Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1049202?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1049202?format=api", "purl": "pkg:deb/debian/glib2.0@2.66.8-1", "type": "deb", "namespace": "debian", "name": "glib2.0", "version": "2.66.8-1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "2.74.6-2+deb12u6", "latest_non_vulnerable_version": "2.88.0-1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/19047?format=api", "vulnerability_id": "VCID-4em6-3x32-ybcv", "summary": "Uncontrolled Resource Consumption\nA flaw was found in GLib. GVariant deserialization is vulnerable to a slowdown issue where a crafted GVariant can cause excessive processing, leading to denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32611.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32611.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32611", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10018", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10075", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09973", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.1005", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.1011", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.1015", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10088", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32611" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2211829", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2211829" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32611", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32611" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.gnome.org/GNOME/glib/-/issues/2797", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/2797" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-32611", "reference_id": "CVE-2023-32611", "reference_type": "", "scores": [], "url": "https://access.redhat.com/security/cve/CVE-2023-32611" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-32611", "reference_id": "CVE-2023-32611", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-32611" }, { "reference_url": "https://security.gentoo.org/glsa/202311-18", "reference_id": "GLSA-202311-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202311-18" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6631", "reference_id": "RHSA-2023:6631", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6631" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2528", "reference_id": "RHSA-2024:2528", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2528" }, { "reference_url": "https://usn.ubuntu.com/6165-1/", "reference_id": "USN-6165-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6165-1/" }, { "reference_url": "https://usn.ubuntu.com/6165-2/", "reference_id": "USN-6165-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6165-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049203?format=api", "purl": "pkg:deb/debian/glib2.0@2.66.8-1%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6xng-bfkg-jfa4" }, { "vulnerability": "VCID-817e-zas3-6yf6" }, { "vulnerability": "VCID-a9dn-qcuy-f7cs" }, { "vulnerability": "VCID-cgcb-brxv-mqef" }, { "vulnerability": "VCID-dsah-jpwg-yfez" }, { "vulnerability": "VCID-gchd-ewt9-17dk" }, { "vulnerability": "VCID-gwaz-f5mw-j7cb" }, { "vulnerability": "VCID-h7kh-2qm2-1fgu" }, { "vulnerability": "VCID-re78-z26g-ffen" }, { "vulnerability": "VCID-u5sb-ke8a-qkd2" }, { "vulnerability": "VCID-xq36-cxqj-h3hh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glib2.0@2.66.8-1%252Bdeb11u4" } ], "aliases": [ "CVE-2023-32611" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4em6-3x32-ybcv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66432?format=api", "vulnerability_id": "VCID-6xng-bfkg-jfa4", "summary": "glib: Integer overflow in in g_escape_uri_string()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13601.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13601.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13601", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01286", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01285", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01295", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01301", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01304", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01288", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01283", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01281", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13601" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121488", "reference_id": "1121488", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121488" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416741", "reference_id": "2416741", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-26T14:58:08Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416741" }, { "reference_url": "https://gitlab.gnome.org/GNOME/glib/-/issues/3827", "reference_id": "3827", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-26T14:58:08Z/" } ], "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/3827" }, { "reference_url": "https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4914", "reference_id": "4914", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-26T14:58:08Z/" } ], "url": "https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4914" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:8::el9", "reference_id": "cpe:/a:redhat:ceph_storage:8::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:8::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9", "reference_id": "cpe:/a:redhat:discovery:2::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1", "reference_id": "cpe:/a:redhat:hummingbird:1", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9", "reference_id": "cpe:/a:redhat:insights_proxy:1.5::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8", "reference_id": "cpe:/a:redhat:openshift:4.12::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9", "reference_id": "cpe:/a:redhat:openshift:4.13::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9", "reference_id": "cpe:/a:redhat:openshift:4.14::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9", "reference_id": "cpe:/a:redhat:openshift:4.15::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9", "reference_id": "cpe:/a:redhat:openshift:4.16::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9", "reference_id": "cpe:/a:redhat:openshift:4.17::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9", "reference_id": "cpe:/a:redhat:openshift:4.18::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.19::el9", "reference_id": "cpe:/a:redhat:openshift:4.19::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.19::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.6::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.6::crb", "reference_id": "cpe:/a:redhat:rhel_eus:9.6::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.6::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhui:5::el9", "reference_id": "cpe:/a:redhat:rhui:5::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhui:5::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1", "reference_id": "cpe:/o:redhat:enterprise_linux:10.1", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:9::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux_eus:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux_eus:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux_eus:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:9.0::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:9.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7", "reference_id": "cpe:/o:redhat:rhel_els:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:9.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.6::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:9.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_tus:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-13601", "reference_id": "CVE-2025-13601", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-26T14:58:08Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-13601" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0936", "reference_id": "RHSA-2026:0936", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-26T14:58:08Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0936" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0975", "reference_id": "RHSA-2026:0975", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-26T14:58:08Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0975" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0991", "reference_id": "RHSA-2026:0991", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-26T14:58:08Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0991" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1323", "reference_id": "RHSA-2026:1323", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-26T14:58:08Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:1323" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1324", "reference_id": "RHSA-2026:1324", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-26T14:58:08Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:1324" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1326", "reference_id": "RHSA-2026:1326", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-26T14:58:08Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:1326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1327", "reference_id": "RHSA-2026:1327", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-26T14:58:08Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:1327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1465", "reference_id": "RHSA-2026:1465", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-26T14:58:08Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:1465" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1608", "reference_id": "RHSA-2026:1608", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-26T14:58:08Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:1608" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1624", "reference_id": "RHSA-2026:1624", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-26T14:58:08Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:1624" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1625", "reference_id": "RHSA-2026:1625", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-26T14:58:08Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:1625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1626", "reference_id": "RHSA-2026:1626", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-26T14:58:08Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:1626" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1627", "reference_id": "RHSA-2026:1627", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-26T14:58:08Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:1627" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1652", "reference_id": "RHSA-2026:1652", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-26T14:58:08Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:1652" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1736", "reference_id": "RHSA-2026:1736", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-26T14:58:08Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:1736" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2064", "reference_id": "RHSA-2026:2064", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-26T14:58:08Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:2064" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2072", "reference_id": "RHSA-2026:2072", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-26T14:58:08Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:2072" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2485", "reference_id": "RHSA-2026:2485", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-26T14:58:08Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:2485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2563", "reference_id": "RHSA-2026:2563", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-26T14:58:08Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:2563" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2633", "reference_id": "RHSA-2026:2633", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-26T14:58:08Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:2633" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2659", "reference_id": "RHSA-2026:2659", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-26T14:58:08Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:2659" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2671", "reference_id": "RHSA-2026:2671", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-26T14:58:08Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:2671" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2974", "reference_id": "RHSA-2026:2974", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-26T14:58:08Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:2974" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3415", "reference_id": "RHSA-2026:3415", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-26T14:58:08Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:3415" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4419", "reference_id": "RHSA-2026:4419", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-26T14:58:08Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:4419" }, { "reference_url": "https://usn.ubuntu.com/7942-1/", "reference_id": "USN-7942-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7942-1/" }, { "reference_url": "https://usn.ubuntu.com/7942-2/", "reference_id": "USN-7942-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7942-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049204?format=api", "purl": "pkg:deb/debian/glib2.0@2.74.6-2%2Bdeb12u6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glib2.0@2.74.6-2%252Bdeb12u6" } ], "aliases": [ "CVE-2025-13601" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "6.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6xng-bfkg-jfa4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70452?format=api", "vulnerability_id": "VCID-817e-zas3-6yf6", "summary": "glibc: GLib prior to 2.82.5 is vulnerable to integer overflow and buffer under-read when parsing a very long invalid ISO 8601 timestamp with g_date_time_new_from_iso8601().", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3360.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3360.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3360", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60218", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60169", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60227", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60249", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60235", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60194", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60163", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60213", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3360" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2357754", "reference_id": "2357754", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-07T13:23:42Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2357754" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-3360", "reference_id": "CVE-2025-3360", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-07T13:23:42Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-3360" }, { "reference_url": "https://usn.ubuntu.com/7942-1/", "reference_id": "USN-7942-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7942-1/" }, { "reference_url": "https://usn.ubuntu.com/7942-2/", "reference_id": "USN-7942-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7942-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049204?format=api", "purl": "pkg:deb/debian/glib2.0@2.74.6-2%2Bdeb12u6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glib2.0@2.74.6-2%252Bdeb12u6" } ], "aliases": [ "CVE-2025-3360" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-817e-zas3-6yf6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64863?format=api", "vulnerability_id": "VCID-a9dn-qcuy-f7cs", "summary": "Glib: GLib: Memory corruption via integer overflow in Unicode case conversion", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1489.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1489.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-1489", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18192", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18139", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00066", "scoring_system": "epss", "scoring_elements": "0.20497", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00066", "scoring_system": "epss", "scoring_elements": "0.20431", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00066", "scoring_system": "epss", "scoring_elements": "0.20514", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00066", "scoring_system": "epss", "scoring_elements": "0.20571", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00066", "scoring_system": "epss", "scoring_elements": "0.20593", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00066", "scoring_system": "epss", "scoring_elements": "0.20549", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-1489" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1489", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1489" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126549", "reference_id": "1126549", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126549" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433348", "reference_id": "2433348", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-27T15:09:00Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433348" }, { "reference_url": "https://gitlab.gnome.org/GNOME/glib/-/issues/3872", "reference_id": "3872", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-27T15:09:00Z/" } ], "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/3872" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2026-1489", "reference_id": "CVE-2026-1489", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-27T15:09:00Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2026-1489" }, { "reference_url": "https://usn.ubuntu.com/8017-1/", "reference_id": "USN-8017-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8017-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049204?format=api", "purl": "pkg:deb/debian/glib2.0@2.74.6-2%2Bdeb12u6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glib2.0@2.74.6-2%252Bdeb12u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059929?format=api", "purl": "pkg:deb/debian/glib2.0@2.74.6-2%2Bdeb12u9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glib2.0@2.74.6-2%252Bdeb12u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059930?format=api", "purl": "pkg:deb/debian/glib2.0@2.84.4-3~deb13u3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glib2.0@2.84.4-3~deb13u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/994532?format=api", "purl": "pkg:deb/debian/glib2.0@2.87.2-3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glib2.0@2.87.2-3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026164?format=api", "purl": "pkg:deb/debian/glib2.0@2.88.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glib2.0@2.88.0-1" } ], "aliases": [ "CVE-2026-1489" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a9dn-qcuy-f7cs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69779?format=api", "vulnerability_id": "VCID-cgcb-brxv-mqef", "summary": "glib: Buffer Underflow on GLib through glib/gstring.c via function g_string_insert_unichar", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4373.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4373.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4373", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.72927", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.7296", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.72974", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.72999", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.72978", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.72972", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.72947", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.72922", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4373" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104930", "reference_id": "1104930", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104930" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2364265", "reference_id": "2364265", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-06T15:09:21Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2364265" }, { "reference_url": "https://gitlab.gnome.org/GNOME/glib/-/issues/3677", "reference_id": "3677", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-06T15:09:21Z/" } ], "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/3677" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9", "reference_id": "cpe:/a:redhat:insights_proxy:1.5::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_distributed_tracing:3.6::el8", "reference_id": "cpe:/a:redhat:openshift_distributed_tracing:3.6::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_distributed_tracing:3.6::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:9::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:9.0::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:9.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:9.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_tus:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-4373", "reference_id": "CVE-2025-4373", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-06T15:09:21Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-4373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10855", "reference_id": "RHSA-2025:10855", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-06T15:09:21Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10855" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11140", "reference_id": "RHSA-2025:11140", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-06T15:09:21Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:11140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11327", "reference_id": "RHSA-2025:11327", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-06T15:09:21Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:11327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11373", "reference_id": "RHSA-2025:11373", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-06T15:09:21Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:11373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11374", "reference_id": "RHSA-2025:11374", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-06T15:09:21Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:11374" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11662", "reference_id": "RHSA-2025:11662", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-06T15:09:21Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:11662" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12275", "reference_id": "RHSA-2025:12275", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-06T15:09:21Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12275" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13335", "reference_id": "RHSA-2025:13335", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-06T15:09:21Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:13335" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14988", "reference_id": "RHSA-2025:14988", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-06T15:09:21Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:14988" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14989", "reference_id": "RHSA-2025:14989", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-06T15:09:21Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:14989" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14990", "reference_id": "RHSA-2025:14990", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-06T15:09:21Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:14990" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14991", "reference_id": "RHSA-2025:14991", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-06T15:09:21Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:14991" }, { "reference_url": "https://usn.ubuntu.com/7532-1/", "reference_id": "USN-7532-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7532-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049204?format=api", "purl": "pkg:deb/debian/glib2.0@2.74.6-2%2Bdeb12u6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glib2.0@2.74.6-2%252Bdeb12u6" } ], "aliases": [ "CVE-2025-4373" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cgcb-brxv-mqef" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97148?format=api", "vulnerability_id": "VCID-damf-qan2-byfh", "summary": "regression update", "references": [], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049203?format=api", "purl": "pkg:deb/debian/glib2.0@2.66.8-1%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6xng-bfkg-jfa4" }, { "vulnerability": "VCID-817e-zas3-6yf6" }, { "vulnerability": "VCID-a9dn-qcuy-f7cs" }, { "vulnerability": "VCID-cgcb-brxv-mqef" }, { "vulnerability": "VCID-dsah-jpwg-yfez" }, { "vulnerability": "VCID-gchd-ewt9-17dk" }, { "vulnerability": "VCID-gwaz-f5mw-j7cb" }, { "vulnerability": "VCID-h7kh-2qm2-1fgu" }, { "vulnerability": "VCID-re78-z26g-ffen" }, { "vulnerability": "VCID-u5sb-ke8a-qkd2" }, { "vulnerability": "VCID-xq36-cxqj-h3hh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glib2.0@2.66.8-1%252Bdeb11u4" } ], "aliases": [ "DSA-5682-2 glib2.0" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-damf-qan2-byfh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72811?format=api", "vulnerability_id": "VCID-dsah-jpwg-yfez", "summary": "glib: buffer overflow in set_connect_msg()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-52533.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-52533.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-52533", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03091", "scoring_system": "epss", "scoring_elements": "0.86789", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03091", "scoring_system": "epss", "scoring_elements": "0.86738", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03091", "scoring_system": "epss", "scoring_elements": "0.86757", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03091", "scoring_system": "epss", "scoring_elements": "0.86756", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03091", "scoring_system": "epss", "scoring_elements": "0.86775", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03091", "scoring_system": "epss", "scoring_elements": "0.86784", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03091", "scoring_system": "epss", "scoring_elements": "0.86797", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03091", "scoring_system": "epss", "scoring_elements": "0.86794", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-52533" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52533", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52533" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087419", "reference_id": "1087419", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087419" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2325340", "reference_id": "2325340", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2325340" }, { "reference_url": "https://gitlab.gnome.org/GNOME/glib/-/releases/2.82.1", "reference_id": "2.82.1", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-12T15:46:58Z/" } ], "url": "https://gitlab.gnome.org/GNOME/glib/-/releases/2.82.1" }, { "reference_url": "https://gitlab.gnome.org/GNOME/glib/-/issues/3461", "reference_id": "3461", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-12T15:46:58Z/" } ], "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/3461" }, { "reference_url": "https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home", "reference_id": "home", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-12T15:46:58Z/" } ], "url": "https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0936", "reference_id": "RHSA-2025:0936", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0936" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10855", "reference_id": "RHSA-2025:10855", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10855" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11140", "reference_id": "RHSA-2025:11140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11327", "reference_id": "RHSA-2025:11327", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11373", "reference_id": "RHSA-2025:11373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11374", "reference_id": "RHSA-2025:11374", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11374" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11662", "reference_id": "RHSA-2025:11662", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11662" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12275", "reference_id": "RHSA-2025:12275", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12275" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13335", "reference_id": "RHSA-2025:13335", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13335" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14988", "reference_id": "RHSA-2025:14988", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14988" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14989", "reference_id": "RHSA-2025:14989", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14989" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14990", "reference_id": "RHSA-2025:14990", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14990" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14991", "reference_id": "RHSA-2025:14991", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14991" }, { "reference_url": "https://usn.ubuntu.com/7114-1/", "reference_id": "USN-7114-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7114-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049204?format=api", "purl": "pkg:deb/debian/glib2.0@2.74.6-2%2Bdeb12u6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glib2.0@2.74.6-2%252Bdeb12u6" } ], "aliases": [ "CVE-2024-52533" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dsah-jpwg-yfez" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64996?format=api", "vulnerability_id": "VCID-gchd-ewt9-17dk", "summary": "glib: GLib: Denial of Service via Integer Overflow in g_buffered_input_stream_peek()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0988.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0988.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0988", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21001", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.2117", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20938", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21019", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21079", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21096", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21053", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21225", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0988" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0988", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0988" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125752", "reference_id": "1125752", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125752" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429886", "reference_id": "2429886", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T14:25:32Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429886" }, { "reference_url": "https://gitlab.gnome.org/GNOME/glib/-/issues/3851", "reference_id": "3851", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T14:25:32Z/" } ], "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/3851" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1", "reference_id": "cpe:/a:redhat:hummingbird:1", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2026-0988", "reference_id": "CVE-2026-0988", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T14:25:32Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2026-0988" }, { "reference_url": "https://usn.ubuntu.com/7971-1/", "reference_id": "USN-7971-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7971-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049204?format=api", "purl": "pkg:deb/debian/glib2.0@2.74.6-2%2Bdeb12u6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glib2.0@2.74.6-2%252Bdeb12u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059929?format=api", "purl": "pkg:deb/debian/glib2.0@2.74.6-2%2Bdeb12u9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glib2.0@2.74.6-2%252Bdeb12u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059930?format=api", "purl": "pkg:deb/debian/glib2.0@2.84.4-3~deb13u3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glib2.0@2.84.4-3~deb13u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026164?format=api", "purl": "pkg:deb/debian/glib2.0@2.88.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glib2.0@2.88.0-1" } ], "aliases": [ "CVE-2026-0988" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gchd-ewt9-17dk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64862?format=api", "vulnerability_id": "VCID-gwaz-f5mw-j7cb", "summary": "Glib: Glib: Local denial of service via buffer underflow in content type parsing", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1485.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1485.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-1485", "reference_id": "", "reference_type": "", "scores": [ { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00254", "published_at": "2026-04-04T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00253", "published_at": "2026-04-02T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00336", "published_at": "2026-04-13T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00345", "published_at": "2026-04-07T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00342", "published_at": "2026-04-09T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.0034", "published_at": "2026-04-11T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00339", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-1485" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1485", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1485" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126550", "reference_id": "1126550", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126550" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433325", "reference_id": "2433325", "reference_type": "", "scores": [ { "value": "2.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-27T14:39:59Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433325" }, { "reference_url": "https://gitlab.gnome.org/GNOME/glib/-/issues/3871", "reference_id": "3871", "reference_type": "", "scores": [ { "value": "2.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-27T14:39:59Z/" } ], "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/3871" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2026-1485", "reference_id": "CVE-2026-1485", "reference_type": "", "scores": [ { "value": "2.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-27T14:39:59Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2026-1485" }, { "reference_url": "https://usn.ubuntu.com/8017-1/", "reference_id": "USN-8017-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8017-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049204?format=api", "purl": "pkg:deb/debian/glib2.0@2.74.6-2%2Bdeb12u6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glib2.0@2.74.6-2%252Bdeb12u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059929?format=api", "purl": "pkg:deb/debian/glib2.0@2.74.6-2%2Bdeb12u9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glib2.0@2.74.6-2%252Bdeb12u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059930?format=api", "purl": "pkg:deb/debian/glib2.0@2.84.4-3~deb13u3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glib2.0@2.84.4-3~deb13u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026164?format=api", "purl": "pkg:deb/debian/glib2.0@2.88.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glib2.0@2.88.0-1" } ], "aliases": [ "CVE-2026-1485" ], "risk_score": 1.2, "exploitability": "0.5", "weighted_severity": "2.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gwaz-f5mw-j7cb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66330?format=api", "vulnerability_id": "VCID-h7kh-2qm2-1fgu", "summary": "glib: GLib: Buffer underflow in GVariant parser leads to heap corruption", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14087.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14087.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14087", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46043", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46039", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.45987", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46018", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.4604", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51847", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51882", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51862", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14087" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14087", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14087" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1122347", "reference_id": "1122347", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1122347" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419093", "reference_id": "2419093", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-10T14:46:20Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419093" }, { "reference_url": "https://gitlab.gnome.org/GNOME/glib/-/issues/3834", "reference_id": "3834", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-10T14:46:20Z/" } ], "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/3834" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1", "reference_id": "cpe:/a:redhat:hummingbird:1", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-14087", "reference_id": "CVE-2025-14087", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-10T14:46:20Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-14087" }, { "reference_url": "https://usn.ubuntu.com/7942-1/", "reference_id": "USN-7942-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7942-1/" }, { "reference_url": "https://usn.ubuntu.com/7942-2/", "reference_id": "USN-7942-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7942-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049204?format=api", "purl": "pkg:deb/debian/glib2.0@2.74.6-2%2Bdeb12u6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glib2.0@2.74.6-2%252Bdeb12u6" } ], "aliases": [ "CVE-2025-14087" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h7kh-2qm2-1fgu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47081?format=api", "vulnerability_id": "VCID-r5t7-nkkv-skhg", "summary": "A vulnerability has been discovered in GLib, which can lead to privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-34397.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-34397.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34397", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40855", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40881", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40909", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40837", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40886", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40892", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40874", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34397" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279632", "reference_id": "2279632", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279632" }, { "reference_url": "https://gitlab.gnome.org/GNOME/glib/-/issues/3268", "reference_id": "3268", "reference_type": "", "scores": [ { "value": "5.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-09T19:45:07Z/" } ], "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/3268" }, { "reference_url": "https://www.openwall.com/lists/oss-security/2024/05/07/5", "reference_id": "5", "reference_type": "", "scores": [ { "value": "5.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-09T19:45:07Z/" } ], "url": "https://www.openwall.com/lists/oss-security/2024/05/07/5" }, { "reference_url": "https://security.gentoo.org/glsa/202406-01", "reference_id": "GLSA-202406-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202406-01" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IRSFYAE5X23TNRWX7ZWEJOMISLCDSYNS/", "reference_id": "IRSFYAE5X23TNRWX7ZWEJOMISLCDSYNS", "reference_type": "", "scores": [ { "value": "5.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-09T19:45:07Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IRSFYAE5X23TNRWX7ZWEJOMISLCDSYNS/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LCDY3KA7G7D3DRXYTT46K6LFHS2KHWBH/", "reference_id": "LCDY3KA7G7D3DRXYTT46K6LFHS2KHWBH", "reference_type": "", "scores": [ { "value": "5.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-09T19:45:07Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LCDY3KA7G7D3DRXYTT46K6LFHS2KHWBH/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LL6HSJDXCXMLEIJBYV6CPOR4K2NTCTXW/", "reference_id": "LL6HSJDXCXMLEIJBYV6CPOR4K2NTCTXW", "reference_type": "", "scores": [ { "value": "5.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-09T19:45:07Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LL6HSJDXCXMLEIJBYV6CPOR4K2NTCTXW/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00008.html", "reference_id": "msg00008.html", "reference_type": "", "scores": [ { "value": "5.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-09T19:45:07Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00008.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240531-0008/", "reference_id": "ntap-20240531-0008", "reference_type": "", "scores": [ { "value": "5.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-09T19:45:07Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240531-0008/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10135", "reference_id": "RHSA-2024:10135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11109", "reference_id": "RHSA-2024:11109", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11109" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6464", "reference_id": "RHSA-2024:6464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7213", "reference_id": "RHSA-2024:7213", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7213" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7374", "reference_id": "RHSA-2024:7374", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7374" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9442", "reference_id": "RHSA-2024:9442", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9442" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10780", "reference_id": "RHSA-2025:10780", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10780" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11327", "reference_id": "RHSA-2025:11327", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11662", "reference_id": "RHSA-2025:11662", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11662" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14988", "reference_id": "RHSA-2025:14988", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14988" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14989", "reference_id": "RHSA-2025:14989", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14989" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14990", "reference_id": "RHSA-2025:14990", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14990" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14991", "reference_id": "RHSA-2025:14991", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14991" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UNFJHISR4O6VFOHBFWH5I5WWMG37H63A/", "reference_id": "UNFJHISR4O6VFOHBFWH5I5WWMG37H63A", "reference_type": "", "scores": [ { "value": "5.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-09T19:45:07Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UNFJHISR4O6VFOHBFWH5I5WWMG37H63A/" }, { "reference_url": "https://usn.ubuntu.com/6768-1/", "reference_id": "USN-6768-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6768-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049203?format=api", "purl": "pkg:deb/debian/glib2.0@2.66.8-1%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6xng-bfkg-jfa4" }, { "vulnerability": "VCID-817e-zas3-6yf6" }, { "vulnerability": "VCID-a9dn-qcuy-f7cs" }, { "vulnerability": "VCID-cgcb-brxv-mqef" }, { "vulnerability": "VCID-dsah-jpwg-yfez" }, { "vulnerability": "VCID-gchd-ewt9-17dk" }, { "vulnerability": "VCID-gwaz-f5mw-j7cb" }, { "vulnerability": "VCID-h7kh-2qm2-1fgu" }, { "vulnerability": "VCID-re78-z26g-ffen" }, { "vulnerability": "VCID-u5sb-ke8a-qkd2" }, { "vulnerability": "VCID-xq36-cxqj-h3hh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glib2.0@2.66.8-1%252Bdeb11u4" } ], "aliases": [ "CVE-2024-34397" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r5t7-nkkv-skhg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/68964?format=api", "vulnerability_id": "VCID-re78-z26g-ffen", "summary": "glib: Buffer Under-read on GLib through glib/gfileutils.c via get_tmp_file()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-7039.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-7039.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-7039", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13708", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13827", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13794", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13757", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14447", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14536", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14637", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14567", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-7039" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7039", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7039" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1110640", "reference_id": "1110640", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1110640" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392423", "reference_id": "2392423", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-03T13:47:11Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392423" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-7039", "reference_id": "CVE-2025-7039", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-03T13:47:11Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-7039" }, { "reference_url": "https://usn.ubuntu.com/7942-1/", "reference_id": "USN-7942-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7942-1/" }, { "reference_url": "https://usn.ubuntu.com/7942-2/", "reference_id": "USN-7942-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7942-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049204?format=api", "purl": "pkg:deb/debian/glib2.0@2.74.6-2%2Bdeb12u6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glib2.0@2.74.6-2%252Bdeb12u6" } ], "aliases": [ "CVE-2025-7039" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-re78-z26g-ffen" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/19049?format=api", "vulnerability_id": "VCID-tzt9-dtt8-bkfm", "summary": "Deserialization of Untrusted Data\nA flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32665.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32665.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32665", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17111", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.1717", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18629", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18724", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18633", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18779", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18496", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18576", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32665" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2211827", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-11-27T17:04:41Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2211827" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32665", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32665" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.gnome.org/GNOME/glib/-/issues/2121", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-11-27T17:04:41Z/" } ], "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/2121" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-32665", "reference_id": "CVE-2023-32665", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-11-27T17:04:41Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2023-32665" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-32665", "reference_id": "CVE-2023-32665", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-32665" }, { "reference_url": "https://security.gentoo.org/glsa/202311-18", "reference_id": "GLSA-202311-18", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-11-27T17:04:41Z/" } ], "url": "https://security.gentoo.org/glsa/202311-18" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00030.html", "reference_id": "msg00030.html", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-11-27T17:04:41Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00030.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240426-0006/", "reference_id": "ntap-20240426-0006", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-11-27T17:04:41Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240426-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6631", "reference_id": "RHSA-2023:6631", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6631" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2528", "reference_id": "RHSA-2024:2528", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2528" }, { "reference_url": "https://usn.ubuntu.com/6165-1/", "reference_id": "USN-6165-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6165-1/" }, { "reference_url": "https://usn.ubuntu.com/6165-2/", "reference_id": "USN-6165-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6165-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049203?format=api", "purl": "pkg:deb/debian/glib2.0@2.66.8-1%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6xng-bfkg-jfa4" }, { "vulnerability": "VCID-817e-zas3-6yf6" }, { "vulnerability": "VCID-a9dn-qcuy-f7cs" }, { "vulnerability": "VCID-cgcb-brxv-mqef" }, { "vulnerability": "VCID-dsah-jpwg-yfez" }, { "vulnerability": "VCID-gchd-ewt9-17dk" }, { "vulnerability": "VCID-gwaz-f5mw-j7cb" }, { "vulnerability": "VCID-h7kh-2qm2-1fgu" }, { "vulnerability": "VCID-re78-z26g-ffen" }, { "vulnerability": "VCID-u5sb-ke8a-qkd2" }, { "vulnerability": "VCID-xq36-cxqj-h3hh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glib2.0@2.66.8-1%252Bdeb11u4" } ], "aliases": [ "CVE-2023-32665" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tzt9-dtt8-bkfm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64861?format=api", "vulnerability_id": "VCID-u5sb-ke8a-qkd2", "summary": "Glib: Integer Overflow Leading to Buffer Underflow and Out-of-Bounds Write in GLib g_base64_encode()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1484.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1484.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-1484", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.0323", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03221", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04342", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04336", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04367", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04382", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04376", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04362", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-1484" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1484", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1484" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126551", "reference_id": "1126551", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126551" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433259", "reference_id": "2433259", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-27T15:11:56Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433259" }, { "reference_url": "https://gitlab.gnome.org/GNOME/glib/-/issues/3870", "reference_id": "3870", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-27T15:11:56Z/" } ], "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/3870" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2026-1484", "reference_id": "CVE-2026-1484", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-27T15:11:56Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2026-1484" }, { "reference_url": "https://usn.ubuntu.com/8017-1/", "reference_id": "USN-8017-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8017-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049204?format=api", "purl": "pkg:deb/debian/glib2.0@2.74.6-2%2Bdeb12u6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glib2.0@2.74.6-2%252Bdeb12u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059929?format=api", "purl": "pkg:deb/debian/glib2.0@2.74.6-2%2Bdeb12u9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glib2.0@2.74.6-2%252Bdeb12u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059930?format=api", "purl": "pkg:deb/debian/glib2.0@2.84.4-3~deb13u3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glib2.0@2.84.4-3~deb13u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026164?format=api", "purl": "pkg:deb/debian/glib2.0@2.88.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glib2.0@2.88.0-1" } ], "aliases": [ "CVE-2026-1484" ], "risk_score": 2.0, "exploitability": "0.5", "weighted_severity": "4.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u5sb-ke8a-qkd2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66061?format=api", "vulnerability_id": "VCID-xq36-cxqj-h3hh", "summary": "glib: Integer Overflow in GLib GIO Attribute Escaping Causes Heap Buffer Overflow", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14512.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14512.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14512", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15825", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15765", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15888", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.1568", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15828", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15803", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.21942", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.22001", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14512" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14512", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14512" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1122346", "reference_id": "1122346", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1122346" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2421339", "reference_id": "2421339", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:54:52Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2421339" }, { "reference_url": "https://gitlab.gnome.org/GNOME/glib/-/issues/3845", "reference_id": "3845", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:54:52Z/" } ], "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/3845" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1", "reference_id": "cpe:/a:redhat:hummingbird:1", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4", "reference_id": "cpe:/a:redhat:openshift:4", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-14512", "reference_id": "CVE-2025-14512", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:54:52Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-14512" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049204?format=api", "purl": "pkg:deb/debian/glib2.0@2.74.6-2%2Bdeb12u6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glib2.0@2.74.6-2%252Bdeb12u6" } ], "aliases": [ "CVE-2025-14512" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xq36-cxqj-h3hh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/19054?format=api", "vulnerability_id": "VCID-z2v6-3j7r-vkaj", "summary": "Uncontrolled Resource Consumption\nA flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29499.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29499.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29499", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.30963", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.31095", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.31142", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.3096", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.31016", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.31045", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.31051", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.31008", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29499" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2211828", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T15:23:31Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2211828" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29499", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29499" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.gnome.org/GNOME/glib/-/issues/2794", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T15:23:31Z/" } ], "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/2794" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-29499", "reference_id": "CVE-2023-29499", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T15:23:31Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2023-29499" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29499", "reference_id": "CVE-2023-29499", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29499" }, { "reference_url": "https://security.gentoo.org/glsa/202311-18", "reference_id": "GLSA-202311-18", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T15:23:31Z/" } ], "url": "https://security.gentoo.org/glsa/202311-18" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00030.html", "reference_id": "msg00030.html", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T15:23:31Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00030.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20231103-0001/", "reference_id": "ntap-20231103-0001", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T15:23:31Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20231103-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6631", "reference_id": "RHSA-2023:6631", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6631" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2528", "reference_id": "RHSA-2024:2528", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2528" }, { "reference_url": "https://usn.ubuntu.com/6165-1/", "reference_id": "USN-6165-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6165-1/" }, { "reference_url": "https://usn.ubuntu.com/6165-2/", "reference_id": "USN-6165-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6165-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049203?format=api", "purl": "pkg:deb/debian/glib2.0@2.66.8-1%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6xng-bfkg-jfa4" }, { "vulnerability": "VCID-817e-zas3-6yf6" }, { "vulnerability": "VCID-a9dn-qcuy-f7cs" }, { "vulnerability": "VCID-cgcb-brxv-mqef" }, { "vulnerability": "VCID-dsah-jpwg-yfez" }, { "vulnerability": "VCID-gchd-ewt9-17dk" }, { "vulnerability": "VCID-gwaz-f5mw-j7cb" }, { "vulnerability": "VCID-h7kh-2qm2-1fgu" }, { "vulnerability": "VCID-re78-z26g-ffen" }, { "vulnerability": "VCID-u5sb-ke8a-qkd2" }, { "vulnerability": "VCID-xq36-cxqj-h3hh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glib2.0@2.66.8-1%252Bdeb11u4" } ], "aliases": [ "CVE-2023-29499" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z2v6-3j7r-vkaj" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81681?format=api", "vulnerability_id": "VCID-7ck1-vwbt-9qhd", "summary": "glib: Mishandling of proxy_addr field in GSocketClient may lead to proxy being ignored", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6750.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6750.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6750", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.6904", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.69057", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.69079", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.69059", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.69109", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.69128", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.69151", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.69136", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.69106", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6750" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.gnome.org/GNOME/glib/issues/1989", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.gnome.org/GNOME/glib/issues/1989" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1790288", "reference_id": "1790288", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1790288" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948554", "reference_id": "948554", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948554" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6750", "reference_id": "CVE-2020-6750", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6750" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049202?format=api", "purl": "pkg:deb/debian/glib2.0@2.66.8-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4em6-3x32-ybcv" }, { "vulnerability": "VCID-6xng-bfkg-jfa4" }, { "vulnerability": "VCID-817e-zas3-6yf6" }, { "vulnerability": "VCID-a9dn-qcuy-f7cs" }, { "vulnerability": "VCID-cgcb-brxv-mqef" }, { "vulnerability": "VCID-damf-qan2-byfh" }, { "vulnerability": "VCID-dsah-jpwg-yfez" }, { "vulnerability": "VCID-gchd-ewt9-17dk" }, { "vulnerability": "VCID-gwaz-f5mw-j7cb" }, { "vulnerability": "VCID-h7kh-2qm2-1fgu" }, { "vulnerability": "VCID-r5t7-nkkv-skhg" }, { "vulnerability": "VCID-re78-z26g-ffen" }, { "vulnerability": "VCID-tzt9-dtt8-bkfm" }, { "vulnerability": "VCID-u5sb-ke8a-qkd2" }, { "vulnerability": "VCID-xq36-cxqj-h3hh" }, { "vulnerability": "VCID-z2v6-3j7r-vkaj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glib2.0@2.66.8-1" } ], "aliases": [ "CVE-2020-6750" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7ck1-vwbt-9qhd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46201?format=api", "vulnerability_id": "VCID-bfyu-jryn-eyak", "summary": "Multiple vulnerabilities have been found in GLib, the worst of\n which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28153.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28153.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28153", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00574", "scoring_system": "epss", "scoring_elements": "0.68647", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00574", "scoring_system": "epss", "scoring_elements": "0.68661", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00574", "scoring_system": "epss", "scoring_elements": "0.68684", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00574", "scoring_system": "epss", "scoring_elements": "0.68712", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00574", "scoring_system": "epss", "scoring_elements": "0.6873", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00574", "scoring_system": "epss", "scoring_elements": "0.68753", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00574", "scoring_system": "epss", "scoring_elements": "0.68665", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00749", "scoring_system": "epss", "scoring_elements": "0.73116", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00749", "scoring_system": "epss", "scoring_elements": "0.73123", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28153" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28153", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28153" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.gnome.org/GNOME/glib/-/issues/2325", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/2325" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1938291", "reference_id": "1938291", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1938291" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984969", "reference_id": "984969", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984969" }, { "reference_url": "https://security.archlinux.org/AVG-1680", "reference_id": "AVG-1680", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1680" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28153", "reference_id": "CVE-2021-28153", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28153" }, { "reference_url": "https://security.gentoo.org/glsa/202107-13", "reference_id": "GLSA-202107-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202107-13" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4385", "reference_id": "RHSA-2021:4385", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4385" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8418", "reference_id": "RHSA-2022:8418", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8418" }, { "reference_url": "https://usn.ubuntu.com/4764-1/", "reference_id": "USN-4764-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4764-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049202?format=api", "purl": "pkg:deb/debian/glib2.0@2.66.8-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4em6-3x32-ybcv" }, { "vulnerability": "VCID-6xng-bfkg-jfa4" }, { "vulnerability": "VCID-817e-zas3-6yf6" }, { "vulnerability": "VCID-a9dn-qcuy-f7cs" }, { "vulnerability": "VCID-cgcb-brxv-mqef" }, { "vulnerability": "VCID-damf-qan2-byfh" }, { "vulnerability": "VCID-dsah-jpwg-yfez" }, { "vulnerability": "VCID-gchd-ewt9-17dk" }, { "vulnerability": "VCID-gwaz-f5mw-j7cb" }, { "vulnerability": "VCID-h7kh-2qm2-1fgu" }, { "vulnerability": "VCID-r5t7-nkkv-skhg" }, { "vulnerability": "VCID-re78-z26g-ffen" }, { "vulnerability": "VCID-tzt9-dtt8-bkfm" }, { "vulnerability": "VCID-u5sb-ke8a-qkd2" }, { "vulnerability": "VCID-xq36-cxqj-h3hh" }, { "vulnerability": "VCID-z2v6-3j7r-vkaj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glib2.0@2.66.8-1" } ], "aliases": [ "CVE-2021-28153" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bfyu-jryn-eyak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46200?format=api", "vulnerability_id": "VCID-ca52-wfc7-2ubd", "summary": "Multiple vulnerabilities have been found in GLib, the worst of\n which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-27219.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-27219.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-27219", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01367", "scoring_system": "epss", "scoring_elements": "0.80199", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01367", "scoring_system": "epss", "scoring_elements": "0.80204", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02131", "scoring_system": "epss", "scoring_elements": "0.84107", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02131", "scoring_system": "epss", "scoring_elements": "0.84121", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02131", "scoring_system": "epss", "scoring_elements": "0.84139", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02131", "scoring_system": "epss", "scoring_elements": "0.8414", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02131", "scoring_system": "epss", "scoring_elements": "0.84162", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02131", "scoring_system": "epss", "scoring_elements": "0.84168", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02131", "scoring_system": "epss", "scoring_elements": "0.84186", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-27219" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27219", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27219" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.gnome.org/GNOME/glib/-/issues/2319", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/2319" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1929858", "reference_id": "1929858", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1929858" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982778", "reference_id": "982778", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982778" }, { "reference_url": "https://security.archlinux.org/AVG-1574", "reference_id": "AVG-1574", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1574" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-27219", "reference_id": "CVE-2021-27219", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-27219" }, { "reference_url": "https://security.gentoo.org/glsa/202107-13", "reference_id": "GLSA-202107-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202107-13" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2147", "reference_id": "RHSA-2021:2147", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2147" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2170", "reference_id": "RHSA-2021:2170", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2170" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2171", "reference_id": "RHSA-2021:2171", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2171" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2172", "reference_id": "RHSA-2021:2172", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2172" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2173", "reference_id": "RHSA-2021:2173", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2173" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2174", "reference_id": "RHSA-2021:2174", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2174" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2175", "reference_id": "RHSA-2021:2175", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2175" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2203", "reference_id": "RHSA-2021:2203", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2203" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2204", "reference_id": "RHSA-2021:2204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2467", "reference_id": "RHSA-2021:2467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2467" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2519", "reference_id": "RHSA-2021:2519", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2519" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2522", "reference_id": "RHSA-2021:2522", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2522" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4526", "reference_id": "RHSA-2021:4526", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4526" }, { "reference_url": "https://usn.ubuntu.com/4759-1/", "reference_id": "USN-4759-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4759-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049202?format=api", "purl": "pkg:deb/debian/glib2.0@2.66.8-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4em6-3x32-ybcv" }, { "vulnerability": "VCID-6xng-bfkg-jfa4" }, { "vulnerability": "VCID-817e-zas3-6yf6" }, { "vulnerability": "VCID-a9dn-qcuy-f7cs" }, { "vulnerability": "VCID-cgcb-brxv-mqef" }, { "vulnerability": "VCID-damf-qan2-byfh" }, { "vulnerability": "VCID-dsah-jpwg-yfez" }, { "vulnerability": "VCID-gchd-ewt9-17dk" }, { "vulnerability": "VCID-gwaz-f5mw-j7cb" }, { "vulnerability": "VCID-h7kh-2qm2-1fgu" }, { "vulnerability": "VCID-r5t7-nkkv-skhg" }, { "vulnerability": "VCID-re78-z26g-ffen" }, { "vulnerability": "VCID-tzt9-dtt8-bkfm" }, { "vulnerability": "VCID-u5sb-ke8a-qkd2" }, { "vulnerability": "VCID-xq36-cxqj-h3hh" }, { "vulnerability": "VCID-z2v6-3j7r-vkaj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glib2.0@2.66.8-1" } ], "aliases": [ "CVE-2021-27219" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ca52-wfc7-2ubd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80542?format=api", "vulnerability_id": "VCID-khtv-um6m-pkad", "summary": "glib2: Possible privilege escalation thourgh pkexec and aliases", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3800.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3800.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3800", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.1965", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19788", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.1984", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19562", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19642", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19694", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19698", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19649", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19591", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3800" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.gnome.org/GNOME/glib/-/commit/3529bb4450a51995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.gnome.org/GNOME/glib/-/commit/3529bb4450a51995" }, { "reference_url": "https://www.openwall.com/lists/oss-security/2017/06/23/8", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.openwall.com/lists/oss-security/2017/06/23/8" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1938284", "reference_id": "1938284", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1938284" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2021-3800", "reference_id": "CVE-2021-3800", "reference_type": "", "scores": [], "url": "https://access.redhat.com/security/cve/CVE-2021-3800" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3800", "reference_id": "CVE-2021-3800", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3800" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4385", "reference_id": "RHSA-2021:4385", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4385" }, { "reference_url": "https://usn.ubuntu.com/5189-1/", "reference_id": "USN-5189-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5189-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049202?format=api", "purl": "pkg:deb/debian/glib2.0@2.66.8-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4em6-3x32-ybcv" }, { "vulnerability": "VCID-6xng-bfkg-jfa4" }, { "vulnerability": "VCID-817e-zas3-6yf6" }, { "vulnerability": "VCID-a9dn-qcuy-f7cs" }, { "vulnerability": "VCID-cgcb-brxv-mqef" }, { "vulnerability": "VCID-damf-qan2-byfh" }, { "vulnerability": "VCID-dsah-jpwg-yfez" }, { "vulnerability": "VCID-gchd-ewt9-17dk" }, { "vulnerability": "VCID-gwaz-f5mw-j7cb" }, { "vulnerability": "VCID-h7kh-2qm2-1fgu" }, { "vulnerability": "VCID-r5t7-nkkv-skhg" }, { "vulnerability": "VCID-re78-z26g-ffen" }, { "vulnerability": "VCID-tzt9-dtt8-bkfm" }, { "vulnerability": "VCID-u5sb-ke8a-qkd2" }, { "vulnerability": "VCID-xq36-cxqj-h3hh" }, { "vulnerability": "VCID-z2v6-3j7r-vkaj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glib2.0@2.66.8-1" } ], "aliases": [ "CVE-2021-3800" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-khtv-um6m-pkad" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82450?format=api", "vulnerability_id": "VCID-p6zn-nqaf-wfa7", "summary": "glib2: insecure permissions for files and directories", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13012.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13012.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13012", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00826", "scoring_system": "epss", "scoring_elements": "0.74464", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00842", "scoring_system": "epss", "scoring_elements": "0.74688", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00842", "scoring_system": "epss", "scoring_elements": "0.74691", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00842", "scoring_system": "epss", "scoring_elements": "0.74718", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00842", "scoring_system": "epss", "scoring_elements": "0.74724", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00842", "scoring_system": "epss", "scoring_elements": "0.74738", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00842", "scoring_system": "epss", "scoring_elements": "0.74761", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00842", "scoring_system": "epss", "scoring_elements": "0.7474", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13012" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1728632", "reference_id": "1728632", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1728632" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931234", "reference_id": "931234", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931234" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1586", "reference_id": "RHSA-2021:1586", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1586" }, { "reference_url": "https://usn.ubuntu.com/4049-1/", "reference_id": "USN-4049-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4049-1/" }, { "reference_url": "https://usn.ubuntu.com/4049-2/", "reference_id": "USN-4049-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4049-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049202?format=api", "purl": "pkg:deb/debian/glib2.0@2.66.8-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4em6-3x32-ybcv" }, { "vulnerability": "VCID-6xng-bfkg-jfa4" }, { "vulnerability": "VCID-817e-zas3-6yf6" }, { "vulnerability": "VCID-a9dn-qcuy-f7cs" }, { "vulnerability": "VCID-cgcb-brxv-mqef" }, { "vulnerability": "VCID-damf-qan2-byfh" }, { "vulnerability": "VCID-dsah-jpwg-yfez" }, { "vulnerability": "VCID-gchd-ewt9-17dk" }, { "vulnerability": "VCID-gwaz-f5mw-j7cb" }, { "vulnerability": "VCID-h7kh-2qm2-1fgu" }, { "vulnerability": "VCID-r5t7-nkkv-skhg" }, { "vulnerability": "VCID-re78-z26g-ffen" }, { "vulnerability": "VCID-tzt9-dtt8-bkfm" }, { "vulnerability": "VCID-u5sb-ke8a-qkd2" }, { "vulnerability": "VCID-xq36-cxqj-h3hh" }, { "vulnerability": "VCID-z2v6-3j7r-vkaj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glib2.0@2.66.8-1" } ], "aliases": [ "CVE-2019-13012" ], "risk_score": 2.0, "exploitability": "0.5", "weighted_severity": "4.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p6zn-nqaf-wfa7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46199?format=api", "vulnerability_id": "VCID-syjs-4vtj-4bcb", "summary": "Multiple vulnerabilities have been found in GLib, the worst of\n which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-27218.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-27218.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-27218", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05212", "scoring_system": "epss", "scoring_elements": "0.89898", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05212", "scoring_system": "epss", "scoring_elements": "0.89947", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.05212", "scoring_system": "epss", "scoring_elements": "0.89941", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05212", "scoring_system": "epss", "scoring_elements": "0.89949", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.05212", "scoring_system": "epss", "scoring_elements": "0.89901", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05212", "scoring_system": "epss", "scoring_elements": "0.89913", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05212", "scoring_system": "epss", "scoring_elements": "0.89919", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05212", "scoring_system": "epss", "scoring_elements": "0.89936", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-27218" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27218", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27218" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.gnome.org/GNOME/glib/-/merge_requests/1942", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.gnome.org/GNOME/glib/-/merge_requests/1942" }, { "reference_url": "https://gitlab.gnome.org/GNOME/glib/-/merge_requests/1944", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.gnome.org/GNOME/glib/-/merge_requests/1944" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1929847", "reference_id": "1929847", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1929847" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982779", "reference_id": "982779", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982779" }, { "reference_url": "https://security.archlinux.org/AVG-1575", "reference_id": "AVG-1575", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1575" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-27218", "reference_id": "CVE-2021-27218", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-27218" }, { "reference_url": "https://security.gentoo.org/glsa/202107-13", "reference_id": "GLSA-202107-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202107-13" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3058", "reference_id": "RHSA-2021:3058", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3058" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4526", "reference_id": "RHSA-2021:4526", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4526" }, { "reference_url": "https://usn.ubuntu.com/4759-1/", "reference_id": "USN-4759-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4759-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049202?format=api", "purl": "pkg:deb/debian/glib2.0@2.66.8-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4em6-3x32-ybcv" }, { "vulnerability": "VCID-6xng-bfkg-jfa4" }, { "vulnerability": "VCID-817e-zas3-6yf6" }, { "vulnerability": "VCID-a9dn-qcuy-f7cs" }, { "vulnerability": "VCID-cgcb-brxv-mqef" }, { "vulnerability": "VCID-damf-qan2-byfh" }, { "vulnerability": "VCID-dsah-jpwg-yfez" }, { "vulnerability": "VCID-gchd-ewt9-17dk" }, { "vulnerability": "VCID-gwaz-f5mw-j7cb" }, { "vulnerability": "VCID-h7kh-2qm2-1fgu" }, { "vulnerability": "VCID-r5t7-nkkv-skhg" }, { "vulnerability": "VCID-re78-z26g-ffen" }, { "vulnerability": "VCID-tzt9-dtt8-bkfm" }, { "vulnerability": "VCID-u5sb-ke8a-qkd2" }, { "vulnerability": "VCID-xq36-cxqj-h3hh" }, { "vulnerability": "VCID-z2v6-3j7r-vkaj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glib2.0@2.66.8-1" } ], "aliases": [ "CVE-2021-27218" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-syjs-4vtj-4bcb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78781?format=api", "vulnerability_id": "VCID-t8h7-hah9-bkaw", "summary": "gvdb: use after free issue was fixed in gvdb_table_write_contents_async()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25085.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25085.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25085", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67476", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67512", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67533", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67511", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67563", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67577", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67599", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67586", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67553", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25085" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25085", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25085" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156440", "reference_id": "2156440", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156440" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049202?format=api", "purl": "pkg:deb/debian/glib2.0@2.66.8-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4em6-3x32-ybcv" }, { "vulnerability": "VCID-6xng-bfkg-jfa4" }, { "vulnerability": "VCID-817e-zas3-6yf6" }, { "vulnerability": "VCID-a9dn-qcuy-f7cs" }, { "vulnerability": "VCID-cgcb-brxv-mqef" }, { "vulnerability": "VCID-damf-qan2-byfh" }, { "vulnerability": "VCID-dsah-jpwg-yfez" }, { "vulnerability": "VCID-gchd-ewt9-17dk" }, { "vulnerability": "VCID-gwaz-f5mw-j7cb" }, { "vulnerability": "VCID-h7kh-2qm2-1fgu" }, { "vulnerability": "VCID-r5t7-nkkv-skhg" }, { "vulnerability": "VCID-re78-z26g-ffen" }, { "vulnerability": "VCID-tzt9-dtt8-bkfm" }, { "vulnerability": "VCID-u5sb-ke8a-qkd2" }, { "vulnerability": "VCID-xq36-cxqj-h3hh" }, { "vulnerability": "VCID-z2v6-3j7r-vkaj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glib2.0@2.66.8-1" } ], "aliases": [ "CVE-2019-25085" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t8h7-hah9-bkaw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94573?format=api", "vulnerability_id": "VCID-tmff-7vrs-sqfx", "summary": "GNOME GLib before 2.65.3 has an integer overflow, that might lead to an out-of-bounds write, in g_option_group_add_entries. NOTE: the vendor's position is \"Realistically this is not a security issue. The standard pattern is for callers to provide a static list of option entries in a fixed number of calls to g_option_group_add_entries().\" The researcher states that this pattern is undocumented", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-35457", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40773", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40857", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40884", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.4081", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40858", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40865", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40883", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40848", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40829", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-35457" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35457", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35457" }, { "reference_url": "https://gitlab.gnome.org/GNOME/glib/-/commit/63c5b62f0a984fac9a9700b12f54fe878e016a5d", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.gnome.org/GNOME/glib/-/commit/63c5b62f0a984fac9a9700b12f54fe878e016a5d" }, { "reference_url": "https://gitlab.gnome.org/GNOME/glib/-/issues/2197", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/2197" }, { "reference_url": "https://gitlab.gnome.org/GNOME/glib/-/releases/2.65.3", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.gnome.org/GNOME/glib/-/releases/2.65.3" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35457", "reference_id": "CVE-2020-35457", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35457" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049202?format=api", "purl": "pkg:deb/debian/glib2.0@2.66.8-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4em6-3x32-ybcv" }, { "vulnerability": "VCID-6xng-bfkg-jfa4" }, { "vulnerability": "VCID-817e-zas3-6yf6" }, { "vulnerability": "VCID-a9dn-qcuy-f7cs" }, { "vulnerability": "VCID-cgcb-brxv-mqef" }, { "vulnerability": "VCID-damf-qan2-byfh" }, { "vulnerability": "VCID-dsah-jpwg-yfez" }, { "vulnerability": "VCID-gchd-ewt9-17dk" }, { "vulnerability": "VCID-gwaz-f5mw-j7cb" }, { "vulnerability": "VCID-h7kh-2qm2-1fgu" }, { "vulnerability": "VCID-r5t7-nkkv-skhg" }, { "vulnerability": "VCID-re78-z26g-ffen" }, { "vulnerability": "VCID-tzt9-dtt8-bkfm" }, { "vulnerability": "VCID-u5sb-ke8a-qkd2" }, { "vulnerability": "VCID-xq36-cxqj-h3hh" }, { "vulnerability": "VCID-z2v6-3j7r-vkaj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glib2.0@2.66.8-1" } ], "aliases": [ "CVE-2020-35457" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tmff-7vrs-sqfx" } ], "risk_score": "3.5", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glib2.0@2.66.8-1" }