", "scoring_elements": "0.98844", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.74256", "scoring_system": "epss", "scoring_elements": "0.9884", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.74256", "scoring_system": "epss", "scoring_elements": "0.98837", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.74256", "scoring_system": "epss", "scoring_elements": "0.98839", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.74256", "scoring_system": "epss", "scoring_elements": "0.98845", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4911" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238352", "reference_id": "2238352", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-15T19:45:35Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238352" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::crb", "reference_id": "cpe:/a:redhat:rhel_eus:8.6::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::crb", "reference_id": "cpe:/a:redhat:rhel_eus:9.0::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:9::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.0::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:9.0::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.0::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhev_hypervisor:4.4::el8", "reference_id": "cpe:/o:redhat:rhev_hypervisor:4.4::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhev_hypervisor:4.4::el8" }, { "reference_url": "https://www.qualys.com/cve-2023-4911/", "reference_id": "cve-2023-4911", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-15T19:45:35Z/" } ], "url": "https://www.qualys.com/cve-2023-4911/" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-4911", "reference_id": "CVE-2023-4911", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-15T19:45:35Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2023-4911" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/52479.txt", "reference_id": "CVE-2023-4911", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/52479.txt" }, { "reference_url": "https://security.gentoo.org/glsa/202310-03", "reference_id": "GLSA-202310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202310-03" }, { "reference_url": "https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt", "reference_id": "looney-tunables-local-privilege-escalation-glibc-ld-so.txt", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-15T19:45:35Z/" } ], "url": "https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5453", "reference_id": "RHSA-2023:5453", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-15T19:45:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:5453" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5454", "reference_id": "RHSA-2023:5454", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-15T19:45:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:5454" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5455", "reference_id": "RHSA-2023:5455", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-15T19:45:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:5455" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5476", "reference_id": "RHSA-2023:5476", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-15T19:45:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:5476" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0033", "reference_id": "RHSA-2024:0033", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-15T19:45:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0033" }, { "reference_url": "https://usn.ubuntu.com/6409-1/", "reference_id": "USN-6409-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6409-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995125?format=api", "purl": "pkg:deb/debian/glibc@2.31-13%2Bdeb11u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3e43-r92j-hkd3" }, { "vulnerability": "VCID-9nqp-tfvr-ayen" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-jswq-6ru6-wybc" }, { "vulnerability": "VCID-kukb-s61t-pbc3" }, { "vulnerability": "VCID-nwfb-xnks-1kg7" }, { "vulnerability": "VCID-ssnc-wdcf-sfc9" }, { "vulnerability": "VCID-tcpv-4crc-zuap" }, { "vulnerability": "VCID-us68-psx5-zude" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zn6t-3mvb-wufm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u11" } ], "aliases": [ "CVE-2023-4911" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gv4u-g36a-w3cf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31488?format=api", "vulnerability_id": "VCID-hdz6-ewkg-xqc9", "summary": "Multiple vulnerabilities have been found in glibc, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15804.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15804.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15804", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43014", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43061", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43126", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43077", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43137", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43127", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43072", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.431", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43039", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43092", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43104", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15804" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15804", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15804" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22332", "reference_id": "", "reference_type": "", "scores": [], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22332" }, { "reference_url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=a159b53fa059947cc2548e3b0d5bdcf7b9630ba8", "reference_id": "", "reference_type": "", "scores": [], "url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=a159b53fa059947cc2548e3b0d5bdcf7b9630ba8" }, { "reference_url": "http://www.securityfocus.com/bid/101535", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/101535" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1505298", "reference_id": "1505298", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1505298" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879955", "reference_id": "879955", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879955" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15804", "reference_id": "CVE-2017-15804", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15804" }, { "reference_url": "https://security.gentoo.org/glsa/201804-02", "reference_id": "GLSA-201804-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201804-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0805", "reference_id": "RHSA-2018:0805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:0805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1879", "reference_id": "RHSA-2018:1879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1879" }, { "reference_url": "https://usn.ubuntu.com/3534-1/", "reference_id": "USN-3534-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3534-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049095?format=api", "purl": "pkg:deb/debian/glibc@2.28-7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-13gq-1x22-skhy" }, { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6kb1-yuq8-tfbs" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-75dc-1fd5-u3e2" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-b6tp-a1qc-pfdw" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-hj77-4nfx-fuaa" }, { "vulnerability": "VCID-mqch-gxfq-zyhh" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-pyms-pya1-buck" }, { "vulnerability": "VCID-sbzq-gp2e-v7fy" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-v96m-se3g-8ydp" }, { "vulnerability": "VCID-vqyv-kf5w-vkch" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.28-7" } ], "aliases": [ "CVE-2017-15804" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hdz6-ewkg-xqc9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59735?format=api", "vulnerability_id": "VCID-hj77-4nfx-fuaa", "summary": "Multiple vulnerabilities have been found in glibc, the worst of\n which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-29562.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-29562.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-29562", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16125", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16186", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16308", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.1637", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16169", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16255", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16319", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16301", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16261", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16193", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16131", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16149", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-29562" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29562", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29562" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905217", "reference_id": "1905217", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905217" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=976391", "reference_id": "976391", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=976391" }, { "reference_url": "https://security.archlinux.org/ASA-202102-16", "reference_id": "ASA-202102-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202102-16" }, { "reference_url": "https://security.archlinux.org/ASA-202102-17", "reference_id": "ASA-202102-17", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202102-17" }, { "reference_url": "https://security.archlinux.org/AVG-1320", "reference_id": "AVG-1320", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1320" }, { "reference_url": "https://security.gentoo.org/glsa/202101-20", "reference_id": "GLSA-202101-20", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:13:36Z/" } ], "url": "https://security.gentoo.org/glsa/202101-20" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210122-0004/", "reference_id": "ntap-20210122-0004", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:13:36Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210122-0004/" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=26923", "reference_id": "show_bug.cgi?id=26923", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:13:36Z/" } ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=26923" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/", "reference_id": "TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:13:36Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/" }, { "reference_url": "https://usn.ubuntu.com/5310-1/", "reference_id": "USN-5310-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5310-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049939?format=api", "purl": "pkg:deb/debian/glibc@2.31-9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-9" } ], "aliases": [ "CVE-2020-29562" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hj77-4nfx-fuaa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84601?format=api", "vulnerability_id": "VCID-jadt-55f6-uuh6", "summary": "glibc: Use-after-free read access in clntudp_call in sunrpc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12133.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12133.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12133", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00474", "scoring_system": "epss", "scoring_elements": "0.64663", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00474", "scoring_system": "epss", "scoring_elements": "0.64777", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00474", "scoring_system": "epss", "scoring_elements": "0.64742", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00474", "scoring_system": "epss", "scoring_elements": "0.64779", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00474", "scoring_system": "epss", "scoring_elements": "0.6479", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00474", "scoring_system": "epss", "scoring_elements": "0.64715", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00474", "scoring_system": "epss", "scoring_elements": "0.64744", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00474", "scoring_system": "epss", "scoring_elements": "0.64702", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00474", "scoring_system": "epss", "scoring_elements": "0.64749", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00474", "scoring_system": "epss", "scoring_elements": "0.64764", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00474", "scoring_system": "epss", "scoring_elements": "0.64781", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00474", "scoring_system": "epss", "scoring_elements": "0.64769", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12133" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12133", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12133" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478288", "reference_id": "1478288", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478288" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870648", "reference_id": "870648", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870648" }, { "reference_url": "https://security.archlinux.org/AVG-368", "reference_id": "AVG-368", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-368" }, { "reference_url": "https://security.archlinux.org/AVG-369", "reference_id": "AVG-369", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-369" }, { "reference_url": "https://usn.ubuntu.com/4416-1/", "reference_id": "USN-4416-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4416-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049095?format=api", "purl": "pkg:deb/debian/glibc@2.28-7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-13gq-1x22-skhy" }, { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6kb1-yuq8-tfbs" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-75dc-1fd5-u3e2" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-b6tp-a1qc-pfdw" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-hj77-4nfx-fuaa" }, { "vulnerability": "VCID-mqch-gxfq-zyhh" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-pyms-pya1-buck" }, { "vulnerability": "VCID-sbzq-gp2e-v7fy" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-v96m-se3g-8ydp" }, { "vulnerability": "VCID-vqyv-kf5w-vkch" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.28-7" } ], "aliases": [ "CVE-2017-12133" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jadt-55f6-uuh6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85196?format=api", "vulnerability_id": "VCID-jnz7-w98a-kqgs", "summary": "glibc: getaddrinfo should reject IP addresses with trailing characters", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00082.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00082.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10739.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10739.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-10739", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06264", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06297", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06331", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06307", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06354", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06394", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06387", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12292", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12189", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12192", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12297", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.1233", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-10739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10739" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=20018", "reference_id": "", "reference_type": "", "scores": [], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=20018" }, { "reference_url": "http://www.securityfocus.com/bid/106672", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106672" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1347549", "reference_id": "1347549", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1347549" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920047", "reference_id": "920047", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920047" }, { "reference_url": "https://security.archlinux.org/AVG-1984", "reference_id": "AVG-1984", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1984" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10739", "reference_id": "CVE-2016-10739", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10739" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2118", "reference_id": "RHSA-2019:2118", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2118" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3513", "reference_id": "RHSA-2019:3513", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3513" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049095?format=api", "purl": "pkg:deb/debian/glibc@2.28-7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-13gq-1x22-skhy" }, { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6kb1-yuq8-tfbs" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-75dc-1fd5-u3e2" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-b6tp-a1qc-pfdw" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-hj77-4nfx-fuaa" }, { "vulnerability": "VCID-mqch-gxfq-zyhh" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-pyms-pya1-buck" }, { "vulnerability": "VCID-sbzq-gp2e-v7fy" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-v96m-se3g-8ydp" }, { "vulnerability": "VCID-vqyv-kf5w-vkch" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.28-7" } ], "aliases": [ "CVE-2016-10739" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jnz7-w98a-kqgs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83763?format=api", "vulnerability_id": "VCID-kxg9-kntn-xqan", "summary": "glibc: memory corruption in memcpy-sse2-unaligned.S", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18269.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18269.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-18269", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78068", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78152", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78124", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78158", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78157", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78077", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78107", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78089", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78115", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.7812", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78146", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78128", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-18269" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18269", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18269" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/fingolfin/memmove-bug", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/fingolfin/memmove-bug" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190329-0001/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190329-0001/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190401-0001/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190401-0001/" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22644", "reference_id": "", "reference_type": "", "scores": [], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22644" }, { "reference_url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=cd66c0e584c6d692bc8347b5e72723d02b8a8ada", "reference_id": "", "reference_type": "", "scores": [], "url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=cd66c0e584c6d692bc8347b5e72723d02b8a8ada" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580924", "reference_id": "1580924", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580924" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18269", "reference_id": "CVE-2017-18269", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18269" }, { "reference_url": "https://usn.ubuntu.com/4416-1/", "reference_id": "USN-4416-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4416-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049095?format=api", "purl": "pkg:deb/debian/glibc@2.28-7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-13gq-1x22-skhy" }, { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6kb1-yuq8-tfbs" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-75dc-1fd5-u3e2" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-b6tp-a1qc-pfdw" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-hj77-4nfx-fuaa" }, { "vulnerability": "VCID-mqch-gxfq-zyhh" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-pyms-pya1-buck" }, { "vulnerability": "VCID-sbzq-gp2e-v7fy" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-v96m-se3g-8ydp" }, { "vulnerability": "VCID-vqyv-kf5w-vkch" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.28-7" } ], "aliases": [ "CVE-2017-18269" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kxg9-kntn-xqan" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61416?format=api", "vulnerability_id": "VCID-mqch-gxfq-zyhh", "summary": "Multiple vulnerabilities have been found in glibc, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10029.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10029.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10029", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12802", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.129", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.1295", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12753", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12833", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12884", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.1267", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12677", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.1285", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12812", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12767", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15601", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10029" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10029", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10029" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1810670", "reference_id": "1810670", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1810670" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953108", "reference_id": "953108", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953108" }, { "reference_url": "https://security.gentoo.org/glsa/202006-04", "reference_id": "GLSA-202006-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202006-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4444", "reference_id": "RHSA-2020:4444", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4444" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0348", "reference_id": "RHSA-2021:0348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0949", "reference_id": "RHSA-2021:0949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0949" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2998", "reference_id": "RHSA-2021:2998", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2998" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3315", "reference_id": "RHSA-2021:3315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3315" }, { "reference_url": "https://usn.ubuntu.com/4416-1/", "reference_id": "USN-4416-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4416-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049939?format=api", "purl": "pkg:deb/debian/glibc@2.31-9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-9" } ], "aliases": [ "CVE-2020-10029" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mqch-gxfq-zyhh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79939?format=api", "vulnerability_id": "VCID-nk5x-uhcf-7kan", "summary": "glibc: conversion from ISO-2022-JP-3 with iconv may emit spurious NUL character on state reset", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43396.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43396.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43396", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00597", "scoring_system": "epss", "scoring_elements": "0.69399", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00597", "scoring_system": "epss", "scoring_elements": "0.69418", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00597", "scoring_system": "epss", "scoring_elements": "0.69299", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00597", "scoring_system": "epss", "scoring_elements": "0.69311", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00597", "scoring_system": "epss", "scoring_elements": "0.69329", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00597", "scoring_system": "epss", "scoring_elements": "0.69309", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00597", "scoring_system": "epss", "scoring_elements": "0.69359", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00597", "scoring_system": "epss", "scoring_elements": "0.69376", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00597", "scoring_system": "epss", "scoring_elements": "0.69398", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00597", "scoring_system": "epss", "scoring_elements": "0.69383", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00597", "scoring_system": "epss", "scoring_elements": "0.69369", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00597", "scoring_system": "epss", "scoring_elements": "0.69407", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43396" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2020652", "reference_id": "2020652", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2020652" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=998622", "reference_id": "998622", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=998622" }, { "reference_url": "https://security.archlinux.org/AVG-1621", "reference_id": "AVG-1621", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1621" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050172?format=api", "purl": "pkg:deb/debian/glibc@2.31-13%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u3" } ], "aliases": [ "CVE-2021-43396" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nk5x-uhcf-7kan" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61417?format=api", "vulnerability_id": "VCID-pyms-pya1-buck", "summary": "Multiple vulnerabilities have been found in glibc, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1751.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1751.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1751", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33535", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33687", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33719", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33558", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33601", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33634", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33599", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33575", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.3363", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33589", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33566", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00244", "scoring_system": "epss", "scoring_elements": "0.47732", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1751" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1810719", "reference_id": "1810719", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1810719" }, { "reference_url": "https://security.gentoo.org/glsa/202006-04", "reference_id": "GLSA-202006-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202006-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4444", "reference_id": "RHSA-2020:4444", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4444" }, { "reference_url": "https://usn.ubuntu.com/4416-1/", "reference_id": "USN-4416-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4416-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049939?format=api", "purl": "pkg:deb/debian/glibc@2.31-9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-9" } ], "aliases": [ "CVE-2020-1751" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pyms-pya1-buck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84471?format=api", "vulnerability_id": "VCID-q5az-xe7k-m7av", "summary": "glibc: Fragmentation attacks possible when EDNS0 is enabled", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12132.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12132.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12132", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.52657", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.52786", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.52795", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.52803", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.52702", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.52729", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.52694", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.52745", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.5274", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.5279", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.52774", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.52758", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12132" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12132", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12132" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477529", "reference_id": "1477529", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477529" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870650", "reference_id": "870650", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870650" }, { "reference_url": "https://security.archlinux.org/AVG-368", "reference_id": "AVG-368", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-368" }, { "reference_url": "https://security.archlinux.org/AVG-369", "reference_id": "AVG-369", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-369" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0805", "reference_id": "RHSA-2018:0805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:0805" }, { "reference_url": "https://usn.ubuntu.com/5768-1/", "reference_id": "USN-5768-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5768-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049095?format=api", "purl": "pkg:deb/debian/glibc@2.28-7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-13gq-1x22-skhy" }, { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6kb1-yuq8-tfbs" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-75dc-1fd5-u3e2" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-b6tp-a1qc-pfdw" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-hj77-4nfx-fuaa" }, { "vulnerability": "VCID-mqch-gxfq-zyhh" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-pyms-pya1-buck" }, { "vulnerability": "VCID-sbzq-gp2e-v7fy" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-v96m-se3g-8ydp" }, { "vulnerability": "VCID-vqyv-kf5w-vkch" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.28-7" } ], "aliases": [ "CVE-2017-12132" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q5az-xe7k-m7av" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31491?format=api", "vulnerability_id": "VCID-qaaq-fss4-1kgr", "summary": "Multiple vulnerabilities have been found in glibc, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6485.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6485.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-6485", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01095", "scoring_system": "epss", "scoring_elements": "0.77936", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01095", "scoring_system": "epss", "scoring_elements": "0.77943", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01095", "scoring_system": "epss", "scoring_elements": "0.77971", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01095", "scoring_system": "epss", "scoring_elements": "0.77952", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01095", "scoring_system": "epss", "scoring_elements": "0.77979", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01095", "scoring_system": "epss", "scoring_elements": "0.77983", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01095", "scoring_system": "epss", "scoring_elements": "0.7801", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01095", "scoring_system": "epss", "scoring_elements": "0.77993", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01095", "scoring_system": "epss", "scoring_elements": "0.77992", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01095", "scoring_system": "epss", "scoring_elements": "0.78027", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01095", "scoring_system": "epss", "scoring_elements": "0.78026", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01095", "scoring_system": "epss", "scoring_elements": "0.78019", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-6485" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6485", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6485" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1542102", "reference_id": "1542102", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1542102" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878159", "reference_id": "878159", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878159" }, { "reference_url": "https://security.gentoo.org/glsa/201804-02", "reference_id": "GLSA-201804-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201804-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3092", "reference_id": "RHSA-2018:3092", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3092" }, { "reference_url": "https://usn.ubuntu.com/4218-1/", "reference_id": "USN-4218-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4218-1/" }, { "reference_url": "https://usn.ubuntu.com/4416-1/", "reference_id": "USN-4416-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4416-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049095?format=api", "purl": "pkg:deb/debian/glibc@2.28-7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-13gq-1x22-skhy" }, { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6kb1-yuq8-tfbs" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-75dc-1fd5-u3e2" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-b6tp-a1qc-pfdw" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-hj77-4nfx-fuaa" }, { "vulnerability": "VCID-mqch-gxfq-zyhh" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-pyms-pya1-buck" }, { "vulnerability": "VCID-sbzq-gp2e-v7fy" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-v96m-se3g-8ydp" }, { "vulnerability": "VCID-vqyv-kf5w-vkch" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.28-7" } ], "aliases": [ "CVE-2018-6485" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qaaq-fss4-1kgr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31492?format=api", "vulnerability_id": "VCID-qwx5-bayb-bkcg", "summary": "Multiple vulnerabilities have been found in glibc, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6551.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6551.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-6551", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.61605", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.61679", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.6171", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.61681", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.6173", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.61745", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.61767", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.61754", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.61735", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.61776", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.61782", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.61764", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-6551" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6551", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6551" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1542119", "reference_id": "1542119", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1542119" }, { "reference_url": "https://security.gentoo.org/glsa/201804-02", "reference_id": "GLSA-201804-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201804-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049095?format=api", "purl": "pkg:deb/debian/glibc@2.28-7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-13gq-1x22-skhy" }, { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6kb1-yuq8-tfbs" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-75dc-1fd5-u3e2" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-b6tp-a1qc-pfdw" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-hj77-4nfx-fuaa" }, { "vulnerability": "VCID-mqch-gxfq-zyhh" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-pyms-pya1-buck" }, { "vulnerability": "VCID-sbzq-gp2e-v7fy" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-v96m-se3g-8ydp" }, { "vulnerability": "VCID-vqyv-kf5w-vkch" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.28-7" } ], "aliases": [ "CVE-2018-6551" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qwx5-bayb-bkcg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/39606?format=api", "vulnerability_id": "VCID-rqh3-5xc2-uyab", "summary": "Multiple vulnerabilities have been found in the GNU C Library, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000366.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000366.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000366", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07617", "scoring_system": "epss", "scoring_elements": "0.91821", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.07617", "scoring_system": "epss", "scoring_elements": "0.91875", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.07617", "scoring_system": "epss", "scoring_elements": "0.91865", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.07617", "scoring_system": "epss", "scoring_elements": "0.91866", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.07617", "scoring_system": "epss", "scoring_elements": "0.91881", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.07617", "scoring_system": "epss", "scoring_elements": "0.91877", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.07617", "scoring_system": "epss", "scoring_elements": "0.91829", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.07617", "scoring_system": "epss", "scoring_elements": "0.91835", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.07617", "scoring_system": "epss", "scoring_elements": "0.91844", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.07617", "scoring_system": "epss", "scoring_elements": "0.91856", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.07617", "scoring_system": "epss", "scoring_elements": "0.91862", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000366" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000366" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:C/I:C/A:C" }, { "value": "8.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1452543", "reference_id": "1452543", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1452543" }, { "reference_url": "https://security.archlinux.org/ASA-201706-22", "reference_id": "ASA-201706-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-22" }, { "reference_url": "https://security.archlinux.org/ASA-201706-23", "reference_id": "ASA-201706-23", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-23" }, { "reference_url": "https://security.archlinux.org/AVG-307", "reference_id": "AVG-307", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-307" }, { "reference_url": "https://security.archlinux.org/AVG-308", "reference_id": "AVG-308", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-308" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux_x86/local/42274.c", "reference_id": "CVE-2017-1000370;CVE-2017-1000366", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux_x86/local/42274.c" }, { "reference_url": "https://www.qualys.com/2017/06/19/stack-clash/linux_ldso_hwcap.c", "reference_id": "CVE-2017-1000370;CVE-2017-1000366", "reference_type": "exploit", "scores": [], "url": "https://www.qualys.com/2017/06/19/stack-clash/linux_ldso_hwcap.c" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux_x86/local/42276.c", "reference_id": "CVE-2017-1000371;CVE-2017-1000366", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux_x86/local/42276.c" }, { "reference_url": "https://www.qualys.com/2017/06/19/stack-clash/linux_ldso_dynamic.c", "reference_id": "CVE-2017-1000371;CVE-2017-1000366", "reference_type": "exploit", "scores": [], "url": "https://www.qualys.com/2017/06/19/stack-clash/linux_ldso_dynamic.c" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux_x86-64/local/42275.c", "reference_id": "CVE-2017-1000379;CVE-2017-1000366", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux_x86-64/local/42275.c" }, { "reference_url": "https://www.qualys.com/2017/06/19/stack-clash/linux_ldso_hwcap_64.c", "reference_id": "CVE-2017-1000379;CVE-2017-1000366", "reference_type": "exploit", "scores": [], "url": "https://www.qualys.com/2017/06/19/stack-clash/linux_ldso_hwcap_64.c" }, { "reference_url": "https://security.gentoo.org/glsa/201706-19", "reference_id": "GLSA-201706-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201706-19" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1479", "reference_id": "RHSA-2017:1479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1480", "reference_id": "RHSA-2017:1480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1481", "reference_id": "RHSA-2017:1481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1567", "reference_id": "RHSA-2017:1567", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1567" }, { "reference_url": "https://usn.ubuntu.com/3323-1/", "reference_id": "USN-3323-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3323-1/" }, { "reference_url": "https://usn.ubuntu.com/3323-2/", "reference_id": "USN-3323-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3323-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049095?format=api", "purl": "pkg:deb/debian/glibc@2.28-7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-13gq-1x22-skhy" }, { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6kb1-yuq8-tfbs" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-75dc-1fd5-u3e2" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-b6tp-a1qc-pfdw" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-hj77-4nfx-fuaa" }, { "vulnerability": "VCID-mqch-gxfq-zyhh" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-pyms-pya1-buck" }, { "vulnerability": "VCID-sbzq-gp2e-v7fy" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-v96m-se3g-8ydp" }, { "vulnerability": "VCID-vqyv-kf5w-vkch" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.28-7" } ], "aliases": [ "CVE-2017-1000366" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rqh3-5xc2-uyab" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61413?format=api", "vulnerability_id": "VCID-rt4z-2rd4-qfde", "summary": "Multiple vulnerabilities have been found in glibc, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6488.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6488.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-6488", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.35327", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.35426", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.35489", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.35478", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.35526", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.35552", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.35434", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.3548", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.35505", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.35514", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.35471", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.35449", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-6488" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6488", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6488" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=24097", "reference_id": "", "reference_type": "", "scores": [], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=24097" }, { "reference_url": "http://www.securityfocus.com/bid/106671", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106671" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1667931", "reference_id": "1667931", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1667931" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-6488", "reference_id": "CVE-2019-6488", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-6488" }, { "reference_url": "https://security.gentoo.org/glsa/202006-04", "reference_id": "GLSA-202006-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202006-04" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049095?format=api", "purl": "pkg:deb/debian/glibc@2.28-7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-13gq-1x22-skhy" }, { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6kb1-yuq8-tfbs" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-75dc-1fd5-u3e2" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-b6tp-a1qc-pfdw" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-hj77-4nfx-fuaa" }, { "vulnerability": "VCID-mqch-gxfq-zyhh" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-pyms-pya1-buck" }, { "vulnerability": "VCID-sbzq-gp2e-v7fy" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-v96m-se3g-8ydp" }, { "vulnerability": "VCID-vqyv-kf5w-vkch" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.28-7" } ], "aliases": [ "CVE-2019-6488" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rt4z-2rd4-qfde" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43776?format=api", "vulnerability_id": "VCID-sbzq-gp2e-v7fy", "summary": "Multiple vulnerabilities in glibc could result in Denial of\n Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25013.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25013.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25013", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00805", "scoring_system": "epss", "scoring_elements": "0.74084", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00805", "scoring_system": "epss", "scoring_elements": "0.7417", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00805", "scoring_system": "epss", "scoring_elements": "0.74088", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00805", "scoring_system": "epss", "scoring_elements": "0.74116", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00805", "scoring_system": "epss", "scoring_elements": "0.7409", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00805", "scoring_system": "epss", "scoring_elements": "0.74179", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00805", "scoring_system": "epss", "scoring_elements": "0.74171", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00805", "scoring_system": "epss", "scoring_elements": "0.74133", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00805", "scoring_system": "epss", "scoring_elements": "0.74139", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00805", "scoring_system": "epss", "scoring_elements": "0.74157", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00805", "scoring_system": "epss", "scoring_elements": "0.74136", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00805", "scoring_system": "epss", "scoring_elements": "0.74121", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1912960", "reference_id": "1912960", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1912960" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/", "reference_id": "4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:16:13Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979273", "reference_id": "979273", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979273" }, { "reference_url": "https://security.archlinux.org/ASA-202102-16", "reference_id": "ASA-202102-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202102-16" }, { "reference_url": "https://security.archlinux.org/ASA-202102-17", "reference_id": "ASA-202102-17", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202102-17" }, { "reference_url": "https://security.archlinux.org/AVG-1320", "reference_id": "AVG-1320", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1320" }, { "reference_url": "https://security.gentoo.org/glsa/202107-07", "reference_id": "GLSA-202107-07", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:16:13Z/" } ], "url": "https://security.gentoo.org/glsa/202107-07" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210205-0004/", "reference_id": "ntap-20210205-0004", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:16:13Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210205-0004/" }, { "reference_url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=ee7a3144c9922808181009b7b3e50e852fb4999b", "reference_id": "?p=glibc.git%3Ba=commit%3Bh=ee7a3144c9922808181009b7b3e50e852fb4999b", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:16:13Z/" } ], "url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=ee7a3144c9922808181009b7b3e50e852fb4999b" }, { "reference_url": "https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f%40%3Cjira.kafka.apache.org%3E", "reference_id": "r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f%40%3Cjira.kafka.apache.org%3E", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:16:13Z/" } ], "url": "https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f%40%3Cjira.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7%40%3Cdev.kafka.apache.org%3E", "reference_id": "r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7%40%3Cdev.kafka.apache.org%3E", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:16:13Z/" } ], "url": "https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7%40%3Cdev.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2%40%3Cjira.kafka.apache.org%3E", "reference_id": "r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2%40%3Cjira.kafka.apache.org%3E", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:16:13Z/" } ], "url": "https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2%40%3Cjira.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9%40%3Cjira.kafka.apache.org%3E", "reference_id": "r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9%40%3Cjira.kafka.apache.org%3E", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:16:13Z/" } ], "url": "https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9%40%3Cjira.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff%40%3Cjira.kafka.apache.org%3E", "reference_id": "r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff%40%3Cjira.kafka.apache.org%3E", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:16:13Z/" } ], "url": "https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff%40%3Cjira.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece%40%3Cissues.zookeeper.apache.org%3E", "reference_id": "r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece%40%3Cissues.zookeeper.apache.org%3E", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:16:13Z/" } ], "url": "https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece%40%3Cissues.zookeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc%40%3Cdev.zookeeper.apache.org%3E", "reference_id": "r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc%40%3Cdev.zookeeper.apache.org%3E", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:16:13Z/" } ], "url": "https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc%40%3Cdev.zookeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c%40%3Cissues.zookeeper.apache.org%3E", "reference_id": "rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c%40%3Cissues.zookeeper.apache.org%3E", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:16:13Z/" } ], "url": "https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c%40%3Cissues.zookeeper.apache.org%3E" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0348", "reference_id": "RHSA-2021:0348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0949", "reference_id": "RHSA-2021:0949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0949" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1585", "reference_id": "RHSA-2021:1585", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1585" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=24973", "reference_id": "show_bug.cgi?id=24973", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:16:13Z/" } ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=24973" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/", "reference_id": "TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:16:13Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/" }, { "reference_url": "https://usn.ubuntu.com/5310-1/", "reference_id": "USN-5310-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5310-1/" }, { "reference_url": "https://usn.ubuntu.com/5768-1/", "reference_id": "USN-5768-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5768-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049939?format=api", "purl": "pkg:deb/debian/glibc@2.31-9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-9" } ], "aliases": [ "CVE-2019-25013" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sbzq-gp2e-v7fy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43039?format=api", "vulnerability_id": "VCID-sjav-8bub-eycz", "summary": "Multiple vulnerabilities have been discovered in glibc, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2961.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2961.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2961", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.91755", "scoring_system": "epss", "scoring_elements": "0.99689", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.92156", "scoring_system": "epss", "scoring_elements": "0.9971", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.92156", "scoring_system": "epss", "scoring_elements": "0.99712", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.92156", "scoring_system": "epss", "scoring_elements": "0.99711", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.92156", "scoring_system": "epss", "scoring_elements": "0.99707", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.92156", "scoring_system": "epss", "scoring_elements": "0.99709", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.92578", "scoring_system": "epss", "scoring_elements": "0.99739", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2961" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/05/27/1", "reference_id": "1", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-30T04:00:23Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/05/27/1" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069191", "reference_id": "1069191", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069191" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/04/24/2", "reference_id": "2", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-30T04:00:23Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/04/24/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/05/27/2", "reference_id": "2", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-30T04:00:23Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/05/27/2" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273404", "reference_id": "2273404", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273404" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/05/27/3", "reference_id": "3", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-30T04:00:23Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/05/27/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/04/18/4", "reference_id": "4", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-30T04:00:23Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/04/18/4" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/05/27/4", "reference_id": "4", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-30T04:00:23Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/05/27/4" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/05/27/5", "reference_id": "5", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-30T04:00:23Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/05/27/5" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/07/22/5", "reference_id": "5", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-30T04:00:23Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/07/22/5" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/05/27/6", "reference_id": "6", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-30T04:00:23Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/05/27/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/04/17/9", "reference_id": "9", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-30T04:00:23Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/04/17/9" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BTJFBGHDYG5PEIFD5WSSSKSFZ2AZWC5N/", "reference_id": "BTJFBGHDYG5PEIFD5WSSSKSFZ2AZWC5N", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-30T04:00:23Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BTJFBGHDYG5PEIFD5WSSSKSFZ2AZWC5N/" }, { "reference_url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0004", "reference_id": "GLIBC-SA-2024-0004", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-30T04:00:23Z/" } ], "url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0004" }, { "reference_url": "https://security.gentoo.org/glsa/202405-17", "reference_id": "GLSA-202405-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-17" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00001.html", "reference_id": "msg00001.html", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-30T04:00:23Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00001.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240531-0002/", "reference_id": "ntap-20240531-0002", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-30T04:00:23Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240531-0002/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P3I4KYS6EU6S7QZ47WFNTPVAHFIUQNEL/", "reference_id": "P3I4KYS6EU6S7QZ47WFNTPVAHFIUQNEL", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-30T04:00:23Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P3I4KYS6EU6S7QZ47WFNTPVAHFIUQNEL/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2722", "reference_id": "RHSA-2024:2722", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2722" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2799", "reference_id": "RHSA-2024:2799", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2799" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3269", "reference_id": "RHSA-2024:3269", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3269" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3309", "reference_id": "RHSA-2024:3309", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3309" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3312", "reference_id": "RHSA-2024:3312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3339", "reference_id": "RHSA-2024:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3411", "reference_id": "RHSA-2024:3411", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3411" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3423", "reference_id": "RHSA-2024:3423", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3423" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3464", "reference_id": "RHSA-2024:3464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3588", "reference_id": "RHSA-2024:3588", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3588" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4126", "reference_id": "RHSA-2024:4126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7590", "reference_id": "RHSA-2024:7590", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7590" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7594", "reference_id": "RHSA-2024:7594", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7594" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7599", "reference_id": "RHSA-2024:7599", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7599" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7939", "reference_id": "RHSA-2024:7939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8235", "reference_id": "RHSA-2024:8235", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8235" }, { "reference_url": "https://usn.ubuntu.com/6737-1/", "reference_id": "USN-6737-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6737-1/" }, { "reference_url": "https://usn.ubuntu.com/6737-2/", "reference_id": "USN-6737-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6737-2/" }, { "reference_url": "https://usn.ubuntu.com/6762-1/", "reference_id": "USN-6762-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6762-1/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YAMJQI3Y6BHWV3CUTYBXOZONCUJNOB2Z/", "reference_id": "YAMJQI3Y6BHWV3CUTYBXOZONCUJNOB2Z", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-30T04:00:23Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YAMJQI3Y6BHWV3CUTYBXOZONCUJNOB2Z/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995125?format=api", "purl": "pkg:deb/debian/glibc@2.31-13%2Bdeb11u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3e43-r92j-hkd3" }, { "vulnerability": "VCID-9nqp-tfvr-ayen" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-jswq-6ru6-wybc" }, { "vulnerability": "VCID-kukb-s61t-pbc3" }, { "vulnerability": "VCID-nwfb-xnks-1kg7" }, { "vulnerability": "VCID-ssnc-wdcf-sfc9" }, { "vulnerability": "VCID-tcpv-4crc-zuap" }, { "vulnerability": "VCID-us68-psx5-zude" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zn6t-3mvb-wufm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u11" } ], "aliases": [ "CVE-2024-2961" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sjav-8bub-eycz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83453?format=api", "vulnerability_id": "VCID-uqdb-tx7y-bbbc", "summary": "glibc: Buffer overflow in __mempcpy_avx512_no_vzeroupper", "references": [ { "reference_url": "https://access.redhat.com/errata/RHBA-2019:0327", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHBA-2019:0327" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11237.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11237.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-11237", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00797", "scoring_system": "epss", "scoring_elements": "0.73959", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00797", "scoring_system": "epss", "scoring_elements": "0.74047", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00797", "scoring_system": "epss", "scoring_elements": "0.74007", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00797", "scoring_system": "epss", "scoring_elements": "0.74046", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00797", "scoring_system": "epss", "scoring_elements": "0.74055", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00797", "scoring_system": "epss", "scoring_elements": "0.73966", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00797", "scoring_system": "epss", "scoring_elements": "0.73991", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00797", "scoring_system": "epss", "scoring_elements": "0.73963", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00797", "scoring_system": "epss", "scoring_elements": "0.73997", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00797", "scoring_system": "epss", "scoring_elements": "0.7401", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00797", "scoring_system": "epss", "scoring_elements": "0.74032", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00797", "scoring_system": "epss", "scoring_elements": "0.74014", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-11237" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11237", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11237" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190329-0001/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190329-0001/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190401-0001/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190401-0001/" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=23196", "reference_id": "", "reference_type": "", "scores": [], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=23196" }, { "reference_url": "https://www.exploit-db.com/exploits/44750/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/44750/" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html" }, { "reference_url": "http://www.securityfocus.com/bid/104256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/104256" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1581274", "reference_id": "1581274", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1581274" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=899070", "reference_id": "899070", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=899070" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:element_software_management:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:netapp:element_software_management:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:element_software_management:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_border_controller:8.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_session_border_controller:8.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_border_controller:8.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_border_controller:8.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_session_border_controller:8.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_border_controller:8.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_border_controller:8.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_session_border_controller:8.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_border_controller:8.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_communications_broker:3.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:enterprise_communications_broker:3.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_communications_broker:3.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_communications_broker:3.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:enterprise_communications_broker:3.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_communications_broker:3.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11237", "reference_id": "CVE-2018-11237", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11237" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3092", "reference_id": "RHSA-2018:3092", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3092" }, { "reference_url": "https://usn.ubuntu.com/4416-1/", "reference_id": "USN-4416-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4416-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049095?format=api", "purl": "pkg:deb/debian/glibc@2.28-7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-13gq-1x22-skhy" }, { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6kb1-yuq8-tfbs" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-75dc-1fd5-u3e2" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-b6tp-a1qc-pfdw" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-hj77-4nfx-fuaa" }, { "vulnerability": "VCID-mqch-gxfq-zyhh" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-pyms-pya1-buck" }, { "vulnerability": "VCID-sbzq-gp2e-v7fy" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-v96m-se3g-8ydp" }, { "vulnerability": "VCID-vqyv-kf5w-vkch" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.28-7" } ], "aliases": [ "CVE-2018-11237" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uqdb-tx7y-bbbc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36350?format=api", "vulnerability_id": "VCID-utss-75dn-r3b7", "summary": "Multiple vulnerabilities have been found in glibc, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8985.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8985.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8985", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41883", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41981", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41953", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.4188", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41945", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41972", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41899", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41949", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.4196", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41983", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41931", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8985" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779392", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779392" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8985", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8985" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2017/02/14/9", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2017/02/14/9" }, { "reference_url": "http://www.securityfocus.com/bid/76916", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/76916" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1197798", "reference_id": "1197798", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1197798" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8985", "reference_id": "CVE-2015-8985", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8985" }, { "reference_url": "https://security.gentoo.org/glsa/201908-06", "reference_id": "GLSA-201908-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201908-06" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049095?format=api", "purl": "pkg:deb/debian/glibc@2.28-7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-13gq-1x22-skhy" }, { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6kb1-yuq8-tfbs" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-75dc-1fd5-u3e2" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-b6tp-a1qc-pfdw" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-hj77-4nfx-fuaa" }, { "vulnerability": "VCID-mqch-gxfq-zyhh" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-pyms-pya1-buck" }, { "vulnerability": "VCID-sbzq-gp2e-v7fy" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-v96m-se3g-8ydp" }, { "vulnerability": "VCID-vqyv-kf5w-vkch" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.28-7" } ], "aliases": [ "CVE-2015-8985" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-utss-75dn-r3b7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59733?format=api", "vulnerability_id": "VCID-v96m-se3g-8ydp", "summary": "Multiple vulnerabilities have been found in glibc, the worst of\n which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10228.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10228.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-10228", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61384", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61538", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.6155", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61554", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61461", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61489", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61459", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61507", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61522", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61543", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61529", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61509", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-10228" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428290", "reference_id": "1428290", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428290" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=856503", "reference_id": "856503", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=856503" }, { "reference_url": "https://security.gentoo.org/glsa/202101-20", "reference_id": "GLSA-202101-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202101-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1585", "reference_id": "RHSA-2021:1585", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1585" }, { "reference_url": "https://usn.ubuntu.com/5310-1/", "reference_id": "USN-5310-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5310-1/" }, { "reference_url": "https://usn.ubuntu.com/5768-1/", "reference_id": "USN-5768-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5768-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049939?format=api", "purl": "pkg:deb/debian/glibc@2.31-9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-9" } ], "aliases": [ "CVE-2016-10228" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v96m-se3g-8ydp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36352?format=api", "vulnerability_id": "VCID-vajf-thpr-pbat", "summary": "Multiple vulnerabilities have been found in glibc, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19591.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19591.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19591", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01364", "scoring_system": "epss", "scoring_elements": "0.80134", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01364", "scoring_system": "epss", "scoring_elements": "0.80205", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01364", "scoring_system": "epss", "scoring_elements": "0.80141", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01364", "scoring_system": "epss", "scoring_elements": "0.80186", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01364", "scoring_system": "epss", "scoring_elements": "0.80178", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01364", "scoring_system": "epss", "scoring_elements": "0.80161", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01364", "scoring_system": "epss", "scoring_elements": "0.8015", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01775", "scoring_system": "epss", "scoring_elements": "0.82714", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01775", "scoring_system": "epss", "scoring_elements": "0.82677", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01775", "scoring_system": "epss", "scoring_elements": "0.82673", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01775", "scoring_system": "epss", "scoring_elements": "0.8271", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01775", "scoring_system": "epss", "scoring_elements": "0.82711", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19591" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19591", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19591" }, { "reference_url": "http://www.securitytracker.com/id/1042174", "reference_id": "1042174", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T19:12:51Z/" } ], "url": "http://www.securitytracker.com/id/1042174" }, { "reference_url": "http://www.securityfocus.com/bid/106037", "reference_id": "106037", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T19:12:51Z/" } ], "url": "http://www.securityfocus.com/bid/106037" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1653993", "reference_id": "1653993", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1653993" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914837", "reference_id": "914837", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914837" }, { "reference_url": "https://security.archlinux.org/AVG-830", "reference_id": "AVG-830", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-830" }, { "reference_url": "https://security.archlinux.org/AVG-831", "reference_id": "AVG-831", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-831" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BO7WHN52GFMC5F2I2232GFIPSSXWFV7G/", "reference_id": "BO7WHN52GFMC5F2I2232GFIPSSXWFV7G", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T19:12:51Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BO7WHN52GFMC5F2I2232GFIPSSXWFV7G/" }, { "reference_url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=d527c860f5a3f0ed687bd03f0cb464612dc23408", "reference_id": "gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=d527c860f5a3f0ed687bd03f0cb464612dc23408", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T19:12:51Z/" } ], "url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=d527c860f5a3f0ed687bd03f0cb464612dc23408" }, { "reference_url": "https://security.gentoo.org/glsa/201903-09", "reference_id": "GLSA-201903-09", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T19:12:51Z/" } ], "url": "https://security.gentoo.org/glsa/201903-09" }, { "reference_url": "https://security.gentoo.org/glsa/201908-06", "reference_id": "GLSA-201908-06", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T19:12:51Z/" } ], "url": "https://security.gentoo.org/glsa/201908-06" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M52KE4YR3GNMHQUOS3DKAGZD5TQ5D5UH/", "reference_id": "M52KE4YR3GNMHQUOS3DKAGZD5TQ5D5UH", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T19:12:51Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M52KE4YR3GNMHQUOS3DKAGZD5TQ5D5UH/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190321-0003/", "reference_id": "ntap-20190321-0003", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T19:12:51Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20190321-0003/" }, { "reference_url": "https://sourceware.org/git/?p=glibc.git%3Ba=blob_plain%3Bf=NEWS%3Bhb=HEAD", "reference_id": "?p=glibc.git%3Ba=blob_plain%3Bf=NEWS%3Bhb=HEAD", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T19:12:51Z/" } ], "url": "https://sourceware.org/git/?p=glibc.git%3Ba=blob_plain%3Bf=NEWS%3Bhb=HEAD" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=23927", "reference_id": "show_bug.cgi?id=23927", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T19:12:51Z/" } ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=23927" }, { "reference_url": "https://usn.ubuntu.com/4416-1/", "reference_id": "USN-4416-1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T19:12:51Z/" } ], "url": "https://usn.ubuntu.com/4416-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049095?format=api", "purl": "pkg:deb/debian/glibc@2.28-7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-13gq-1x22-skhy" }, { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6kb1-yuq8-tfbs" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-75dc-1fd5-u3e2" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-b6tp-a1qc-pfdw" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-hj77-4nfx-fuaa" }, { "vulnerability": "VCID-mqch-gxfq-zyhh" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-pyms-pya1-buck" }, { "vulnerability": "VCID-sbzq-gp2e-v7fy" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-v96m-se3g-8ydp" }, { "vulnerability": "VCID-vqyv-kf5w-vkch" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.28-7" } ], "aliases": [ "CVE-2018-19591" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vajf-thpr-pbat" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59734?format=api", "vulnerability_id": "VCID-vqyv-kf5w-vkch", "summary": "Multiple vulnerabilities have been found in glibc, the worst of\n which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1752.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1752.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1752", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.32946", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40442", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40521", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40548", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40469", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.4052", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40532", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40552", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40515", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40495", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40543", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40511", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1810718", "reference_id": "1810718", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1810718" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953788", "reference_id": "953788", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953788" }, { "reference_url": "https://security.gentoo.org/glsa/202101-20", "reference_id": "GLSA-202101-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202101-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4444", "reference_id": "RHSA-2020:4444", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4444" }, { "reference_url": "https://usn.ubuntu.com/4416-1/", "reference_id": "USN-4416-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4416-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049939?format=api", "purl": "pkg:deb/debian/glibc@2.31-9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-9" } ], "aliases": [ "CVE-2020-1752" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vqyv-kf5w-vkch" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31486?format=api", "vulnerability_id": "VCID-wctr-ebf2-gqa1", "summary": "Multiple vulnerabilities have been found in glibc, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15670.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15670.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15670", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.44273", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.4432", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.44359", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.44376", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.44345", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.444", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.4439", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.44344", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.44366", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.44302", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.44354", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15670" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15670", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15670" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:S/C:C/I:C/A:C" }, { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22320", "reference_id": "", "reference_type": "", "scores": [], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22320" }, { "reference_url": "http://www.securityfocus.com/bid/101521", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/101521" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1504804", "reference_id": "1504804", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1504804" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879501", "reference_id": "879501", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879501" }, { "reference_url": "https://security.archlinux.org/ASA-201801-8", "reference_id": "ASA-201801-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-8" }, { "reference_url": "https://security.archlinux.org/ASA-201801-9", "reference_id": "ASA-201801-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-9" }, { "reference_url": "https://security.archlinux.org/AVG-460", "reference_id": "AVG-460", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-460" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15670", "reference_id": "CVE-2017-15670", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15670" }, { "reference_url": "https://security.gentoo.org/glsa/201804-02", "reference_id": "GLSA-201804-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201804-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0805", "reference_id": "RHSA-2018:0805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:0805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1879", "reference_id": "RHSA-2018:1879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1879" }, { "reference_url": "https://usn.ubuntu.com/3534-1/", "reference_id": "USN-3534-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3534-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049095?format=api", "purl": "pkg:deb/debian/glibc@2.28-7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-13gq-1x22-skhy" }, { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6kb1-yuq8-tfbs" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-75dc-1fd5-u3e2" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-b6tp-a1qc-pfdw" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-hj77-4nfx-fuaa" }, { "vulnerability": "VCID-mqch-gxfq-zyhh" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-pyms-pya1-buck" }, { "vulnerability": "VCID-sbzq-gp2e-v7fy" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-v96m-se3g-8ydp" }, { "vulnerability": "VCID-vqyv-kf5w-vkch" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.28-7" } ], "aliases": [ "CVE-2017-15670" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wctr-ebf2-gqa1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31489?format=api", "vulnerability_id": "VCID-wp12-z5a5-pbgd", "summary": "Multiple vulnerabilities have been found in glibc, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHBA-2019:0327", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHBA-2019:0327" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16997.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16997.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-16997", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00878", "scoring_system": "epss", "scoring_elements": "0.75266", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00878", "scoring_system": "epss", "scoring_elements": "0.75358", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00878", "scoring_system": "epss", "scoring_elements": "0.75333", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00878", "scoring_system": "epss", "scoring_elements": "0.75322", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00878", "scoring_system": "epss", "scoring_elements": "0.75362", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00878", "scoring_system": "epss", "scoring_elements": "0.75368", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00878", "scoring_system": "epss", "scoring_elements": "0.7527", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00878", "scoring_system": "epss", "scoring_elements": "0.75302", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00878", "scoring_system": "epss", "scoring_elements": "0.7528", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00878", "scoring_system": "epss", "scoring_elements": "0.75323", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00878", "scoring_system": "epss", "scoring_elements": "0.75334", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00878", "scoring_system": "epss", "scoring_elements": "0.75355", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-16997" }, { "reference_url": "https://bugs.debian.org/884615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/884615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16997", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16997" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:C/I:C/A:C" }, { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22625", "reference_id": "", "reference_type": "", "scores": [], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22625" }, { "reference_url": "https://sourceware.org/ml/libc-alpha/2017-12/msg00528.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://sourceware.org/ml/libc-alpha/2017-12/msg00528.html" }, { "reference_url": "http://www.securityfocus.com/bid/102228", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/102228" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1526865", "reference_id": "1526865", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1526865" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884615", "reference_id": "884615", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884615" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:2.19:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:gnu:glibc:2.19:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:2.19:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:2.20:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:gnu:glibc:2.20:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:2.20:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:2.21:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:gnu:glibc:2.21:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:2.21:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:2.22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:gnu:glibc:2.22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:2.22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:2.23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:gnu:glibc:2.23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:2.23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:2.25:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:gnu:glibc:2.25:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:2.25:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:2.26:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:gnu:glibc:2.26:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:2.26:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16997", "reference_id": "CVE-2017-16997", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:C/I:C/A:C" }, { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16997" }, { "reference_url": "https://security.gentoo.org/glsa/201804-02", "reference_id": "GLSA-201804-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201804-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3092", "reference_id": "RHSA-2018:3092", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3092" }, { "reference_url": "https://usn.ubuntu.com/3534-1/", "reference_id": "USN-3534-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3534-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049095?format=api", "purl": "pkg:deb/debian/glibc@2.28-7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-13gq-1x22-skhy" }, { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6kb1-yuq8-tfbs" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-75dc-1fd5-u3e2" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-b6tp-a1qc-pfdw" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-hj77-4nfx-fuaa" }, { "vulnerability": "VCID-mqch-gxfq-zyhh" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-pyms-pya1-buck" }, { "vulnerability": "VCID-sbzq-gp2e-v7fy" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-v96m-se3g-8ydp" }, { "vulnerability": "VCID-vqyv-kf5w-vkch" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.28-7" } ], "aliases": [ "CVE-2017-16997" ], "risk_score": 4.2, "exploitability": "0.5", "weighted_severity": "8.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wp12-z5a5-pbgd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62169?format=api", "vulnerability_id": "VCID-wp18-zqr6-a3ag", "summary": "Multiple vulnerabilities have been discovered in the GNU C Library, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23219.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23219.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23219", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00379", "scoring_system": "epss", "scoring_elements": "0.59476", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00379", "scoring_system": "epss", "scoring_elements": "0.59469", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00379", "scoring_system": "epss", "scoring_elements": "0.5946", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.65815", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.65785", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66934", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66886", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66885", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66947", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66967", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66912", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23219" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042017", "reference_id": "2042017", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042017" }, { "reference_url": "https://security.gentoo.org/glsa/202208-24", "reference_id": "GLSA-202208-24", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:31:40Z/" } ], "url": "https://security.gentoo.org/glsa/202208-24" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0896", "reference_id": "RHSA-2022:0896", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0896" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22542", "reference_id": "show_bug.cgi?id=22542", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:31:40Z/" } ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22542" }, { "reference_url": "https://usn.ubuntu.com/5310-1/", "reference_id": "USN-5310-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5310-1/" }, { "reference_url": "https://usn.ubuntu.com/5310-2/", "reference_id": "USN-5310-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5310-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050172?format=api", "purl": "pkg:deb/debian/glibc@2.31-13%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u3" } ], "aliases": [ "CVE-2022-23219" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wp18-zqr6-a3ag" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31490?format=api", "vulnerability_id": "VCID-ww2m-6691-yfa7", "summary": "Multiple vulnerabilities have been found in glibc, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000001.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000001.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000001", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.41417", "scoring_system": "epss", "scoring_elements": "0.97411", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.41417", "scoring_system": "epss", "scoring_elements": "0.974", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.41417", "scoring_system": "epss", "scoring_elements": "0.97401", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.41417", "scoring_system": "epss", "scoring_elements": "0.97409", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.41417", "scoring_system": "epss", "scoring_elements": "0.97412", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.41417", "scoring_system": "epss", "scoring_elements": "0.9739", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.41417", "scoring_system": "epss", "scoring_elements": "0.97396", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.41417", "scoring_system": "epss", "scoring_elements": "0.97397", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.41417", "scoring_system": "epss", "scoring_elements": "0.97399", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.44049", "scoring_system": "epss", "scoring_elements": "0.97524", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.44049", "scoring_system": "epss", "scoring_elements": "0.97527", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.44049", "scoring_system": "epss", "scoring_elements": "0.97518", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000001" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000001", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000001" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1533836", "reference_id": "1533836", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1533836" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=887001", "reference_id": "887001", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=887001" }, { "reference_url": "https://security.archlinux.org/ASA-201801-18", "reference_id": "ASA-201801-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-18" }, { "reference_url": "https://security.archlinux.org/ASA-201801-19", "reference_id": "ASA-201801-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-19" }, { "reference_url": "https://security.archlinux.org/AVG-590", "reference_id": "AVG-590", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-590" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/43775.c", "reference_id": "CVE-2018-1000001", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/43775.c" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/44889.rb", "reference_id": "CVE-2018-1000001", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/44889.rb" }, { "reference_url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/29f4870fa0f916e31300d1bc78aeabeb297c667f/modules/exploits/linux/local/glibc_realpath_priv_esc.rb", "reference_id": "CVE-2018-1000001", "reference_type": "exploit", "scores": [], "url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/29f4870fa0f916e31300d1bc78aeabeb297c667f/modules/exploits/linux/local/glibc_realpath_priv_esc.rb" }, { "reference_url": "https://www.halfdog.net/Security/2017/LibcRealpathBufferUnderflow/RationalLove.c", "reference_id": "CVE-2018-1000001", "reference_type": "exploit", "scores": [], "url": "https://www.halfdog.net/Security/2017/LibcRealpathBufferUnderflow/RationalLove.c" }, { "reference_url": "https://security.gentoo.org/glsa/201804-02", "reference_id": "GLSA-201804-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201804-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0805", "reference_id": "RHSA-2018:0805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:0805" }, { "reference_url": "https://usn.ubuntu.com/3534-1/", "reference_id": "USN-3534-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3534-1/" }, { "reference_url": "https://usn.ubuntu.com/3536-1/", "reference_id": "USN-3536-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3536-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-4768-1/", "reference_id": "USN-USN-4768-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4768-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049095?format=api", "purl": "pkg:deb/debian/glibc@2.28-7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-13gq-1x22-skhy" }, { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6kb1-yuq8-tfbs" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-75dc-1fd5-u3e2" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-b6tp-a1qc-pfdw" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-hj77-4nfx-fuaa" }, { "vulnerability": "VCID-mqch-gxfq-zyhh" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-pyms-pya1-buck" }, { "vulnerability": "VCID-sbzq-gp2e-v7fy" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-v96m-se3g-8ydp" }, { "vulnerability": "VCID-vqyv-kf5w-vkch" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.28-7" } ], "aliases": [ "CVE-2018-1000001" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ww2m-6691-yfa7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43043?format=api", "vulnerability_id": "VCID-xhcm-t8jb-ybfb", "summary": "Multiple vulnerabilities have been discovered in glibc, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33602.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33602.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-33602", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63607", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63633", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63592", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63644", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63661", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63676", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.6366", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63627", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63664", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63673", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00627", "scoring_system": "epss", "scoring_elements": "0.70258", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-33602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277206", "reference_id": "2277206", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277206" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/07/22/5", "reference_id": "5", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-13T16:09:29Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/07/22/5" }, { "reference_url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0008", "reference_id": "GLIBC-SA-2024-0008", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-13T16:09:29Z/" } ], "url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0008" }, { "reference_url": "https://security.gentoo.org/glsa/202405-17", "reference_id": "GLSA-202405-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-17" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html", "reference_id": "msg00026.html", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-13T16:09:29Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240524-0012/", "reference_id": "ntap-20240524-0012", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-13T16:09:29Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240524-0012/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2799", "reference_id": "RHSA-2024:2799", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2799" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3309", "reference_id": "RHSA-2024:3309", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3309" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3312", "reference_id": "RHSA-2024:3312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3339", "reference_id": "RHSA-2024:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3344", "reference_id": "RHSA-2024:3344", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3344" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3411", "reference_id": "RHSA-2024:3411", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3411" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3423", "reference_id": "RHSA-2024:3423", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3423" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3464", "reference_id": "RHSA-2024:3464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3588", "reference_id": "RHSA-2024:3588", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3588" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4126", "reference_id": "RHSA-2024:4126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4126" }, { "reference_url": "https://usn.ubuntu.com/6804-1/", "reference_id": "USN-6804-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6804-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995125?format=api", "purl": "pkg:deb/debian/glibc@2.31-13%2Bdeb11u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3e43-r92j-hkd3" }, { "vulnerability": "VCID-9nqp-tfvr-ayen" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-jswq-6ru6-wybc" }, { "vulnerability": "VCID-kukb-s61t-pbc3" }, { "vulnerability": "VCID-nwfb-xnks-1kg7" }, { "vulnerability": "VCID-ssnc-wdcf-sfc9" }, { "vulnerability": "VCID-tcpv-4crc-zuap" }, { "vulnerability": "VCID-us68-psx5-zude" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zn6t-3mvb-wufm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u11" } ], "aliases": [ "CVE-2024-33602" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xhcm-t8jb-ybfb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61864?format=api", "vulnerability_id": "VCID-ys5d-7xgp-w7g5", "summary": "A vulnerability has been discovered in glibc, which can lead to execution of arbitrary code..", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0395.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0395.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0395", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21846", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21685", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21899", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21664", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.2174", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21798", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21808", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21768", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21711", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21718", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0395" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://sourceware.org/pipermail/libc-announce/2025/000044.html", "reference_id": "000044.html", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-04T20:45:32Z/" } ], "url": "https://sourceware.org/pipermail/libc-announce/2025/000044.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2339460", "reference_id": "2339460", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2339460" }, { "reference_url": "https://www.openwall.com/lists/oss-security/2025/01/22/4", "reference_id": "4", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-04T20:45:32Z/" } ], "url": "https://www.openwall.com/lists/oss-security/2025/01/22/4" }, { "reference_url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2025-0001", "reference_id": "GLIBC-SA-2025-0001", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-04T20:45:32Z/" } ], "url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2025-0001" }, { "reference_url": "https://security.gentoo.org/glsa/202505-06", "reference_id": "GLSA-202505-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3828", "reference_id": "RHSA-2025:3828", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3828" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4241", "reference_id": "RHSA-2025:4241", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4242", "reference_id": "RHSA-2025:4242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4242" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4243", "reference_id": "RHSA-2025:4243", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4243" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4244", "reference_id": "RHSA-2025:4244", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4244" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=32582", "reference_id": "show_bug.cgi?id=32582", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-04T20:45:32Z/" } ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=32582" }, { "reference_url": "https://usn.ubuntu.com/7259-1/", "reference_id": "USN-7259-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7259-1/" }, { "reference_url": "https://usn.ubuntu.com/7259-2/", "reference_id": "USN-7259-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7259-2/" }, { "reference_url": "https://usn.ubuntu.com/7259-3/", "reference_id": "USN-7259-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7259-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995126?format=api", "purl": "pkg:deb/debian/glibc@2.36-8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-8" } ], "aliases": [ "CVE-2025-0395" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ys5d-7xgp-w7g5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43778?format=api", "vulnerability_id": "VCID-zqx5-4rdk-1qa3", "summary": "Multiple vulnerabilities in glibc could result in Denial of\n Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-27645.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-27645.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-27645", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11077", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11189", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.1122", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11283", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11096", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11176", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11232", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11242", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11209", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11184", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11048", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11057", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-27645" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1932589", "reference_id": "1932589", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1932589" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/", "reference_id": "7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:57:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983479", "reference_id": "983479", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983479" }, { "reference_url": "https://security.archlinux.org/AVG-1621", "reference_id": "AVG-1621", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1621" }, { "reference_url": "https://security.gentoo.org/glsa/202107-07", "reference_id": "GLSA-202107-07", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:57:29Z/" } ], "url": "https://security.gentoo.org/glsa/202107-07" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/", "reference_id": "I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:57:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4358", "reference_id": "RHSA-2021:4358", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4358" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=27462", "reference_id": "show_bug.cgi?id=27462", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:57:29Z/" } ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=27462" }, { "reference_url": "https://usn.ubuntu.com/5310-1/", "reference_id": "USN-5310-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5310-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050169?format=api", "purl": "pkg:deb/debian/glibc@2.31-11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-11" } ], "aliases": [ "CVE-2021-27645" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zqx5-4rdk-1qa3" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/39606?format=api", "vulnerability_id": "VCID-rqh3-5xc2-uyab", "summary": "Multiple vulnerabilities have been found in the GNU C Library, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000366.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000366.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000366", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07617", "scoring_system": "epss", "scoring_elements": "0.91821", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.07617", "scoring_system": "epss", "scoring_elements": "0.91875", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.07617", "scoring_system": "epss", "scoring_elements": "0.91865", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.07617", "scoring_system": "epss", "scoring_elements": "0.91866", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.07617", "scoring_system": "epss", "scoring_elements": "0.91881", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.07617", "scoring_system": "epss", "scoring_elements": "0.91877", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.07617", "scoring_system": "epss", "scoring_elements": "0.91829", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.07617", "scoring_system": "epss", "scoring_elements": "0.91835", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.07617", "scoring_system": "epss", "scoring_elements": "0.91844", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.07617", "scoring_system": "epss", "scoring_elements": "0.91856", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.07617", "scoring_system": "epss", "scoring_elements": "0.91862", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000366" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000366" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:C/I:C/A:C" }, { "value": "8.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1452543", "reference_id": "1452543", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1452543" }, { "reference_url": "https://security.archlinux.org/ASA-201706-22", "reference_id": "ASA-201706-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-22" }, { "reference_url": "https://security.archlinux.org/ASA-201706-23", "reference_id": "ASA-201706-23", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-23" }, { "reference_url": "https://security.archlinux.org/AVG-307", "reference_id": "AVG-307", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-307" }, { "reference_url": "https://security.archlinux.org/AVG-308", "reference_id": "AVG-308", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-308" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux_x86/local/42274.c", "reference_id": "CVE-2017-1000370;CVE-2017-1000366", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux_x86/local/42274.c" }, { "reference_url": "https://www.qualys.com/2017/06/19/stack-clash/linux_ldso_hwcap.c", "reference_id": "CVE-2017-1000370;CVE-2017-1000366", "reference_type": "exploit", "scores": [], "url": "https://www.qualys.com/2017/06/19/stack-clash/linux_ldso_hwcap.c" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux_x86/local/42276.c", "reference_id": "CVE-2017-1000371;CVE-2017-1000366", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux_x86/local/42276.c" }, { "reference_url": "https://www.qualys.com/2017/06/19/stack-clash/linux_ldso_dynamic.c", "reference_id": "CVE-2017-1000371;CVE-2017-1000366", "reference_type": "exploit", "scores": [], "url": "https://www.qualys.com/2017/06/19/stack-clash/linux_ldso_dynamic.c" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux_x86-64/local/42275.c", "reference_id": "CVE-2017-1000379;CVE-2017-1000366", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux_x86-64/local/42275.c" }, { "reference_url": "https://www.qualys.com/2017/06/19/stack-clash/linux_ldso_hwcap_64.c", "reference_id": "CVE-2017-1000379;CVE-2017-1000366", "reference_type": "exploit", "scores": [], "url": "https://www.qualys.com/2017/06/19/stack-clash/linux_ldso_hwcap_64.c" }, { "reference_url": "https://security.gentoo.org/glsa/201706-19", "reference_id": "GLSA-201706-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201706-19" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1479", "reference_id": "RHSA-2017:1479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1480", "reference_id": "RHSA-2017:1480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1481", "reference_id": "RHSA-2017:1481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1567", "reference_id": "RHSA-2017:1567", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1567" }, { "reference_url": "https://usn.ubuntu.com/3323-1/", "reference_id": "USN-3323-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3323-1/" }, { "reference_url": "https://usn.ubuntu.com/3323-2/", "reference_id": "USN-3323-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3323-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036033?format=api", "purl": "pkg:deb/debian/glibc@2.19-18%2Bdeb8u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-13gq-1x22-skhy" }, { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-2tgj-syh1-pqaj" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6kb1-yuq8-tfbs" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-6t8d-48g7-1yey" }, { "vulnerability": "VCID-75dc-1fd5-u3e2" }, { "vulnerability": "VCID-7fvy-59bc-jqf6" }, { "vulnerability": "VCID-814q-u5m5-gqec" }, { "vulnerability": "VCID-84zb-rzwk-fbfp" }, { "vulnerability": "VCID-8egr-f63v-3uht" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-991k-es3s-hbg4" }, { "vulnerability": "VCID-b6tp-a1qc-pfdw" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-c4w6-89qu-xkev" }, { "vulnerability": "VCID-cv87-rxmr-cqhn" }, { "vulnerability": "VCID-d1zs-8tg7-byhe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-e27x-ufvw-cyec" }, { "vulnerability": "VCID-edpa-k13r-uken" }, { "vulnerability": "VCID-evbv-ckb4-yybq" }, { "vulnerability": "VCID-f7vd-cpza-xfcx" }, { "vulnerability": "VCID-f9ts-xn57-6qa8" }, { "vulnerability": "VCID-fjrd-sadn-kfcf" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-hdz6-ewkg-xqc9" }, { "vulnerability": "VCID-hj77-4nfx-fuaa" }, { "vulnerability": "VCID-hrky-wxm3-5fh3" }, { "vulnerability": "VCID-jadt-55f6-uuh6" }, { "vulnerability": "VCID-jnz7-w98a-kqgs" }, { "vulnerability": "VCID-kpcn-f4dw-97hm" }, { "vulnerability": "VCID-kxg9-kntn-xqan" }, { "vulnerability": "VCID-mqch-gxfq-zyhh" }, { "vulnerability": "VCID-nj37-pefw-rfbt" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-ppaj-d4b9-wuhf" }, { "vulnerability": "VCID-pyms-pya1-buck" }, { "vulnerability": "VCID-q5az-xe7k-m7av" }, { "vulnerability": "VCID-qaaq-fss4-1kgr" }, { "vulnerability": "VCID-qwx5-bayb-bkcg" }, { "vulnerability": "VCID-r44h-gkxy-8kh2" }, { "vulnerability": "VCID-rqh3-5xc2-uyab" }, { "vulnerability": "VCID-rt4z-2rd4-qfde" }, { "vulnerability": "VCID-ru1q-qgq2-h7ct" }, { "vulnerability": "VCID-sbzq-gp2e-v7fy" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-tp9v-vmge-nkdf" }, { "vulnerability": "VCID-uqdb-tx7y-bbbc" }, { "vulnerability": "VCID-utss-75dn-r3b7" }, { "vulnerability": "VCID-v96m-se3g-8ydp" }, { "vulnerability": "VCID-vajf-thpr-pbat" }, { "vulnerability": "VCID-vake-u1n1-x3hx" }, { "vulnerability": "VCID-ven5-emb5-a7bh" }, { "vulnerability": "VCID-vqyv-kf5w-vkch" }, { "vulnerability": "VCID-wctr-ebf2-gqa1" }, { "vulnerability": "VCID-weg2-kxcj-fkcg" }, { "vulnerability": "VCID-wp12-z5a5-pbgd" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-ww2m-6691-yfa7" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-xyvn-w5ac-yqcn" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-z2xd-8n4a-b3cp" }, { "vulnerability": "VCID-zk4w-q3pr-myh6" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.19-18%252Bdeb8u10" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036929?format=api", "purl": "pkg:deb/debian/glibc@2.24-11%2Bdeb9u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-13gq-1x22-skhy" }, { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6kb1-yuq8-tfbs" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-75dc-1fd5-u3e2" }, { "vulnerability": "VCID-8egr-f63v-3uht" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-b6tp-a1qc-pfdw" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-c4w6-89qu-xkev" }, { "vulnerability": "VCID-cv87-rxmr-cqhn" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-e27x-ufvw-cyec" }, { "vulnerability": "VCID-evbv-ckb4-yybq" }, { "vulnerability": "VCID-f9ts-xn57-6qa8" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-hdz6-ewkg-xqc9" }, { "vulnerability": "VCID-hj77-4nfx-fuaa" }, { "vulnerability": "VCID-jadt-55f6-uuh6" }, { "vulnerability": "VCID-jnz7-w98a-kqgs" }, { "vulnerability": "VCID-kxg9-kntn-xqan" }, { "vulnerability": "VCID-mqch-gxfq-zyhh" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-pyms-pya1-buck" }, { "vulnerability": "VCID-q5az-xe7k-m7av" }, { "vulnerability": "VCID-qaaq-fss4-1kgr" }, { "vulnerability": "VCID-qwx5-bayb-bkcg" }, { "vulnerability": "VCID-rqh3-5xc2-uyab" }, { "vulnerability": "VCID-rt4z-2rd4-qfde" }, { "vulnerability": "VCID-sbzq-gp2e-v7fy" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-uqdb-tx7y-bbbc" }, { "vulnerability": "VCID-utss-75dn-r3b7" }, { "vulnerability": "VCID-v96m-se3g-8ydp" }, { "vulnerability": "VCID-vajf-thpr-pbat" }, { "vulnerability": "VCID-vqyv-kf5w-vkch" }, { "vulnerability": "VCID-wctr-ebf2-gqa1" }, { "vulnerability": "VCID-wp12-z5a5-pbgd" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-ww2m-6691-yfa7" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.24-11%252Bdeb9u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049095?format=api", "purl": "pkg:deb/debian/glibc@2.28-7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-13gq-1x22-skhy" }, { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6kb1-yuq8-tfbs" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-75dc-1fd5-u3e2" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-b6tp-a1qc-pfdw" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-hj77-4nfx-fuaa" }, { "vulnerability": "VCID-mqch-gxfq-zyhh" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-pyms-pya1-buck" }, { "vulnerability": "VCID-sbzq-gp2e-v7fy" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-v96m-se3g-8ydp" }, { "vulnerability": "VCID-vqyv-kf5w-vkch" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.28-7" } ], "aliases": [ "CVE-2017-1000366" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rqh3-5xc2-uyab" } ], "risk_score": "10.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.24-11%252Bdeb9u3" }