Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1049672?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1049672?format=api", "purl": "pkg:deb/debian/unbound@1.17.1-2%2Bdeb12u4", "type": "deb", "namespace": "debian", "name": "unbound", "version": "1.17.1-2+deb12u4", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/73716?format=api", "vulnerability_id": "VCID-4etu-cddt-sbfm", "summary": "unbound: Unbounded name compression could lead to Denial of Service", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8508.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8508.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8508", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00228", "scoring_system": "epss", "scoring_elements": "0.45542", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00228", "scoring_system": "epss", "scoring_elements": "0.45547", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00228", "scoring_system": "epss", "scoring_elements": "0.45595", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00228", "scoring_system": "epss", "scoring_elements": "0.45591", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00228", "scoring_system": "epss", "scoring_elements": "0.45527", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00228", "scoring_system": "epss", "scoring_elements": "0.45549", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00228", "scoring_system": "epss", "scoring_elements": "0.45495", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00228", "scoring_system": "epss", "scoring_elements": "0.4555", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00228", "scoring_system": "epss", "scoring_elements": "0.45551", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00228", "scoring_system": "epss", "scoring_elements": "0.45571", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00228", "scoring_system": "epss", "scoring_elements": "0.4554", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8508" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1083282", "reference_id": "1083282", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1083282" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316321", "reference_id": "2316321", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316321" }, { "reference_url": "https://www.nlnetlabs.nl/downloads/unbound/CVE-2024-8508.txt", "reference_id": "CVE-2024-8508.txt", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T17:11:45Z/" } ], "url": "https://www.nlnetlabs.nl/downloads/unbound/CVE-2024-8508.txt" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11170", "reference_id": "RHSA-2024:11170", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11170" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11232", "reference_id": "RHSA-2024:11232", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11232" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0140", "reference_id": "RHSA-2025:0140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0837", "reference_id": "RHSA-2025:0837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1120", "reference_id": "RHSA-2025:1120", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8047", "reference_id": "RHSA-2025:8047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8197", "reference_id": "RHSA-2025:8197", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8197" }, { "reference_url": "https://usn.ubuntu.com/7080-1/", "reference_id": "USN-7080-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7080-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049672?format=api", "purl": "pkg:deb/debian/unbound@1.17.1-2%2Bdeb12u4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.17.1-2%252Bdeb12u4" } ], "aliases": [ "CVE-2024-8508" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4etu-cddt-sbfm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/68620?format=api", "vulnerability_id": "VCID-4sax-ynvh-abed", "summary": "unbound: Unbound Cache poisoning", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5994.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5994.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5994", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20188", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20048", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20243", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19969", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20107", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.21878", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.21934", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.21877", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.21884", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.21845", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.21974", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5994" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5994", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5994" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109427", "reference_id": "1109427", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109427" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380949", "reference_id": "2380949", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380949" }, { "reference_url": "https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt", "reference_id": "CVE-2025-5994.txt", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/R:U/V:C" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-16T15:42:14Z/" } ], "url": "https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11849", "reference_id": "RHSA-2025:11849", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11849" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11884", "reference_id": "RHSA-2025:11884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12064", "reference_id": "RHSA-2025:12064", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12064" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12416", "reference_id": "RHSA-2025:12416", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12416" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12520", "reference_id": "RHSA-2025:12520", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12520" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12523", "reference_id": "RHSA-2025:12523", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12523" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12929", "reference_id": "RHSA-2025:12929", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12929" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13575", "reference_id": "RHSA-2025:13575", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13575" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13576", "reference_id": "RHSA-2025:13576", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13576" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13577", "reference_id": "RHSA-2025:13577", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13577" }, { "reference_url": "https://usn.ubuntu.com/7666-1/", "reference_id": "USN-7666-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7666-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049672?format=api", "purl": "pkg:deb/debian/unbound@1.17.1-2%2Bdeb12u4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.17.1-2%252Bdeb12u4" } ], "aliases": [ "CVE-2025-5994" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4sax-ynvh-abed" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74433?format=api", "vulnerability_id": "VCID-b7b8-guvx-3bhy", "summary": "unbound: Heap-Buffer-Overflow in Unbound", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43168.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43168.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43168", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24634", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26035", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.25927", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.25946", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.25941", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26045", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26109", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26149", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.25915", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.25983", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43168" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43168", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43168" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/NLnetLabs/unbound/issues/1039", "reference_id": "1039", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-09T19:19:04Z/" } ], "url": "https://github.com/NLnetLabs/unbound/issues/1039" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303462", "reference_id": "2303462", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-09T19:19:04Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303462" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4", "reference_id": "cpe:/a:redhat:openshift:4", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:16.2", "reference_id": "cpe:/a:redhat:openstack:16.2", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:16.2" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:17.1", "reference_id": "cpe:/a:redhat:openstack:17.1", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:17.1" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:18.0", "reference_id": "cpe:/a:redhat:openstack:18.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:18.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2024-43168", "reference_id": "CVE-2024-43168", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-09T19:19:04Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2024-43168" }, { "reference_url": "https://github.com/NLnetLabs/unbound/pull/1040/files", "reference_id": "files", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-09T19:19:04Z/" } ], "url": "https://github.com/NLnetLabs/unbound/pull/1040/files" }, { "reference_url": "https://usn.ubuntu.com/6998-1/", "reference_id": "USN-6998-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6998-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049672?format=api", "purl": "pkg:deb/debian/unbound@1.17.1-2%2Bdeb12u4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.17.1-2%252Bdeb12u4" } ], "aliases": [ "CVE-2024-43168" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b7b8-guvx-3bhy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76421?format=api", "vulnerability_id": "VCID-cjha-wacb-mqds", "summary": "unbound: DNSBomb vulnerability", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33655.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33655.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-33655", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03625", "scoring_system": "epss", "scoring_elements": "0.87829", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03922", "scoring_system": "epss", "scoring_elements": "0.88308", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03922", "scoring_system": "epss", "scoring_elements": "0.88263", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03922", "scoring_system": "epss", "scoring_elements": "0.88278", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03922", "scoring_system": "epss", "scoring_elements": "0.88303", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03922", "scoring_system": "epss", "scoring_elements": "0.88319", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03922", "scoring_system": "epss", "scoring_elements": "0.88321", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03922", "scoring_system": "epss", "scoring_elements": "0.88324", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03922", "scoring_system": "epss", "scoring_elements": "0.88311", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03922", "scoring_system": "epss", "scoring_elements": "0.88283", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-33655" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33655", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33655" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.isc.org/blogs/2024-dnsbomb/", "reference_id": "2024-dnsbomb", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T18:13:28Z/" } ], "url": "https://www.isc.org/blogs/2024-dnsbomb/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279942", "reference_id": "2279942", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279942" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3TBXPRJ2Q235YUZKYDRWOSYNDFBJQWJ3/", "reference_id": "3TBXPRJ2Q235YUZKYDRWOSYNDFBJQWJ3", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T18:13:28Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3TBXPRJ2Q235YUZKYDRWOSYNDFBJQWJ3/" }, { "reference_url": "https://gitlab.isc.org/isc-projects/bind9/-/issues/4398", "reference_id": "4398", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T18:13:28Z/" } ], "url": "https://gitlab.isc.org/isc-projects/bind9/-/issues/4398" }, { "reference_url": "https://sp2024.ieee-security.org/accepted-papers.html", "reference_id": "accepted-papers.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T18:13:28Z/" } ], "url": "https://sp2024.ieee-security.org/accepted-papers.html" }, { "reference_url": "https://alas.aws.amazon.com/ALAS-2024-1934.html", "reference_id": "ALAS-2024-1934.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T18:13:28Z/" } ], "url": "https://alas.aws.amazon.com/ALAS-2024-1934.html" }, { "reference_url": "https://github.com/NLnetLabs/unbound/commit/c3206f4568f60c486be6d165b1f2b5b254fea3de", "reference_id": "c3206f4568f60c486be6d165b1f2b5b254fea3de", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T18:13:28Z/" } ], "url": "https://github.com/NLnetLabs/unbound/commit/c3206f4568f60c486be6d165b1f2b5b254fea3de" }, { "reference_url": "https://github.com/TechnitiumSoftware/DnsServer/blob/master/CHANGELOG.md#version-120", "reference_id": "CHANGELOG.md#version-120", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T18:13:28Z/" } ], "url": "https://github.com/TechnitiumSoftware/DnsServer/blob/master/CHANGELOG.md#version-120" }, { "reference_url": "https://nlnetlabs.nl/downloads/unbound/CVE-2024-33655.txt", "reference_id": "CVE-2024-33655.txt", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T18:13:28Z/" } ], "url": "https://nlnetlabs.nl/downloads/unbound/CVE-2024-33655.txt" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QITY2QBX2OCBTZIXD2A5ES62STFIA4AL/", "reference_id": "QITY2QBX2OCBTZIXD2A5ES62STFIA4AL", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T18:13:28Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QITY2QBX2OCBTZIXD2A5ES62STFIA4AL/" }, { "reference_url": "https://meterpreter.org/researchers-uncover-dnsbomb-a-new-pdos-attack-exploiting-legitimate-dns-features/", "reference_id": "researchers-uncover-dnsbomb-a-new-pdos-attack-exploiting-legitimate-dns-features", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T18:13:28Z/" } ], "url": "https://meterpreter.org/researchers-uncover-dnsbomb-a-new-pdos-attack-exploiting-legitimate-dns-features/" }, { "reference_url": "https://datatracker.ietf.org/doc/html/rfc1035", "reference_id": "rfc1035", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T18:13:28Z/" } ], "url": "https://datatracker.ietf.org/doc/html/rfc1035" }, { "reference_url": "https://nlnetlabs.nl/projects/unbound/security-advisories/", "reference_id": "security-advisories", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T18:13:28Z/" } ], "url": "https://nlnetlabs.nl/projects/unbound/security-advisories/" }, { "reference_url": "https://usn.ubuntu.com/6791-1/", "reference_id": "USN-6791-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6791-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049672?format=api", "purl": "pkg:deb/debian/unbound@1.17.1-2%2Bdeb12u4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.17.1-2%252Bdeb12u4" } ], "aliases": [ "CVE-2024-33655" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cjha-wacb-mqds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66759?format=api", "vulnerability_id": "VCID-pc5g-wqzg-rfhu", "summary": "unbound: Unbound domain hijacking via promiscuous records", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11411.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11411.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11411", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21928", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21764", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21851", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21793", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.218", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21981", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21745", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21823", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21879", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.2189", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11411" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11411", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11411" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2405706", "reference_id": "2405706", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2405706" }, { "reference_url": "https://www.nlnetlabs.nl/downloads/unbound/CVE-2025-11411.txt", "reference_id": "CVE-2025-11411.txt", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:H/E:P" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-22T13:20:48Z/" } ], "url": "https://www.nlnetlabs.nl/downloads/unbound/CVE-2025-11411.txt" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7645", "reference_id": "RHSA-2026:7645", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7645" }, { "reference_url": "https://usn.ubuntu.com/7855-1/", "reference_id": "USN-7855-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7855-1/" }, { "reference_url": "https://usn.ubuntu.com/7855-2/", "reference_id": "USN-7855-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7855-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049672?format=api", "purl": "pkg:deb/debian/unbound@1.17.1-2%2Bdeb12u4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.17.1-2%252Bdeb12u4" } ], "aliases": [ "CVE-2025-11411" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pc5g-wqzg-rfhu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74432?format=api", "vulnerability_id": "VCID-zjjk-kfsd-e7ck", "summary": "unbound: NULL Pointer Dereference in Unbound", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43167.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43167.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43167", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06508", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.072", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07091", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07114", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07177", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07187", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07198", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.0709", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07139", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07116", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07169", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43167" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43167", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43167" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/NLnetLabs/unbound/issues/1072", "reference_id": "1072", "reference_type": "", "scores": [ { "value": "2.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-09T12:53:54Z/" } ], "url": "https://github.com/NLnetLabs/unbound/issues/1072" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078647", "reference_id": "1078647", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078647" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303456", "reference_id": "2303456", "reference_type": "", "scores": [ { "value": "2.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-09T12:53:54Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303456" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4", "reference_id": "cpe:/a:redhat:openshift:4", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:16.2", "reference_id": "cpe:/a:redhat:openstack:16.2", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:16.2" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:17.1", "reference_id": "cpe:/a:redhat:openstack:17.1", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:17.1" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:18.0", "reference_id": "cpe:/a:redhat:openstack:18.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:18.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2024-43167", "reference_id": "CVE-2024-43167", "reference_type": "", "scores": [ { "value": "2.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-09T12:53:54Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2024-43167" }, { "reference_url": "https://github.com/NLnetLabs/unbound/pull/1073/files", "reference_id": "files", "reference_type": "", "scores": [ { "value": "2.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-09T12:53:54Z/" } ], "url": "https://github.com/NLnetLabs/unbound/pull/1073/files" }, { "reference_url": "https://usn.ubuntu.com/6998-1/", "reference_id": "USN-6998-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6998-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049672?format=api", "purl": "pkg:deb/debian/unbound@1.17.1-2%2Bdeb12u4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.17.1-2%252Bdeb12u4" } ], "aliases": [ "CVE-2024-43167" ], "risk_score": 1.2, "exploitability": "0.5", "weighted_severity": "2.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zjjk-kfsd-e7ck" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.17.1-2%252Bdeb12u4" }